Have you ever wondered what all of the options in „OAM Boot Menu” on ex2300 and ex3400 are for? Since it’s rather poorly documented in Juniper’s docs, I decided to explain all of the available options, as well as to give some insight into what all of those options do. The OAM menu can be accessed when the switch starts to boot. The descriptions written below are based on my own verification and may not be 100% covered and analysed sufficiently The purpose of this post is just to have a quick guide through that menu.
Main Menu
1. Boot [J]unos volume
2. Boot Junos volume in [S]afe mode
3. [R]eboot
4. [B]oot menu
5. [M]ore options
It’s available only for a few seconds and if the user doesn’t choose anything, the first option is selected by default:
1. Boot [J]unos volume
It boots the primary partition. Basically, on platforms with upgraded FreeBSD, there is different file system partitioning than we know from previous FreeBSD devices. Instead of two partitions „primary” and „backup” (s1a and s2a respectively), there are now two partitions named „junos” and „oam”. I will have a dedicated post entry about their content and purpose. More information here.
2. Boot Junos volume in [S]afe mode
This is the „special” mode of powering up the Junos system borrowed from UNIX like systems. It’s often used for troubleshooting when we want to isolate some issues with device boot and some system processes. When the Safe Mode is selected, the device checks the file system, hardware and all drives during boot sequence. It also disables some of the system components. The Safe Mode results with cli prompt with the certain functions disabled. It works similarly to the software that verifies the drive health. It allows the most basic system kernel extensions to be loaded. This will prevent any other (3rd party) extensions from messing up the startup process. It also removes all caches (kernel and system).
3. [R]eboot
It’s rather self explanatory 🙂
Boot Menu
1. Boot [P]revious installed Junos packages
2. Boot Junos in [S]ingle user mode
3. Boot from [R]ecovery snapshot
4. Boot from [U]SB
5. Boot to [O]AM shell
6. Snapshot [B]oot menu
7. [M]ain menu
1. Boot [P]revious installed Junos packages
It works basically like the request system software rollback. This option is followed by such an information:
Attempting to boot from previous installed Junos packages …
If previous set of packages are not available, we will boot
from the currently installed set of packages.
2. Boot Junos in [S]ingle user mode
Booting from Junos volume in single user mode …
Enter full pathname of shell or RETURN for /bin/sh:
Enter full pathname of shell or RETURN for /bin/sh: ?
# pwd
/
# ls
.mount dev mfs packages usr
COPYRIGHT etc mnt proc var
bin jail modules root
boot lib oam sbin
config libexec opt tmp
# return
It drops user to the FreeBSD shell with minimum system daemons running and basic command line support. Even with that can you use the basic operations and repairs with the startup drive, mount some external storage and start or terminate some system daemons. You can for example do the fsck to check the startup disks. The return command will exit the Single user mode and will continue to boot the os.
3. Boot from [R]ecovery snapshot
This option boots the recovery snapshot which resides on the „oam” volume. Prior to that, user has to manually create such snapshot with a command: request system snapshot recovery at the operational mode.
Booting from OAM volume to recover the Junos volume …
/boot/kernel text=0xcf743c \…
***** FILE SYSTEM IS CLEAN *****
Software recovery
Recovering the Junos partition
da0p2 deleted
da0p2 added
random: unblocking device.
/dev/gpt/junos: 1410.0MB (2887592 sectors) block size 32768, fragment size 4096
using 4 cylinder groups of 352.50MB, 11280 blks, 45184 inodes.
super-block backups (for fsck_ffs -b #) at:
192, 722112, 1444032, 2165952
Unpacking recovery snapshot to junos volume
Software recoverWaiting (max 60 seconds) for system process `vnlru’ to stop…y completed
done
Waiting (max 60 seconds) for system process `bufdaemon’ to stop…done
Waiting (max 60 seconds) for system process `syncer’ to stop…
Syncing disks, vnodes remaining…0 0 done
All buffers synced.
Uptime: 1m37s
Rebooting…
4. Boot from [U]SB
Like a reboot option, it’s rather self explanatory. The catch here is to have the USB drive prepared as to bootable device (with use of dedicated software like Win32DiskImager). Also to do that you will need specific image file which you can download from Juniper. It’s located in the Install Media section for a specific release. File has the following format:
junos-install-media-usb-<release number>
5. Boot to [O]AM shell
It similar to the Single User mode but puts you in the oam shell.
Booting to OAM shell …
/boot/kernel text=0xcfbab4da0: quirks=0x3<NO_SYNC_CACHE,NO_6_BYTE>
** /dev/gpt/oam
** Last Mounted on /.mount/oam
** Phase 1 – Check Blocks and Sizes
** Phase 2 – Check Pathnames
** Phase 3 – Check Connectivity
** Phase 4 – Check Reference Counts
** Phase 5 – Check Cyl groups
72 files, 82996 used, 40883 free (35 frags, 5106 blocks, 0.0% fragmentation)***** FILE SYSTEM IS CLEAN *****
Type ‘exit’ when done.
#
6. Snapshot [B]oot menu
This option displays all available non-recovery snapshots.
root@switch> show system snapshot
fpc0:
————————————————————————–
Non-recovery snapshots:
Snapshot snap.20171117.093846:
Location: /packages/sets/snap.20171117.093846
Creation date: Nov 17 09:38:48 2017
Junos version: 15.1X53-D57.3Total non-recovery snapshots: 1
Recovery Snapshots:
Snapshots available on the OAM volume:
recovery.ufs
Date created: Fri Nov 17 09:09:42 CET 2017
Junos version: 15.1X53-D57.3
Total recovery snapshots: 1
Snapshot Boot Menu
1. snap.20171117.093846
2. [P]revious page
3. [N]ext page
4. [M]ain menu
[M]ore options
1. Recover [J]unos volume
2. Recovery mode – [C]LI
3. Check [F]ile syste
4. Enable [V]erbose boot
5. [B]oot prompt
6. [M]ain menu
1. Recover [J]unos volume
It allows you to start the primary partition recovery from oam volume. If the junos volume is corrupted in some way, you can try to recover it. This option, in my opinion, is redundant to the booting from recovery snapshot.
Booting from OAM volume to recover the Junos volume …
/boot/kernel text=0xcf743c \…
***** FILE SYSTEM IS CLEAN *****
Software recovery
Recovering the Junos partition
da0p2 deleted
da0p2 added
random: unblocking device.
/dev/gpt/junos: 1410.0MB (2887592 sectors) block size 32768, fragment size 4096
using 4 cylinder groups of 352.50MB, 11280 blks, 45184 inodes.
super-block backups (for fsck_ffs -b #) at:
192, 722112, 1444032, 2165952
Unpacking recovery snapshot to junos volume
Software recoverWaiting (max 60 seconds) for system process `vnlru’ to stop…y completed
done
Waiting (max 60 seconds) for system process `bufdaemon’ to stop…done
Waiting (max 60 seconds) for system process `syncer’ to stop…
Syncing disks, vnodes remaining…0 0 done
All buffers synced.
Uptime: 1m37s
Rebooting…
2. Recovery mode – [C]LI
If by any chance you forget your root password or for any reason you want to have access to the device this is the way to go. It boots the device and you can change or setup your own root password:
Booting Junos in CLI recovery mode …
NOTE: Once in the CLI, you will need to enter configuration mode using
NOTE: the ‘configure’ command to make any required changes. For example,
NOTE: to reset the root password, type:
NOTE: configure
NOTE: set system root-authentication plain-text-password
NOTE: (enter the new password when asked)
NOTE: commit
NOTE: exit
NOTE: exit
NOTE: When you exit the CLI, you will be in a shell.
Starting CLI …warning: This chassis is operating in a non-master role as part of a virtual-chassis (VC) system.
warning: Use of interactive commands should be limited to debugging and VC Port operations.
warning: Full CLI access is provided by the Virtual Chassis Master (VC-M) chassis.
warning: The VC-M can be identified through the show virtual-chassis status command executed at this console.
warning: Please logout and log into the VC-M to use CLI.
3. Check [F]ile system
Another self explanatory option. Just starts the file system check. After the process is finished, it brings back the OAM Menu.
Booting from OAM volume to perform disk checks ..
da0 at umass-sim0 bus 0 scbus0 target 0 lun 0
da0: < USB DISK 2.0 PMAP> Removable Direct Access SPC-4 SCSI device
da0: Serial Number 650071008D1AAD38
da0: 40.000MB/s transfers
da0: 1910MB (3911680 512 byte sectors: 255H 63S/T 243C)
da0: quirks=0x3<NO_SYNC_CACHE,NO_6_BYTE>
** /dev/gpt/oam
** Last Mounted on /.mount/oam
** Phase 1 – Check Blocks and Sizes
** Phase 2 – Check Pathnames
** Phase 3 – Check Connectivity
** Phase 4 – Check Reference Counts
** Phase 5 – Check Cyl groups
68 files, 89804 used, 34075 free (35 frags, 4255 blocks, 0.0% fragmentation)***** FILE SYSTEM IS CLEAN *****
Running: fsck_ufs -y /dev/gpt/junos
** /dev/gpt/junos
** Last Mounted on /.mount
** Phase 1 – Check Blocks and Sizes
** Phase 2 – Check Pathnames
** Phase 3 – Check Connectivity
** Phase 4 – Check Reference Counts
** Phase 5 – Check Cyl groups
4162 files, 172608 used, 176956 free (164 frags, 22099 blocks, 0.0% fragmentation)***** FILE SYSTEM IS CLEAN *****
File system repair
Type ‘exit’ when done.
4. Enable [V]erbose boot
This option simply allows you to get more detailed outputs during the device boot. It’s good to have that for the debugging purposes. You can enable or disable it.
1. Recover [J]unos volume
2. Recovery mode – [C]LI
3. Check [F]ile system
4. Disable [V]erbose boot
5. [B]oot prompt
6. [M]ain menu
5. [B]oot prompt
It puts you in the loader shell. If the device fail to boot properly you can always format entire file system and install the new software. NOTE that in such processes all configurations and log files will be lost. The detailed procedure is described here.
a. Press any key when you see Main Menu to avoid auto boot
b. Stop at uboot (^C or space to stop autoboot –depending on the uboot version; for older uboot -> press space)Set the switch-management IP address, netmask and gateway IP
=> setenv ipaddr 172.22.157.103
=> setenv gatewayip 172.22.157.1
=> etenv netmask 255.255.255.0
=> setenv serverip 172.22.157.102
=> savePing the server to see if is reachable:
=> ping 172.22.157.102
Using FM1@DTSEC1 device
host 172.22.157.102 is aliveReboot the switch and interrupt to navigate to OAM menu. Choose option 5. [M]ore options and then option 5. [B]oot prompt, which will take you to the loader:
loader> install –format tftp://172.22.157.102/junos-install-media-net-arm-32-15.1X53-D55.5.tgz
After TFTP installation is done, log in and verify that the new version of the software is properly installed.