Prequel: Juniper EX3300-24T: jmos.ca

Before I bought and modded my ICX 7450s, I started with two Juniper EX3300-24Ts. I got a pair for $60 (all prices CAD) from an e-waste scrapper. They have four 10G SFP+ cages, and the -24T models have, as you might guess, 24 standard 1000BASE-T gigabit Ethernet ports. (The -xxP models have PoE, which did not interest me.)

These were fan-modded following the excellent guide found on HON's Wiki.

Even the -24Ts get hot enough that I wasn't comfortable with the default speeds, and ended up doing the "100% fan speed hack" (hard-wiring the fans to +12V) on both switches.
I did put the Noctua low-noise adapters (not the ultra-low-noise ones) in one of the switches; it ran 5-10ºC hotter than the full-speed switch IIRC, so maybe 60ºC rather than 50-55ºC at a room temperature around 23ºC. It was quieter, as well.

I decided to replace the Junipers for many reasons, which is why this section of my site is called "ICX 7450" and not "Juniper EX3300".

Moar ports

I thought 4 10G cages on each switch would be enough. It wasn't.

No kindness to people like you and me

Juniper seems to be of the opinion - and has been for some time - that if you didn't buy the switches from them or an authorized reseller, you deserve no support. So you can read general Junos manuals (if you can work out which version of the documentation applies to you), as they're published and freely available. But you get no firmware downloads, as those require site registration, and registration requires some form of proof-of-purchase. Too bad, so sad, homelabbers.

Yes, the Internet is full of pirates. But do you want to download firmware for your core switches from sketchy websites? And even when I decided my answer was "yes" out of desperation, I struggled to find useful download links for my switches specifically. (Sorry, but I'm not able to share anything I was able to find. Use the Internet yourself, please.)

Also these things are super EOL, so even if you had access, anything you can download is out-of-date and not being patched. And also there's something about later Junos releases running absolutely horrendously on this hardware?

Of course, I discovered all of this after I managed to nuke the stored firmware on one of my switches. I'm pretty sure it happened when I unplugged the power supply in order to solder the fans to +12V for the fan mod (it happened to the second switch immediately after I did the same there, and hasn't happened since). It was an uncomfortable couple of hours while I scoured the web, trying to find a firmware package I could use to un-brick my switch.

As described in the introduction to this section, the ICX switches are much friendlier to work with for homelabbers.

The EX3300s in particular are essentially designed to corrupt themselves

As I understand it, Juniper dumped UFS partitions (a file system with which I have prior experience, and for which I have absolutely no love) on unmanaged flash. So a) unsafe shutdowns can and will corrupt your configuration, and b) over time, the flash devices wear out and stop working all on their own. The former issue has some safety mechanisms you can enable to help you recover, but they're annoying and not on by default. And there's no help for the latter.

Later Juniper switches corrected this problem, but later switches are not (yet) cheap and modifiable e-waste.

The ICX switches have no such problems.

Configuration guide

If you somehow have one of these and want to mess around with it, here's how I configured mine, with some tips to make living with them more tolerable.

General command guide (Juniper) Reset and reinstall guide (Juniper)

Initial setup

request system zeroize
# (it might reboot here, I don't remember)
# on first boot:
ezsetup # and follow the prompts

Other good ideas:

# Turn off alarms if you're not using the management ethernet port
set chassis alarm management-ethernet link-down ignore
# Try to auto-backup the config to a spare partition (I think that's what this does?)
set system auto-snapshot
# This will clear an alarm + also protect from corruption
request system configuration rescue save
request system snapshot slice alternate

Disable virtual chassis

The EX3300s default to using two of the 10G ports for stacking. No thank you. Also they're kind of stubborn about turning that feature off.

Method 1:

# From run mode, not edit mode!
request virtual-chassis vc-port delete pic-slot local 1 port 2
request virtual-chassis vc-port delete pic-slot local 1 port 3

If for some reason that fails, you can apparently just rm -rf /config/vchassis/* lol. Source - full context with some other ideas

Auto backup

Source.

I never actually got this to work. The SFTP copy fails for some weird auth thing when it runs automatically, even though it works when I manually SFTP to my server from the switch. It's nice to have set up for that manual use case, at least.

edit system archival configuration
set archive-sites sftp://<user>@<host>/<path> password "<password>" # yes you have to write the password in quoted plaintext
set transfer-on-commit # this is supposed to auto-backup whenever you change things
exit
set security ssh-known-hosts fetch-from-server <host>

Next steps

Configure as you desire. I got pretty far with googling things like "junos vlan", "ex3300 junos vlan", etc.