giovedì 17 dicembre 2009

Configuration Groups in Junos

Sometimes part of the configuration is repeated, or is necessary to ensure that some statements are always applied to interfaces, protocols or other configuration portion.

With JUNOS you can collect these sets of commands in a group, and then apply it to portions of the configuration. The comparison with a programming language can be like a subroutine or much better for the principle of "inheritance" of the object-oriented programming.
The result is a reduction in the code length, eliminating the possibility of typing errors or oversights. Finally a modification of an operating parameter in the group is directly reflected in the configuration of all the elements to which the group is applied.

When defining groups wildcar can be used to specify which portions of the code to apply the configuration.

The official reference for this statementi is
http://www.juniper.net/techpubs/en_US/junos9.6/information-products/topic-collections/swconfig-cli/id-11139566.html#id-11139566

Why did I introduce groups? Most of the fxp interfaces in all router for my JNCIP/JNCIE lab topology proposed in the previous post, use "family mpls" and "familiy iso" so why not save lots of typing and exercise the use of configuration groups ?

start defining the group:

[edit]
nick@zion# show groups | no-more 
isis-mpls {
    logical-systems {
        <*> {
            interfaces {
                <fxp*> {
                    unit <*> {
                        family iso;
                        family mpls;
                    }
                }
            }
        }
    }
}

and then apply the group to the all the system:


[edit]
nick@zion# set apply-groups isis-mpls

To display the effect of the configuration group is necessary to pipe the show command trough the "display inheritance" command as follow:


show logical-systems J1 interfaces | display inheritance    
fxp1 {
    unit 102 {
        description "------- LAN  J1-J2 ----------";
        vlan-id 102;
        family inet {
            address 10.0.5.1/24;
        }
        ##
        ## 'iso' was inherited from group 'isis-mpls'
        ##
        family iso;
        ##
        ## 'mpls' was inherited from group 'isis-mpls'
        ##
        family mpls;
    }
    unit 103 {
        description "------- link ptp J1 <-> J3 --";
        vlan-id 103;
        family inet {
            address 10.0.4.14/30;
        }
        ##
        ## 'iso' was inherited from group 'isis-mpls'
        ##
        family iso;
        ##
        ## 'mpls' was inherited from group 'isis-mpls'
        ##
        family mpls;
    }
...

or simply skipping the line with "#" in a concised form:

nick@zion#show logical-systems J1 interfaces | display inheritance | except # 
fxp1 {
    unit 102 {
        description "------- LAN  J1-J2 ----------";
        vlan-id 102;
        family inet {
            address 10.0.5.1/24;
        }
        family iso;
        family mpls;
    }
    unit 103 {
        description "------- link ptp J1 <-> J3 --";
        vlan-id 103;
        family inet {
            address 10.0.4.14/30;
        }
        family iso;
        family mpls;
    }
...

Other elements of the configuration are repetitive, and therefore can find an ideal location in the definition of the group, whose final configuration is thus:


[edit]
nick@zion# show groups | no-more  
isis-mpls {
    logical-systems {
        <*> {
            interfaces {
                 {
                    unit <*> {
                        family iso;
                        family mpls;
                    }
                }
            }
            protocols {
                rsvp {
                    interface all;
                }
                mpls {
                    interface all;
                }
                isis {
                    level 1 disable;
                    level 2 wide-metrics-only;
                    interface all {
                        point-to-point;
                    }
                }
            }
        }
    }
}

Some elements use different names in each logical router, so you must configure each specific command directly into the respective stanzas:

[edit]
nick@zion# show logical-systems J3 protocols | no-more    
isis {
    interface lo0.3 {
        passive;
    }
}

The result, like in the interface portion, is the union of both statements:

nick@zion#show logical-systems J3 | find protocols | display inheritance | except ##     
protocols {
    rsvp {
        interface all;
    }
    mpls {
        interface all;
    }
    isis {
        level 1 disable;
        level 2 wide-metrics-only;
        interface lo0.3 {                      
            passive;
        }
        interface all {
            point-to-point;
        }
    }
}

If you are not confortable using "display inheritance" or working without viewing some portions of the configuration, you can always use my starting configuration with the apply-groups, save the result of the "display inheritance" in a file and then replace the original configuration. In this case is better to use a regular expression to prevent stripping of the hashed password data ( quoted also with '##' ).

nick@zion# show | display inheritance | except "^\ *#" | save Jncip-Logical-System_L2_isis.confg  
Wrote 486 lines of output to 'Jncip-Logical-System_L2_isis.confg'
[edit]
nick@zion# load override Jncip-Logical-System_L2_isis.confg 
load complete

I promised complex scenarios and not just some simple CLI tricks, but is necessary to start with someting  solid to work on...

The complete configuration is available Here
Pubblicato da alle
Etichette:

Nessun commento:

Posta un commento

Iscriviti a: Commenti sul post (Atom)