Skip to content

Juniper vSRX#

Juniper vSRX virtualized firewall is identified with juniper_vsrx kind in the topology file. It is built using vrnetlab project and essentially is a Qemu VM packaged in a docker container format.

Managing Juniper vSRX nodes#


Containers with vSRX inside will take ~7min to fully boot.
You can monitor the progress with docker logs -f <container-name>.

Juniper vSRX node launched with containerlab can be managed via the following interfaces:

to connect to a bash shell of a running Juniper vSRX container:

docker exec -it <container-name/id> bash

to connect to the vSRX CLI (password admin@123)

ssh admin@<container-name/id>

Coming soon


Default user credentials: admin:admin@123

Interfaces mapping#

  • eth0 - management interface (fxp0) connected to the containerlab management network
  • eth1+ - second and subsequent data interface

When containerlab launches Juniper vSRX node, it will assign IPv4/6 address to the eth0 interface. These addresses are used to reach the management plane of the router.

Data interfaces eth1+ need to be configured with IP addressing manually using CLI/management protocols.

Features and options#

Node configuration#

Juniper vSRX nodes come up with a basic configuration where only the control plane and line cards are provisioned and the admin user with the provided password.

Startup configuration#

It is possible to make vSRX nodes boot up with a user-defined startup-config instead of a built-in one. With a startup-config property of the node/kind user sets the path to the config file that will be mounted to a container and used as a startup-config:

      kind: juniper_vsrx
      startup-config: myconfig.txt

With this knob, containerlab is instructed to take a file myconfig.txt from the directory that hosts the topology file and copy it to the lab directory for that specific node under the /config/startup-config.cfg name. Then the directory that hosts the startup-config dir is mounted to the container. This will result in this config being applied at startup by the node.

Configuration is applied after the node is started. Thus it can contain partial configuration snippets that you desire to add on top of the default config that a node boots up with.

Lab examples#

The following simple lab consists of two Linux hosts connected via one vSRX: