Juniper “Hidden” Commands

This page contains some “hidden” commands that are either not documented or hard to find for Juniper devices. This is not an exhaustive list, these are commands that I have come across while troubleshooting various issues. If you come across any others please leave a comment or contact me and I would be happy to add to this list.

These commands may not be officially supported by Juniper and may result in unexpected behavior, use with caution!

Interfaces

These are all interface related commands.

Soft reset SFP/QSFP interfaces

This is assuming the interface to reset is xe-0/0/39:

start shell pfe network fpc0
set cmqfx cxvr remove pic 0 port 39
set cmqfx cxvr insert pic 0 port 39

Source: Juniper KB – [QFX] How to perform a soft reset on a SFP/QSFP

SFP List

Show a list of SFP’s and some general information:

start shell pfe network fpc0
show sfp list

Example output (from an EX4600):

{master:0}
me@device> start shell pfe network fpc0


TOR platform (1500 Mhz Pentium processor, 511MB memory, 0KB flash)

TFXPC0(device vty)# show sfp list
SFP Toolkit summary:
  wakeup count: 42974823, debug: 0, periodic enabled: 1, diagnostics enabled: 1
  thread: 0x21bf5fe0, itable: 0x21be3880, itable iterator: 0, sem: 0x21c75db0
  polling interval delay:  1000 ms, polling max cpu:  100 ms
  poll for diags every  3 wakeups , SFPs polled for diags last time:  0
  last periodic CPU time:    1 ms, maximum periodic CPU time:   4756 ms
  max SFPs to poll per interval: 8
SFP Toolkit syslog throttling parameters:
  period: 120 samples , disable threshold:  10, enable threshold   0
  SFP periodic diagnostics polling count:     8

                                                                         diag
Index   Name             Presence     ID Eprom  PNO         SNO          calibr   Toxic
-----   --------------   ----------   --------  ----------  ----------- -------  -------
    1     sfp-0/0/0(0)      Present   Complete  740-031981  F17AJU06313     int    Unknown
    2     sfp-0/0/1(1)      Present   Complete  740-031981  F17AJU06312     int    Unknown
    3     sfp-0/0/2(2)      Present   Complete  740-031981  F17AJU06311     int    Unknown
    4     sfp-0/0/3(3)      Present   Complete  740-031981  F17AJU06306     int    Unknown
    5     sfp-0/0/4(4)      Present   Complete  740-031981  F17CCO05675     int    Unknown
    6     sfp-0/0/5(5)      Present   Complete  740-031981  F17AJU06305     int    Unknown
    7     sfp-0/0/6(6)      Present   Complete  740-031981  F17AJU06309     int    Unknown
    8     sfp-0/0/7(7)      Present   Complete  740-031981  F17AJU06278     int    Unknown
    9     sfp-0/0/8(8)      Present   Complete  740-031981  F17AJU06308     int    Unknown
   10     sfp-0/0/9(9)      Present   Complete  740-031981  F17AJU06262     int    Unknown
   11   sfp-0/0/10(10)      Present   Complete  740-031981  F17AJU06307     int    Unknown
   12   sfp-0/0/11(11)      Present   Complete  740-031981  F17AJU06263     int    Unknown
   13   sfp-0/0/12(12)      Present   Complete  740-031981  V2841100032     int    Unknown
   14   sfp-0/0/13(13)      Present   Complete  740-031981  V2841100038     int    Unknown
   15   sfp-0/0/14(14)      Present   Complete  740-031981  F17CCO06223     int    Unknown
   16   sfp-0/0/15(15)      Present   Complete  740-031981  F17CCO06226     int    Unknown
   17   sfp-0/0/16(16)      Present   Complete  740-031981  F17CCO05676     int    Unknown
   18   sfp-0/0/17(17)      Present   Complete  740-031981  F17CCO06222     int    Unknown
   19   sfp-0/0/18(18)      Present   Complete  740-031981  F17CCO06225     int    Unknown
   20   sfp-0/0/19(19)      Present   Complete  740-031981  F17CCO06224     int    Unknown
   21   sfp-0/0/20(20)      Present   Complete  740-031981  F17CCO06221     int    Unknown
   22   sfp-0/0/21(21)      Present   Complete  740-031981  F17CCO05674     int    Unknown
   23   sfp-0/0/22(22)      Present   Complete  740-031981  F175IN00363     int    Unknown
   24   sfp-0/0/23(23)      Present   Complete  NON-JNPR  F2011011210     int    Unknown

I2C Acceleration table
Index   Name             Presence     ID Eprom     Reg ID    I2C Master    I2C Group
-----   --------------   ----------   --------    --------    ------------   -------

TFXPC0(device vty)#

Source: Juniper KB – [MX] How to check whether an SFP+ is NEBS compliant or not

Show SFP Information

Similar to above, to get specific information for a SFP interface (SFP 1 in this case):

start shell pfe network fpc0
show sfp 1 info

Example output:

{master:0}
me@device> start shell pfe network fpc0


TOR platform (1500 Mhz Pentium processor, 511MB memory, 0KB flash)

TFXPC0(device vty)# show sfp 1 info
  index:                  0x01
  sfp name:               sfp-0/0/0
  pic context:            0x22a35af8
  id mem scanned:         true
  linkstate:              Up
  sfp_present:            true
  sfp_changed:            false
  i2c failure count:      0x0
  diag polling count:     0x3F77
  no diag polling from RE:0x0
  run_periodic:           false

Source: Juniper KB – [MX] How to check whether an SFP+ is NEBS compliant or not

SRX

These commands are for vSRX/SRX devices.

Show PFE IPSEC Security Associations

Show the IPSEC security associations:

request pfe execute target fwdd command "sh usp ipsec sa"

Example output:

me@device> request pfe execute target fwdd command "sh usp ipsec sa"
================ tnp_0x1000080 ================
SENT: Ukern command: sh usp ipsec sa

Tunnel  |  Crypto/Hash    |       |         |Auto|Dyna|Anti|VPN |Bind ifp/|    Bytes    |    Bytes    | Local  | Remote |Thd |
 id     |      Algo       | Proto |  Status |Key | EP |Rply|Mon |Policy id|     In      |     Out     | Address| Address|ID  |
--------+-----------------+-------+---------+----+----+----+----|---------|-------------|-------------|--------+--------|----|
67108975|AES256-G/NULL    |ESP    |Active   |Auto|Disa|Coun|VD  |st0.17   |         7220|        11176|192.0.2.1 |192.0.2.3|7|
67108980|AES256-G/NULL    |ESP    |Active   |Auto|Disa|Coun|VD  |st0.21   |       201284|       284632|192.0.2.1 |192.0.2.4|12|
67108969|AES256-G/NULL    |ESP    |Active   |Auto|Disa|Coun|VD  |st0.1    |       878527|      1317556|192.0.2.1 |192.0.2.5|12|
67108974|AES256-G/NULL    |ESP    |Active   |Auto|Disa|Coun|VD  |st0.16   |       180937|       265352|192.0.2.1 |192.0.2.6|6|
67108968|AES256-G/NULL    |ESP    |Active   |Auto|Disa|Coun|VD  |st0.3    |      1074089|      1630380|192.0.2.1 |192.0.2.8|9|
67108973|  AES256/SHA256  |ESP    |Active   |Auto|Disa|Coun|VD  |st0.19   |       790463|      1351588|192.0.2.1 |192.0.2.9|4|
67108978|AES256-G/NULL    |ESP    |Active   |Auto|Disa|Coun|VD  |st0.7    |       243903|       401580|192.0.2.1 |192.0.2.10|10|
...

Source: Juniper Forum – Junos Hidden Commands

Leave a Reply

Your email address will not be published.