modulo 0 - revision cli
Post on 04-Apr-2018
226 Views
Preview:
TRANSCRIPT
-
7/31/2019 Modulo 0 - Revision CLI
1/34
Copyright 2009, Juniper Networks, Inc.
Introduction to Juniper Networks Routers
Module 0: The JUNOS Software CLI
-
7/31/2019 Modulo 0 - Revision CLI
2/34
Module 0: The JUNOS Software CLI 2-2
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Module Objectives
After successfully completing this module, you will be
able to: Log into a Juniper Networks M-series or T-series router
Issue operational-mode commands
Enter the configuration mode
Navigate the candidate configuration
Modify the candidate configuration
Commit a new active configuration
This Module Discusses:
Logging into a Juniper Networks M-series or T-series platform;
Operational-mode commands;
Navigating the configuration hierarchy; and Committing a new configuration.
-
7/31/2019 Modulo 0 - Revision CLI
3/34
Module 0: The JUNOS Software CLI 2-3
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Gaining Access to the CLI
Where we are going
Accessing the routers management ports User authentication
Logging in
Gaining Access to the CLI
The following list shows the steps necessary to gain access to the command-line
interface (CLI). The following pages discuss these steps in detail.
Accessing the router: You can access the router using three managementportsconsole, auxiliary, or fxp0.
User authentication: You can be authenticated using a local password,RADIUS, or TACACS.
Logging in: When a router is first received, you must first log in as rootto
start the CLI and then create user-specific accounts.
-
7/31/2019 Modulo 0 - Revision CLI
4/34
Module 0: The JUNOS Software CLI 2-4
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Access Routers Management Ports
Console
Db9 EIA-232 @ 9600 Bps, 8/N/1-preconfigured
Management port, using Telnet, SSH
Requires configuration
NC
CNO
NC
C
NO
ACO/LT A UX/ MOD EM M GMT C ON SOLE
OFFLINE ONLINE MASTER
OFFLINE ONLINE MASTER
RE0
RE1
FPC0
FPC1
FPC2
FPC3
F AI L O K
F AI L O K
F AI L O K
F AI L O K
Console Port
The console port is the only preconfigured port on the router. You use the console port
to access the CLI.
The JUNOS Internet software CLI is the interface to the software that you usewhenever you access the router, either from the console or through a remote networkconnection. The CLI starts automatically when you log in as a nonroot user and
provides commands to perform various tasks, including configuring the JUNOSsoftware, and monitoring and troubleshooting the software, network connectivity, and
the router hardware.
The CLI is a straightforward command interface. You type a command on a single line,and the command is executed when you press the Enter key.
Alternative Access
You can also access the CLI using the management interface (fxp0) or auxiliary port.
This access requires configuration, however. Also, Telnet and SSH access is
available.
-
7/31/2019 Modulo 0 - Revision CLI
5/34
-
7/31/2019 Modulo 0 - Revision CLI
6/34
Module 0: The JUNOS Software CLI 2-6
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Logging in
HongKong (ttyp1)
login: Doug
Password:
--- JUNOS 5.0R1.4 built 2001-08-14 23:14:13 UTC
Doug@HongKong>
When logging in:
Nonroot users are placed into CLI automatically Root must start CLI from shell
Logging in
JUNOS software requires a user name and password for access. The router
administrator creates user accounts and assigns permissions. New Juniper NetworksM-series or T-series platforms have only the rootuser configured by default withoutany password. You must start the CLI by typing cli from the shell.
-
7/31/2019 Modulo 0 - Revision CLI
7/34
Module 0: The JUNOS Software CLI 2-7
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
CLI Modes
Operational mode
Monitor and troubleshoot the software, network connectivity,and router hardware
Configuration mode
Configure the router, including interfaces, general routinginformation, routing protocols, user access, and systemhardware properties
Doug@lab2>
Doug@lab2#[edit]
Operational Mode
In operational mode, you use the CLI to monitor and troubleshoot the router. Themonitor,ping, show, test, and traceroute commands let you display
information and statistics about the software running on the router, such as routingtable entries, and let you test network connectivity.
Configuration Mode
You configure JUNOS software by entering configuration mode and creating a
hierarchy of configuration statements. You can configure all properties of JUNOSsoftware, including interfaces, general routing information, routing protocols, and user
access, as well as several system hardware properties.
-
7/31/2019 Modulo 0 - Revision CLI
8/34
Module 0: The JUNOS Software CLI 2-8
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
CLI Operational Mode
Command hierarchy:
brief
exact
protocol
table
terse
bgp
chassis
interfaces
isis
ospf
route
version
clear
configure
monitor
set
show
Command Hierarchy
CLI commands use a command option from a specific list; a specific option can use anadditional option from that commands specific list. For example, use the show
command to display information about the system and the system software. One of thepossible options for the show command is route, which displays information about
routing tables.
-
7/31/2019 Modulo 0 - Revision CLI
9/34
Module 0: The JUNOS Software CLI 2-9
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Operational-Mode Commands
Executed (mainly) from default CLI level (user@host>)
show request
restart
ping
traceroute
clear
monitor
file
test
telnet
set
ssh
start
quit
Operational-Mode Commands Summary
Several kinds of operational mode commands are:
Destructive
Nondestructive
Entering configuration mode
Controlling the CLI environment
Exiting the CLI
Monitoring and troubleshooting
clear
monitor
ping
show
test
traceroute
Connecting to other network systems
Copying files
Restarting software processes
Performing system-level operations
-
7/31/2019 Modulo 0 - Revision CLI
10/34
Module 0: The JUNOS Software CLI 2-10
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Using | (Pipe)
Used to filter command output:
compare Compare configuration changes with a prior version
count Count occurrences
display Display additional information
except Show only text that does not match a pattern
find Search for the first occurrence of a pattern
hold Hold text without exiting the --More-- prompt
last Display the last screen of lines in the output
match Show only text that matches a pattern
no-more Don't paginate output
request Make system-level requests
resolve Resolve IP addresses
save Save output text to a file
trim Trim specified number of columns from start of line
The Pipe Commands
For operational and configuration commands that display output, such as the show
commands, you can filter the output. When help is displayed for these commands, oneof the options listed is |, called a pipe, which allows the command output to be filtered.To filter the output of an operational-mode or a configuration-mode command, add a
pipe and option to the end of the command. The options are:
compare ( filename | rollback n): Available in configuration mode
only using the show command. Compares configuration changes with
another configuration file.
count: Displays the number of lines in the output.
display detail: Available in configuration mode only. Displays
additional information about the contents of the configuration.
except regular-expression: Ignores a text matching a regular
expression when searching the output. If the regular expression contains
spaces, operators, or wildcard characters, you must enclose it in quotation
marks. find regular-expression: Displays the output starting at the first
occurrence of text matching a regular expression. If the regular expressioncontains spaces, operators, or wildcard characters, you must enclose it inquotation marks.
hold: Holds text without exiting the -(more)-- prompt.
last: Displays the last screen of information.
Continued on next page.
-
7/31/2019 Modulo 0 - Revision CLI
11/34
Module 0: The JUNOS Software CLI 2-11
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Controlling the CLI Environment
Use the set cli command to set:
Screen length (lines) Screen width (columns)
Idle timeout (minutes)
Prompt (string)
Terminal (terminal type)
Setting Environment
When you log into the router using SSH or log in from the console when its terminaltype is already configured, your terminal type, screen length, and screen width are
already set. Occasionally, you might need to change these parameters based ondiffering terminal types or user operations. To configure the CLI environment, use theoperational mode CLI set command:
user@host> set cli ?
Possible completions:
complete-on-space Toggle word completion on space
idle-timeout Set the cli maximum idle time
prompt Set the cli command prompt string
restart-on-upgrade Set cli to prompt for restart after a
software
upgrade
screen-length Set number of lines on screen
screen-width Set number of characters on a line
terminal Set terminal type
-
7/31/2019 Modulo 0 - Revision CLI
12/34
Module 0: The JUNOS Software CLI 2-12
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Editing Command Lines
lab@omaha> show interfaces
Ctrl-b
lab@omaha> show interfaces
Ctrl-a
lab@omaha> show interfaces
Ctrl-f
lab@omaha> show interfaces
Ctrl-e
lab@omaha> show interfaces
Configuring VT-100 terminal type enables the use of
arrow keys in addition to these EMACS-based controlsequences
EMACS-Style Control Keys
The CLI provides keyboard sequences that allow you to move around on a command
line and delete specific characters or words.
Keystroke
Ctrl-B Moves cursor left one character
Ctrl-A Moves cursor to the beginning of the command line
Ctrl-F Moves cursor right one character
Ctrl-E Moves cursor to the end of the command line
Delete/BS Deletes character before cursor
Ctrl-D Deletes character over the cursor
Ctrl-K Deletes from cursor to end of line
Ctrl-U Deletes all characters
Ctrl-W Deletes entire word to left of cursorCtrl-L Redraws the current line
-
7/31/2019 Modulo 0 - Revision CLI
13/34
Module 0: The JUNOS Software CLI 2-13
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Command Completion
Space bar completes a command
root@lab2> show i
'i' is ambiguous.
Possible completions:
igmp Show information about IGMP
interfaces Show interface information
isis Show information about IS-IS
root@lab2> show i
Tab key completes a variable
Space Completion
The CLI provides a completion function. Therefore, you do not always have to type the
full command or command option name for the CLI to recognize it.
To complete a command or option that you have typed partially, press the Space bar.If the partially typed letters begin a string that uniquely identifies a command, the CLIdisplays the complete command name. Otherwise, the CLI beeps to indicate that you
have entered an ambiguous command, and it displays the possible completions.
The command completion option is on by default, but you can turn it off.
Tab Completion
You can also use the Tab key to complete variables. Examples of variables includepolicy names, AS paths, community names, and IP addresses.
-
7/31/2019 Modulo 0 - Revision CLI
14/34
Module 0: The JUNOS Software CLI 2-14
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Context-Sensitive Help
Type a question mark (?) anywhere on command line
lab@omaha> ?
Possible completions:
clear Clear information in the system
configure Manipulate software configuration information
file Perform file operations
help Provide help information
lab@omaha> show ?
Possible completions:
aps Show APS information
arp Show system ARP table entries
as-path Show table of known AS paths
Need Help?
The CLI provides context-sensitive help at any point in a command line. Help tells you
which options are acceptable at the current point in the command and provides a briefdescription of each command or command option.
To get help at any time while in the Juniper Networks CLI, type a question mark (?).You do not need to press Enter. If you type the question mark at the command-line
prompt, the CLI lists the available commands and options. If you type the questionmark after entering the complete name of a command or an option, the CLI lists the
available commands and options and then redisplays the command name and optionsthat you typed. If you type the question mark in the middle of a command name, theCLI lists possible command completions that match the letters you have entered so
far, then redisplays the letters that you typed.
-
7/31/2019 Modulo 0 - Revision CLI
15/34
Module 0: The JUNOS Software CLI 2-15
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Help topic provides information on general concepts
lab@host> help topic icmp ?
Possible completions:
address IP addresses to include in router advertisements
lifetime How long addresses in advertisements are valid
min-advertisement-interval Time between router advertisement s
traceoptions Trace options for ICMP
lab@host> help topic icmp lifetime
Modify the Router Advertisement Lifetime
The lifetime field in router advertisement messages indicates how long
a host should consider the advertised address to be valid. If this
amount of time passes and the host has not received a router
advertisement from the server, the route marks the advertised.
Help Topic
Help on General Concepts
There are various ways to use the help command. The help topic command
displays usage guidelines for the statement. In the example on the slide, we arereceiving information on ICMP lifetime.
-
7/31/2019 Modulo 0 - Revision CLI
16/34
Module 0: The JUNOS Software CLI 2-16
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Help reference provides JUNOS softwareconfiguration-related information
lab@host> help reference icmp lifetime
lifetime
Syntax
lifetime seconds;
Hierarchy Level
[edit protocols router-discovery interface interface-name]
Description
How long the addresses sent by the server in its router advertisementpackets are valid. This time must be long enough so that another. . . .
Options
seconds--Lifetime value. A value of 0 indicates that one or moreaddresses are no longer valid.Range: 0, max-advertisement-interval value through 2 hours, 30
minutes (9000 seconds), specified in secondsDefault: 1800 seconds (30 minutes; three times the default
Help Reference
Help on JUNOS Software Configuration
The help reference displays summary information for the statement. In other words, it
contains JUNOS software-specific, configuration-related information. In the exampleon the slide, once again we are using the help command for information on ICMPlifetime. Notice the difference between the help reference command shown hereand the help topic command from the previous slide.
-
7/31/2019 Modulo 0 - Revision CLI
17/34
Module 0: The JUNOS Software CLI 2-17
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Configuration Mode
Where we are going
Entering configuration Moving between levels in the configuration hierarchy
Viewing the candidate configuration
Activating the candidate configuration
Configuration Mode
The tasks you can perform in configuration mode, which are covered in the following
pages, are:
Entering configuration: Type configure to enter configuration mode. Moving within the configuration hierarchy: Use the edit, up, top and exit
commands to move between levels.
Viewing the candidate configuration: Use show commands while in
configuration mode.
Activating the candidate configuration: Use the commit command to
activate the configuration.
Configuring interfaces: Configure interface names, permanent interfaces,
and interface properties.
-
7/31/2019 Modulo 0 - Revision CLI
18/34
Module 0: The JUNOS Software CLI 2-18
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Entering Configuration Mode
Type configure or edit at the CLI operational mode
promptroot@lab2> configure
Entering configuration mode
[edit]
root@lab2#
To allow a single user to edit the configuration, typeconfigure exclusive
configure private allows the user to edit a privatecopy of the candidate configuration
Multiple users can edit private candidate configurationssimultaneously
At commit time, the users private changes are merged backinto the global configuration
Starting Configuration Mode
You enter configuration mode by issuing the configure command or the edit
command from the CLI operational mode. If, when you enter configuration mode,another user is also in configuration mode, a message indicates who the user is andwhat portion of the configuration the user is viewing or editing.
In configuration mode, the prompt changes from the angle bracket (>) of operationalmode to the pound sign (#), preceded by the name of the user and the name of the
router.
The portion of the prompt in brackets, such as [edit], is a banner indicating that you
are in configuration mode and specifying your location within the statement hierarchy.
Exclusive Configuration
By default, multiple users can enter configuration mode and commit changes. To allowonly a single user to edit the configuration, use the configure exclusive
command.
Continued on next page.
-
7/31/2019 Modulo 0 - Revision CLI
19/34
Module 0: The JUNOS Software CLI 2-19
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Software Configuration Overview
Create a hierarchy of configuration statements
Enter commands in CLI configuration moderoot@lab2# set chassis alarm sonet lol red
ASCII text file and display
chassis {
alarm {
sonet {
lol red;
}
}
}
Enter Commands and Display
To configure the Juniper Networks M-series or T-series platforms, including the routing
protocols, the router interfaces, network management, and user access, you enter CLIcommands in configuration mode. In configuration mode, the CLI provides commandsthat let you configure the system, load an ASCII text file that contains the system
configuration, activate a configuration, and save the configuration to a text file.
-
7/31/2019 Modulo 0 - Revision CLI
20/34
Module 0: The JUNOS Software CLI 2-20
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Statement Hierarchy
atm e3 sonet t3
clock fpc
firewall interfaces protocols system more
ethernet
alarm
chassis
Less Specific
More Specific
top
Statement Hierarchy
In configuration mode, you enter commands that affect the statement hierarchy. The
statement hierarchy stores configuration information and is independent of the CLIoperational-mode command hierarchy. The commands available in configuration modeare also independent of the commands available in operational mode. For example,CLI operational mode includes a show command to display specific information, while
CLI configuration mode provides a show command to display the statement hierarchy.
The two commands are independent of each other.
The statement hierarchy is organized in a tree structure similar to Windows folders orUNIX directories, grouping related information into a particular branch of the tree.
-
7/31/2019 Modulo 0 - Revision CLI
21/34
Module 0: The JUNOS Software CLI 2-21
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Moving between levels of the statement hierarchy
Edit functions like a change directory (CD) command[edit]
user@host# edit chassis alarm ethernet
[edit chassis alarm ethernet]
Moving between Levels (1 of 2)
atm e3 sonet t3
clock fpc
firewall interfaces protocols system more
ethernet
alarm
chassis
top
Changing Directories
To move down through an existing configuration statement hierarchy or to create ahierarchy and move down to that level, use the edit command, specifying your
desired hierarchy level. After you issue an edit command, the configuration mode
banner changes to indicate your current level in the hierarchy.
-
7/31/2019 Modulo 0 - Revision CLI
22/34
Module 0: The JUNOS Software CLI 2-22
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Moving between Levels (2 of 2)
user@host# up
[edit chassis alarm]
user@host# top
[edit]
atm e3 sonet t3
clock fpc
firewall interfaces protocols system more
ethernet
alarm
chassis
top
top
up
Level Navigation
To return to your previous location in the statement hierarchy, use the exitcommand. This command is, in effect, the opposite of the edit command. Entering
exit at the top level of the hierarchy exits configuration mode.
To move up in the configuration statement hierarchy one level at a time, use the up
command. To move to the top of the statement hierarchy from any location, use thetop command.
-
7/31/2019 Modulo 0 - Revision CLI
23/34
Module 0: The JUNOS Software CLI 2-23
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
CLI Enhancements (1 of 2)
Relative configuration commands
New arguments to topcommand You can run commands from the top of the hierarchy or from
higher up in the hierarchy
[edit interfaces so-5/1/0 unit 0 family inet]
root@router# top show system login
class superuser-local {
permissions all;
}
[edit interfaces so-5/1/0 unit 0 family inet]
root@router# top edit protocols ospf
[edit protocols ospf]root@router#
Top Enhancement
Starting with JUNOS software Release 5.3, you can enter commands from any level inthe hierarchy by issuing the top command. As seen on the slide, the use of this
command allows you to view every portion of the configuration, regardless of whichdirectory you are located in. It also allows you to change directories without having to
jump to the top of the directory. Thus, in the example on the slide, the user went fromthe [edit interfaces] hierarchy to the [protocols ospf] hierarchy by simply
issuing a single command.
-
7/31/2019 Modulo 0 - Revision CLI
24/34
Module 0: The JUNOS Software CLI 2-24
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
CLI Enhancements (2 of 2)
show configuration command now takes a
configuration pathroot@router> show configuration system login
class superuser-local {
permissions all;
}
root@router> show configuration protocols bgp
export [ next-hop-self unicast-multicast ];
peer-as 10458;
group internal {
type internal;
neighbor 207.17.136.192;
}
group fred {
allow 0.0.0.0/0;
}
root@router>
Viewing the Configuration Enhancement
Starting in JUNOS software Release 5.3, the show configuration command takes
a configuration path. Thus, instead of viewing the entire configuration, you can view aportion of the configuration by specifying the configuration hierarchy (previous toRelease 5.3, similar functionality could be achieved using pipe commands). We see
this feature on the slide, where user root is viewing only the system login configurationin the first example and the BGP configuration in the second example.
-
7/31/2019 Modulo 0 - Revision CLI
25/34
Module 0: The JUNOS Software CLI 2-25
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Displaying Candidate Configuration
[edit]
user@host# show chassis alarm
sonet {
los red;
pll yellow;
}
[edit]
user@host# edit chassis alarm
[edit chassis alarm]
user@host# show
sonet {
los red;
pll yellow;
}
[edit chassis alarm]
Displaying the Configuration
To display the candidate configuration, use the configuration mode show command.
This command displays the configuration at the current hierarchy level or at thespecified level below the current location.
The show command has the following syntax: show statement-path. When
displaying the configuration, the CLI indents each subordinate hierarchy level, inserts
braces to indicate the beginning and end of each hierarchy level, and places asemicolon at the end of statements that are at the lowest level of the hierarchy. The
display format is the same format you use when creating an ASCII configuration file,and it is also the same format that the CLI uses when saving a configuration to anASCII file.
In cases where an empty statement leads to an invalid configuration because it isincomplete or meaningless, the show command does not display any of the statement
path.
-
7/31/2019 Modulo 0 - Revision CLI
26/34
Module 0: The JUNOS Software CLI 2-26
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Identify Configuration File Differences
Change the candidate configuration[edit chassis]
user@host# set alarm sonet lol red
[edit chassis]
user@host# delete alarm sonet pll
Display differences between the candidate andactive configurations
[edit chassis]
user@host# show | compare
[edit chassis alarm sonet]
+ lol red;
- pll yellow;
Other command optionsuser@host# show | compare filename
user@host# show | compare rollback number
Modifying a Candidate Configuration
The example on the slide modifies a candidate configuration by setting a loss of light
(LOL) SONET/SDH alarm and removing a phase-locked loop (PLL) alarm that waspreviously committed.
Viewing Differences
Piping the output of a show command to the CLI compare function displays the
differences between the candidate configuration file and the active configuration.
Starting with JUNOS software Release 5.3, configuration comparison is nowpatch-like. Thus, instead of showing the entire configuration and where changes were
made, only the actual changes are shown (that is, additions or deletions). This methodallows you to save the configuration to a patch file. Once you save this file, you canthen issue a load patch command and merge only the changes into the
configuration.
Viewing Differences in Other Files
You can also view difference in the rollbackconfiguration or any saved configurationfile using the CLIs compare function.
-
7/31/2019 Modulo 0 - Revision CLI
27/34
Module 0: The JUNOS Software CLI 2-27
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Removing Statements
[edit]
user@host# edit chassis alarm sonet[edit chassis alarm sonet]
user@host# delete lol
[edit chassis alarm sonet]
user@host# delete los
[edit chassis alarm sonet]
user@host#
Removing Configuration
To delete a statement or identifier from the configuration, use the configuration-modedelete command. This command deletes the statement and all its subordinate
statements and identifiers. Deleting a statement or an identifier effectively
unconfiguresthe functionality associated with that statement or identifier, returning that
functionality to its default condition.
-
7/31/2019 Modulo 0 - Revision CLI
28/34
Module 0: The JUNOS Software CLI 2-28
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Activating a Configuration (1 of 2)
commit
rollback n
Candidate
Configuration
Active
Configuration
1 2 ...
0
Rollback files stored in/config/juniper.conf.n (n=1-3)/var/db/config/juniper.conf.n (n=4-49)
Rollback files stored in/config/juniper.conf.n (n=1-3)/var/db/config/juniper.conf.n (n=4-49)
49
Active versus Candidate Configuration
When you edit a configuration, you work in a copy of the current configuration to create
a candidateconfiguration. The changes you make to the candidate configuration arevisible in the CLI immediately, so if multiple users are editing the configuration at thesame time, all users can see all changes.
To have a candidate configuration take effect, you must committhe changes. At this
time, the candidate file is checked for proper syntax, activated, and marked as thecurrent, operational software configuration file. If multiple users are editing the
configuration, when you commit the candidate configuration, all changes made by allthe users take effect.
The commit command causes the candidate configuration to be checked and copied
into the active configuration. The old, active configuration is saved and becomesavailable in /config/juniper.conf.1. You can recover it with the rollback 1
command. Each existing backup is renumbered and pushed further out, storing the
oldest copy as number 49.
JUNOS software stores a maximum of 50 previously committed configurations. Thefirst three rollbacks (13) are stored in the /config directory, which resides on thesolid-state flash disk. The remainder are stored in the /var/db/config directory,
which resides on the hard disk.
-
7/31/2019 Modulo 0 - Revision CLI
29/34
Module 0: The JUNOS Software CLI 2-29
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Activating a Configuration (2 of 2)
Remote configuration changes require caution Might disrupt remote connectivity to router
Avoid disadvantages by using commit confirmed Activates configuration for a few minutes (default is 10
minutes)
If configuration is not confirmed, router returns to previousconfiguration automatically
Confirm configuration by issuing a second commit
Support for scheduled and commented commits Use the commit at time option (Release 5.5)
Comments can be added to the commits log with thecomment switch (Release 6.1)
[edit]
user@host# commit at 20:01:00
configuration check succeeds
commit at will be executed at 2009-08-08 20:01:00 UTC
The configuration has been changed but not committedExiting configuration mode
Commit Process
To save software configuration changes to the configuration database and activate theconfiguration on the router, use the configuration mode commit command.
As part of the commit process, JUNOS software checks the configuration for syntaxerrors. If the syntax is correct, JUNOS software activates the configuration and marksit as the current, operational software configuration file. Then, the software processes
running on the system read the new configuration information and change theiroperations to match the new configuration. The output of a show system uptime
command displays the date and user name associated with the last commit.
If the syntax is not correct, an error message indicates the location of the error and nopart of the configuration is activated. You must correct the errors before recommittingthe configuration. When you commit a configuration (which you can do from any
hierarchy level), you commit the entire configuration in its current form. If more thanone user is modifying the configuration, committing it saves and activates the changesof all the users. Use the commit check command to validate a candidate
configuration without actually placing it into effect.
Avoid Commit Pitfalls
The system never commits a candidate configuration on its own. When you load or
merge a configuration file, you must commit the results of the load operation for it totake effect. The system does, however, automatically restore a configuration andcommits it when you use the commit confirmedcommand. The restoration occurs
using the rollback process.
Continued on next page.
-
7/31/2019 Modulo 0 - Revision CLI
30/34
Module 0: The JUNOS Software CLI 2-30
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Backing out of Configuration Changes
Use the rollback command to restore one of the last
50 previously committed configurations Use rollback (or rollback 0 ) to reset the candidate
configuration to the configuration currently running(which is the last version committed)
rollback 1 loads the configuration before that
rollback n loads nconfigurations before that
Backing out of Changes
The software saves the last 50 committed versions of the configuration. To return to
one of these versions previously committed and load it into configuration mode withoutactivating it, use the CLI configuration rollback command. By default, the system
returns to the most recently committed configuration:
[edit]
user@host# rollback
load complete
To activate the configuration that you loaded, issue the commit command:
[edit]
user@host# commit
Specifying Rollback Files
To return to a version prior to the configuration most recently committed, include theversion number in the rollback command:
[edit]
user@host# rollback version
load complete
[edit]
user@host#
As of JUNOS software Release 6.0, the version argument can be a number in the
range 0 through 49. The most recently saved configuration is version 0, which is a
copy of the currently active configuration. The oldest committed configuration that isnow automatically saved is now version 49. Previous releases of JUNOS softwarelimited the maximum number of rollbacks to ten (versions 0 through 9).
-
7/31/2019 Modulo 0 - Revision CLI
31/34
Module 0: The JUNOS Software CLI 2-31
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Exiting Configuration Mode
Exiting levels
Use exit from top level Use exit configuration-mode from any level
Operational
Mode
[edit]
[edit chassis]
[edit chassis
alarm]
top
exit/up
exit configuration-modeexit
edit/configure
edit chassis
edit alarm
Exiting Levels
To exit CLI configuration mode and return to CLI operational mode, enter the exitcommand at the top level, or enter the exit configuration-mode command at
any level. The slide illustrates the various methods of moving within the statementhierarchy. Note that up moves you up one level in the hierarchy while exit returns
you to your previous location in the hierarchy.
-
7/31/2019 Modulo 0 - Revision CLI
32/34
Module 0: The JUNOS Software CLI 2-32
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Saving Configuration Files
Save current candidate configuration using savecommand
[edit]user@router# save filename
File saved to users home directory unless full path name isspecified
Only saves from the current hierarchy down
File name can specify: A URL
A target on redundant Routing Engine
SSH user@host:filename notation
Recent enhancements: terminal option for save commands
Simplifies load operations from terminal buffers Pipe option for display set
Displays the set statements used to create a configuration
Periodic saves to remote hosts
Saving Flies
You can save the software configuration from your current configuration session to anASCII file. Doing this saves the configuration in its current form, including any
uncommitted changes. If more than one user is modifying the configuration, saving itsaves the changes made by all the users.
Note that only configuration statements at the current hierarchy level and below aresaved. To save the entire candidate configuration, you must be at the top level of the
configuration hierarchy. By default, the CLI saves the configuration to the specified filein your home directory. For example, user Dougwould store files in/var/home/Doug. You can change this default my specifying a path name.
Specifying File Names
You can specify a filename in one of the following ways:
ftp://user@host/path/filename: Puts file in location explicitly
described by this URL.
re0:/filename or re1:/filename: Puts file on redundant Routing
Engine 0 or Routing Engine 1, if present.
system:filename, system:path/filename,username@system:filename, orusername@system:path/filename: Puts file on a remote system using
the SSH protocol. The default path is the users home directory on the
remote system.
a:filename or a:path/filename (M40 only): Puts file on the routers
LS-120 floppy drive. The default path is / (the root-level directory). The
floppy can be in either MS-DOS or UNIX (UFS) format.
Continued on next page.
-
7/31/2019 Modulo 0 - Revision CLI
33/34
Module 0: The JUNOS Software CLI 2-33
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Loading a Configuration File
Configuration information can come from an ASCII file
or terminal emulation capture buffer The loadcommand supports various arguments:
Override an existing configuration load override filename
Merge new statements into current configuration load merge filename
Replace existing statements in current configuration load replace filename
Take input from terminal capture buffer load (replace | merge | override) terminal
Load relative to current configuration hierarchy
load (replace | merge) (filename | terminal) relative
Changes candidate configuration only You must issue a commit to activate
Loading a Configuration
You can use the configuration-mode loadcommand to load a complete or partial
configuration from a local file, a file on a remote machine, or from a terminal emulationprograms capture buffer. The loadcommand supports several arguments that
determine the specifics of the operation.
Load Options
merge: Combines the current configuration with the configuration being
loaded.
override: Completely overwrites the current configuration with the
configuration being loaded. You must perform override operations at the rootof the configuration hierarchy.
replace: Looks for a replace: tag in the configuration being loaded.
Existing statement of the same name are replaced with the those in theloaded configuration for stanzas marked with the replace tag.
terminal: Uses the text you type at the terminal as input to the
configuration. Type Ctrl D to end terminal input. Usually this option is usedin conjunction with a terminal emulation programs copy/paste functionalityto copy and paste configuration data from one system to another.
relative: Normally, a load merge or load replace operation requires
that the data being loaded contain a full path to the related configurationhierarchy. The relative option negates this need by telling the router to
assumethat the data being loaded should be added relativeto the currentconfiguration hierarchy.
Changes Candidate Configuration Only
In all cases, after the loadoperation is complete, you must issue a commit to
activate the changes made to the configuration.
-
7/31/2019 Modulo 0 - Revision CLI
34/34
Introduction to Juniper Networks Routers
Copyright 2009, Juniper Networks, Inc.
Review Questions
1. What are the two types of CLI modes?
2. How can you navigate up two levels in the configurationhierarchy?
3. What is the purpose of using the confirmedswitch
when committing changes?
4. What command restores the router to the previouslycommitted configuration?
5. How can you display differences between an active andcandidate configuration?
6. When loading configuration files, what is the difference
between themerge, override, and replacearguments?
This Module Discussed:
Logging into a Juniper Networks M-series or T-series platform;
Operational-mode commands;
Navigating the configuration hierarchy; and
Committing a new configuration.
top related