JUNOS配置标注技巧

1. JUNOS commit/rollback配置标注: commit comment

之前谈过commit commnet这个技巧,在配置Juniper路由器的过程中,当每次使用JUNOS的commit命令激活新配置的时候。最近4次被激活提交的4个JUNOS配置文件会被压缩并放在/config目录底下。

[edit]
nigel@junos# run file list /config/ 

/config/:
juniper.conf.1.gz
juniper.conf.2.gz
juniper.conf.3.gz
juniper.conf.gz
rescue.conf.gz

而为了使你在日后使用JUNOS的rollback功能,更早以前的其余45个JUNOS配置文件则被另外存放在另一个目录/var/db/config/底下。

[edit]
nigel@junos# run file list /var/db/config/ | count
Count: 47 lines

当然,与在Cisco IOS上使用configuration archive实现类JUNOS的rollback相比,JUNOS配置回滚具有明显的优势。同时,使用JUNOS的commit comment命令,在激活提交该关键的JUNOS配置的同时,为这次提交激活的JUNOS配置文件添加标注,是一个很好的习惯。简单的标注文字,让你能确定JUNOS系统将恢复到你希望的得到的配置结果上面。

nigel@junos# set system root-authentication
plain-text-password
New password:
Retype new password:

[edit]
nigel@junos# commit comment "root auth."
commit complete

[edit]
nigel@junos# run show system commit
0   2008-05-10 01:51:04 CST by nigel via cli
    root auth.
1   2008-05-10 01:19:01 CST by nigel via cli
2   2008-05-10 09:10:09 CST by nigel via cli
3   2008-05-10 09:27:40 CST by nigel via cli 

2. Juniper JUNOS路由器接口标注: interface description

对于熟悉Cisco IOS技巧的Geek来说,对于接口标注这个特性应该不会感到陌生,包括接口链路速率,对端设备,以及对端接口等信息均可以通过JUNOS的description命令,被加入到接口描述标注当中。为网络工程师提供网络拓扑连接方面的协助。

[edit]
nigel@junos# set interfaces fxp0 description
"OoB Management"

[edit]
nigel@junos# run show interfaces fxp0
Physical interface: fxp0, Enabled, Physical link is Up
  Interface index: 1, SNMP ifIndex: 1
  Description: OoB Management
......
<!-- output omitted-->

3. JUNOS配置文件分段标注: annote

我个人最喜爱的JUNOS标注技巧,使用JUNOS的annote命令,可以将JUNOS配置文件进行分段标注,进一步加强基于层次化架构的JUNOS配置文件的可读性。譬如你可以在OSPF协议层次下面,为不同OSPF区域上加入区域特性,或者是该区域所覆盖的地理范围等参考提示信息。

[edit interfaces]
nigel@junos# annotate fxp0
"Network MGMT Interface"                                

[edit interfaces]
nigel@junos# show
/* Network MGMT Interface */
fxp0 {
    description "OoB Management";
    unit 0 {
        family inet {
            address 192.168.13.254/24;
        }
    }
}
fxp1 {
    vlan-tagging;
}
fxp2 {
    vlan-tagging;
}

4. Juniper JUNOS路由器banner信息标注:

与Cisco IOS路由器的banner motd类似,JUNOS的message命令也允许你设置一个当其他用户连接到Juniper路由器上的时候所显示的提示信息。如果你需要换行,可以使用\n作为标识符。

[edit system login]
nigel@junos#set message "==============================\n
Access to this device is limited to authorized users only
\nWARNING: All unauthorized access is prohibited.\n
=============================="

连接到Juniper JUNOS路由器上显示效果如下。

bogon:~ nigel$ telnet 192.168.13.254
Trying 192.168.13.254...
Connected to bogon.
Escape character is '^]'.
=========================================================
Access to this device is limited to authorized users only
 WARNING: All unauthorized access is prohibited.
=========================================================

5. Juniper JUNOS路由器登录欢迎信息标注

另外,对于成功登录Juniper JUNOS路由器的用户,你也可以使用JUNOS的announcement命令制定另外一段欢迎的信息。

[edit system login]
nigel@junos# set announcement "Welcome to JUNIPER JUNOS"

成功登录到Juniper JUNOS路由器后显示效果如下。

login: nigel
Password:

--- JUNOS 7.2R4.2 built 2006-02-14 07:33:49 UTC

Welcome to JUNIPER JUNOS

nigel@junos> 

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s