Wednesday, October 19, 2011

Juniper SRX - Configuration Rollback


Overview

After you commit a configuration, it becomes the active configuration. For SRX Series devices running JUNOS Release 10.0 or later, 5 previous versions of commited configurations are saved, in addition to the active configuration. You can also create one rescue configuration, which allows you to have a known working configuration that you can roll back to at any time. For information about the configurations that are automatically saved, see KB15721.

You can make one of the previous configurations or the rescue configuration the active configuration by using therollback command. 


J-Web Configuration

Reviewing Configurations Available for Rollback

To review the configurations available for rollback:

  1. Select Maintain>Config Management>History. All configurations available for rollback are listed.

Comparing the Active Configuration to a Previous Configuration

To compare the active configuration to a previous configuration:
  1. Select Maintain>Config Management>History. All configurations available for rollback are listed.
  2. To compare configurations, select the check box for two configurations, and click Compare. The differences between the configurations are listed.

Rolling Back to a Previous Configuration

To roll back to a previous configuration:

  1. Select Maintain>Config Management>History. All configurations available for rollback are listed.
  2. Click the Rollback link for the configuration for which you want to rollback.
  3. Click Commit to activate the configuration.

Creating and Rolling Back to a Rescue Configuration

A rescue configuration allows you to define a known working configuration or a configuration with a known state that you can roll back to at any time. This alleviates the necessity of having to remember the rollback number with the rollback command. You use the rescue configuration when you need to roll back to a known configuration or as a last resort if your router configuration and the backup configuration files become damaged beyond repair.

To create a rescue configuration:

  1. Select Maintain>Config Management>Rescue.
  2. Click the Set rescue configuration link.
  3. When prompted to confirm creating the rescue configuration, click OK.
To roll back to the rescue configuration, use the CLI. For more information, see CLI Configuration.



CLI Configuration


Reviewing Configurations Available for Rollback
To review the configurations available for rollback, use the rollback ? command:

user@host# rollback ?Possible completions:
<[Enter]> Execute this command
0 2010-02-01 10:35:44 GMT-8 by user via cli 
1 2010-01-31 23:28:46 GMT-8 by user via junoscript 
2 2010-01-21 16:58:32 GMT-8 by user via junoscript 
3 2010-01-22 08:54:40 GMT-8 by user via cli 
4 2010-01-22 00:37:31 GMT-8 by user via junoscript 
5 2010-01-22 16:27:37 GMT-8 by user via cli 
rescue 2010-01-21 16:59:44 GMT-8 by user via junoscript 
| Pipe through a command

In the previous example, a rescue configuration has been created and can be used for a rollback, in addition to the five previous active configurations. 

Comparing the Active Configuration to a Previous Configuration 

To compare the active configuration to a previous configuration, use the show config | compare rollbacknumber. In the following example, the active configuration is compared to previous configuration number 1.

user@host> show config | compare rollback 1
[edit system login]
+ user jdoe {
+ uid 2002;
+ class super-user;
+ authentication {
+ encrypted-password "$1$S71OgI/t$MQ4b/87d4GMs986Rd6vWK/"; ## SECRET-DATA
+ }
+ }

In this example, the difference between the two configurations is that a new user account was created. 


Rolling Back to a Previous Configuration

To roll back to a previous configuration, use the rollback command. In the following example, previous configuration number 2 is the configuration to be used for the rollback.

user@host# rollback 2load complete

After you have rolled back the configuration, you must use the commit command to activate the configuration:

user@host# commit

The configuration is now the active configuration.


Creating and Rolling Back to a Rescue Configuration
A rescue configuration allows you to define a known working configuration or a configuration with a known state that you can roll back to at any time. This alleviates the necessity of having to remember the rollback number with the rollback command. You use the rescue configuration when you need to roll back to a known configuration or as a last resort if your router configuration and the backup configuration files become damaged beyond repair.  

To create a rescue configuration, use the request system configuration rescue save operational mode command:

user@host> request system configuration rescue saveTo roll back to the rescue configuration, use the rollback rescue command:

user@host# rollback rescue
load completeAfter rolling back to the rescue configuration, you must commit the configuration to activate it:

user@host# commitOn SRX100, SRX210, SRX240, and SRX650 devices, you can also press and quickly release the Reset Config button to load and commit the rescue configuration. For more information, see the hardware documentation for your device at http://www.juniper.net/techpubs/hardware/junos-srx/index.html.



Sumber : http://kb.juniper.net/InfoCenter/index?page=content&id=KB15788
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)