close
keyboard_arrow_left
Table of Contents
- play_arrow Overview
- play_arrow Junos Automation Scripts Overview
- play_arrow Junos XML Management Protocol and Junos XML API Overview
-
- play_arrow Automation Scripting Using XSLT
- play_arrow XSLT Overview
- play_arrow Standard XPath and XSLT Functions Used in Automation Scripts
- play_arrow Standard XSLT Elements and Attributes Used in Automation Scripts
-
- play_arrow Automation Scripting Using SLAX
- play_arrow SLAX Overview
- SLAX Overview
- SLAX Syntax Rules Overview
- SLAX Elements and Element Attributes Overview
- SLAX Elements as Function Arguments
- Understanding SLAX Default Namespaces
- XPath Expressions Overview for SLAX
- SLAX Templates Overview
- SLAX Functions Overview
- SLAX Parameters Overview
- SLAX Variables Overview
- SLAX Statements Overview
- XSLT Elements Without SLAX Equivalents
- SLAX Operators
- play_arrow SLAX Statements
- append
- apply-imports
- apply-templates
- attribute
- attribute-set
- call
- copy-node
- copy-of
- decimal-format
- element
- else
- else if
- expr
- fallback
- for
- for-each
- function
- if
- import
- key
- match
- message
- mode
- mvar
- number
- output-method
- param
- preserve-space
- priority
- processing-instruction
- result
- set
- sort
- strip-space
- template
- terminate
- trace
- uexpr
- use-attribute-sets
- var
- version
- while
- with
- play_arrow The libslax Distribution for Automation Scripting
- libslax Distribution Overview
- libslax Library and Extension Libraries Overview
- Download and Install the libslax Distribution
- libslax Default Extension Libraries: bit, curl, db, os, and xutil
- Understanding the SLAX Processor (slaxproc)
- How to Use the SLAX Processor (slaxproc)
- SLAX Debugger, Profiler, and callflow
-
- play_arrow Automation Scripting Using Python
- play_arrow Python Overview
- Understanding Python Automation Scripts for Junos Devices
- Requirements for Executing Python Automation Scripts on Junos Devices
- Overview of Python Modules on Junos Devices
- How to Use Python Interactive Mode on Devices Running Junos OS
- How to Use the psutil Module to Retrieve Process and System Information on Devices Running Junos OS
- How to Use the Requests Library for Python on Devices Running Junos OS
- IPv6 Support in Python Automation Scripts
- How to Specify the Routing Instance in Python 3 Applications on Devices Running Junos OS Evolved
-
- play_arrow Automation Script Input
- play_arrow Global Parameters in Automation Scripts
-
- play_arrow Extension Functions and Named Templates for Automation Scripts
- play_arrow Extension Functions for Automation Scripting
- play_arrow Extension Functions in the jcs and slax Namespaces
- base64-decode() Function (SLAX)
- base64-encode() Function (SLAX)
- break-lines() Function (SLAX and XSLT)
- close() Function (SLAX and XSLT)
- dampen() Function (Python, SLAX, and XSLT)
- document() Function (SLAX)
- emit_error() Function (Python)
- emit_snmp_attributes Function (Python)
- emit_warning() Function (Python)
- empty() Function (SLAX and XSLT)
- evaluate() Function (SLAX)
- execute() Function (SLAX and XSLT)
- first-of() Function (SLAX and XSLT)
- get-command() Function (SLAX)
- get-hello() Function (SLAX and XSLT)
- get-input() Function (SLAX and XSLT) and get_input() (Python)
- get-protocol() Function (SLAX and XSLT)
- get-secret() Function (SLAX and XSLT) and get_secret() (Python)
- get_snmp_action() Function (Python)
- get_snmp_oid() Function (Python)
- hostname() Function (Python, SLAX, and XSLT)
- invoke() Function (SLAX and XSLT)
- open() Function (SLAX and XSLT)
- output() Function (Python, SLAX, and XSLT)
- parse-ip() Function (SLAX and XSLT) and parse_ip() (Python)
- printf() Function (Python, SLAX, and XSLT)
- progress() Function (Python, SLAX, and XSLT)
- regex() Function (SLAX and XSLT)
- set_routing_instance() Function (Python)
- sleep() Function (SLAX and XSLT)
- split() Function (SLAX and XSLT)
- sysctl() Function (Python, SLAX, and XSLT)
- syslog() Function (Python, SLAX, and XSLT)
- trace() Function (Python, SLAX, and XSLT)
- play_arrow Named Templates for Automation Scripting
- play_arrow Named Templates in the jcs Namespace
-
- play_arrow Manage Automation Scripts
- play_arrow Store and Enable Scripts
- play_arrow Configure a Remote Source for Scripts
- play_arrow Configure the Session Protocol for Scripts
- play_arrow Control Execution of Scripts
- play_arrow Synchronize Scripts Between Routing Engines
- play_arrow Convert Scripts Between SLAX and XSLT
-
- play_arrow Op Scripts
- play_arrow Op Scripts Overview
- play_arrow Create and Execute Op Scripts
- Required Boilerplate for Op Scripts
- Map Operational Mode Commands and Output Fields to Junos XML Notation
- How to Use RPCs and Operational Mode Commands in Op Scripts
- Declare and Use Command-Line Arguments in Op Scripts
- Configure Help Text for Op Scripts
- Define Operational Mode Commands to Allow in an Op Script
- Enable an Op Script and Define a Script Alias
- Configure Checksum Hashes for an Op Script
- Execute an Op Script on the Local Device
- Execute an Op Script from a Remote Site
- Disable an Op Script
- play_arrow Op Script Examples
- Change the Configuration Using SLAX and XSLT Scripts
- Example: Change the Configuration Using SLAX and XSLT Op Scripts
- Example: Change the Configuration Using Python Op Scripts
- Example: Customize Output of the show interfaces terse Command Using an Op Script
- Example: Display DNS Hostname Information Using an Op Script
- Example: Find LSPs to Multiple Destinations Using an Op Script
- Example: Restart an FPC Using an Op Script
- Example: Export Files Using an Op Script
- Example: Import Files Using an Op Script
- Example: Search Files Using an Op Script
- play_arrow Provision Services Using Service Template Automation
- play_arrow Troubleshoot Op Scripts
-
- play_arrow Event Policies and Event Scripts
- play_arrow Event Policy Overview
- play_arrow Event Policy Triggers
- Use Correlated Events to Trigger an Event Policy
- Trigger an Event Policy Based on Event Count
- Example: Trigger an Event Policy Based on Event Count
- Use Regular Expressions to Refine the Set of Events That Trigger a Policy
- Example: Controlling Event Policy Using a Regular Expression
- Generate Internal Events to Trigger Event Policies
- Use Nonstandard System Log Messages to Trigger Event Policies
- Junos Logger Utility
- play_arrow Event Policy Actions
- Configure an Event Policy to Execute Operational Mode Commands
- Configure an Event Policy to Change the Configuration
- Example: Changing the Configuration Using an Event Policy
- Example: Changing the Interface Configuration in Response to an Event
- Execute Event Scripts in an Event Policy
- Change the Configuration Using an Event Script
- Configuring an Event Policy to Pass Arguments to an Event Script
- Configure Event Policies to Ignore an Event
- Example: Ignore Events Based on Receipt of Other Events
- Overview of Using Event Policies to Raise SNMP Traps
- Example: Raise an SNMP Trap in Response to an Event
- Understanding the Event System Log Priority in an Event Policy
- Example: Configuring the Event System Log Priority in an Event Policy
- Example: Limit Event Script Output Based on a Specific Event Type
- play_arrow Configure Event Policy File Archiving
- play_arrow Configure Event Policy Privileges
- play_arrow Event Scripts Overview
- play_arrow Create and Execute Event Scripts
- play_arrow Troubleshoot Event Policies and Event Scripts
-
- play_arrow SNMP Scripts
- play_arrow SNMP Scripts Overview
- play_arrow Create and Execute SNMP Scripts
- play_arrow SNMP Script Example
- play_arrow Troubleshoot SNMP Scripts
-
- play_arrow Configuration Statements and Operational Commands
list Table of Contents
keyboard_arrow_right
Example: Load a Base Configuration
date_range
14-Jul-21
This commit script example sets up a sample base configuration on a device running Junos OS.
Overview and Commit Script
This script is a macro that sets up a device running Junos OS with a sample base configuration. With minimal manual user input, the script automatically configures:
A device hostname
Authentication services
A superuser login
System log settings
Some SNMP settings
System services, such as FTP and Telnet
Static routes and a policy to redistribute the static routes
Configuration groups
re0andre1An address for the management Ethernet interface (fxp0)
The loopback interface (lo0) with the device ID as the loopback address
The example script is shown in both XSLT and SLAX syntax:
XSLT Syntax
content_copy zoom_out_map
<?xml version="1.0" standalone="yes"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:junos="http://xml.juniper.net/junos/*/junos" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm" xmlns:jcs="http://xml.juniper.net/junos/commit-scripts/1.0"> <xsl:import href="../import/junos.xsl"/> <xsl:variable name="macro-name" select="'config-system.xsl'"/> <xsl:template match="configuration"> <xsl:variable name="rid" select="routing-options/router-id"/> <xsl:for-each select="apply-macro[name = 'config-system']"> <xsl:variable name="hostname" select="data[name = 'host-name']/value"/> <xsl:variable name="fxp0-addr" select="data[name = 'mgmt-address']/value"/> <xsl:variable name="backup-router" select="data[name = 'backup-router']/value"/> <xsl:variable name="bkup-rtr"> <xsl:choose> <xsl:when test="$backup-router"> <xsl:value-of select="$backup-router"/> </xsl:when> <xsl:otherwise> <xsl:variable name="fxp01" select="substring-before($fxp0-addr, '.')"/> <xsl:variable name="fxp02" select="substring-before(substring-after($fxp0-addr, '.'), '.')"/> <xsl:variable name="fxp03" select="substring-before(substring-after(substring-after( $fxp0-addr, '.'), '.'), '.')"/> <xsl:variable name="plen" select="substring-after($fxp0-addr, '/')"/> <xsl:choose> <xsl:when test="$plen = 22"> <xsl:value-of select="concat($fxp01, '.', $fxp02, '.', $fxp03 div 4 * 4 + 3, '.254')"/> </xsl:when> <xsl:when test="$plen = 24"> <xsl:value-of select="concat($fxp01, '.', $fxp02, '.', $fxp03, '.254')"/> </xsl:when> </xsl:choose> </xsl:otherwise> </xsl:choose> </xsl:variable> <xsl:choose> <xsl:when test="not($rid) or not($hostname) or not($fxp0-addr)"> <xnm:error> <message> Must set router ID, host-name and mgmt-address to use this script. </message> </xnm:error> </xsl:when> <xsl:otherwise> <transient-change> <system> <!-- Set the following --> <domain-name>your-domain.net</domain-name> <domain-search>domain.net</domain-search> <backup-router> <address><xsl:value-of select="$bkup-rtr"/></address> </backup-router> <time-zone>America/Los_Angeles</time-zone> <authentication-order>radius</authentication-order> <authentication-order>password</authentication-order> <root-authentication> <encrypted-password> $ABC123 </encrypted-password> </root-authentication> <name-server> <name>192.168.5.68</name> </name-server> <name-server> <name>172.17.28.100</name> </name-server> <radius-server> <name>192.168.170.241</name> <secret> $ABC123 </secret> </radius-server> <radius-server> <name>192.168.4.240</name> <secret> $ABC123 </secret> </radius-server> <login> <class> <permissions>all</permissions> </class> <user> <name>johnny</name> <uid>928</uid> <class>superuser</class> <authentication> <encrypted-password> $ABC123 </encrypted-password> </authentication> </user> </login> <services> <finger/> <ftp/> <ssh/> <telnet/> <xnm-clear-text/> </services> <syslog> <user> <name>*</name> <contents> <name>any</name> <emergency/> </contents> </user> <host> <name>host1</name> <contents> <name>any</name> <notice/> </contents> <contents> <name>interactive-commands</name> <any/> </contents> </host> <file> <name>messages</name> <contents> <name>any</name> <notice/> </contents> <contents> <name>any</name> <warning/> </contents> <contents> <name>authorization</name> <info/> </contents> <archive> <world-readable/> </archive> </file> <file> <name>security</name> <contents> <name>interactive-commands</name> <any/> </contents> <archive> <world-readable/> </archive> </file> </syslog> <processes> <routing> <undocumented><enable/></undocumented> </routing> <snmp> <undocumented><enable/></undocumented> </snmp> <ntp> <undocumented><enable/></undocumented> </ntp> <inet-process> <undocumented><enable/></undocumented> </inet-process> <mib-process> <undocumented><enable/></undocumented> </mib-process> <undocumented><management><enable/> </undocumented></management> <watchdog> <enable/> </watchdog> </processes> <ntp> <boot-server>domain.net</boot-server> <server> <name>domainr.net</name> </server> </ntp> </system> <snmp> <location>Software lab</location> <contact>Michael Landon</contact> <interface>fxp0.0</interface> <community> <name>public</name> <authorization>read-only</authorization> <clients> <name>0.0.0.0/0</name> <restrict/> </clients> <clients> <name>192.168.1.252/32</name> </clients> <clients> <name>10.197.169.222/32</name> </clients> <clients> <name>10.197.169.188/32</name> </clients> <clients> <name>10.197.169.193/32</name> </clients> <clients> <name>192.168.65.46/32</name> </clients> <clients> <name>10.209.152.0/23</name> </clients> </community> <community> <name>private</name> <authorization>read-write</authorization> <clients> <name>0.0.0.0/0</name> <restrict/> </clients> <clients> <name>10.197.169.188/32</name> </clients> </community> </snmp> <routing-options> <static> <junos:comment>/* safety precaution */</junos:comment> <route> <name>0.0.0.0/0</name> <discard/> <retain/> <no-readvertise/> </route> <junos:comment>/* corporate net */</junos:comment> <route> <name>172.16.0.0/12</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* lab nets */</junos:comment> <route> <name>192.168.0.0/16</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* reflector */</junos:comment> <route> <name>10.17.136.192/32</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* another lab1*/</junos:comment> <route> <name>10.10.0.0/16</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* ssh servers */</junos:comment> <route> <name>10.17.136.0/24</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* Workstations */</junos:comment> <route> <name>10.150.0.0/16</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* Hosts */</junos:comment> <route> <name>10.157.64.0/19</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> <junos:comment>/* Build Servers */</junos:comment> <route> <name>10.10.0.0/16</name> <next-hop><xsl:value-of select="$bkup-rtr"/></next-hop> <retain/> <no-readvertise/> </route> </static> </routing-options> <policy-options> <policy-statement> <name>redist</name> <from> <protocol>static</protocol> </from> <then> <accept/> </then> </policy-statement> </policy-options> <apply-groups>re0</apply-groups> <apply-groups>re1</apply-groups> <groups> <name>re0</name> <system> <host-name> <xsl:value-of select="$hostname"/></host-name> </system> <interfaces> <interface> <name>fxp0</name> <unit> <name>0</name> <family> <inet> <address> <name> <xsl:value-of select="$fxp0-addr"/> </name> </address> </inet> </family> </unit> </interface> </interfaces> </groups> <groups> <name>re1</name> </groups> <interfaces> <interface> <name>lo0</name> <unit> <name>0</name> <family> <inet> <address> <name><xsl:value-of select="$rid"/></name> </address> </inet> </family> </unit> </interface> </interfaces> </transient-change> </xsl:otherwise> </xsl:choose> </xsl:for-each> </xsl:template> </xsl:stylesheet>
SLAX Syntax
content_copy zoom_out_map
version 1.0;
ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
import "../import/junos.xsl";
var $macro-name = 'config-system.xsl';
match configuration {
var $rid = routing-options/router-id;
for-each (apply-macro[name = 'config-system']) {
var $hostname = data[name = 'host-name']/value;
var $fxp0-addr = data[name = 'mgmt-address']/value;
var $backup-router = data[name = 'backup-router']/value;
var $bkup-rtr = {
if ($backup-router) {
expr $backup-router;
}
else {
var $fxp01 = substring-before($fxp0-addr,'.');
var $fxp02 = substring-before(substring-after($fxp0-addr, '.'), '.');
var $fxp03 = substring-before(substring-after(substring-after(
$fxp0- addr, '.'), '.'), '.');
var $plen = substring-after($fxp0-addr, '/');
if ($plen = 22) {
expr $fxp01 _ '.' _ $fxp02 _ '.' _ $fxp03 div 4 * 4 + 3 _ '.254';
}
else if ($plen = 24) {
expr $fxp01 _ '.' _ $fxp02 _ '.' _ $fxp03 _ '.254';
}
}
}
if (not($rid) or not($hostname) or not($fxp0-addr)) {
<xnm:error> {
<message> "Must set router ID, host-name, and mgmt-address to use
this script.";
}
}
else {
<transient-change> {
<system> {
/* Set the following */
<domain-name> "your-domain.net";
<domain-search> "domain.net";
<backup-router> {
<address> $bkup-rtr;
}
<time-zone> "America/Los_Angeles";
<authentication-order> "radius";
<authentication-order> "password";
<root-authentication> {
<encrypted-password>
"$ABC123";
}
<name-server> {
<name> "192.168.5.68";
}
<name-server> {
<name> "172.17.28.100";
}
<radius-server> {
<name> "192.168.170.241";
<secret> "$ABC123";
}
<radius-server> {
<name> "192.168.4.240";
<secret> "$ABC123";
}
<login> {
<class> {
<permissions> "all";
}
<user> {
<name> "johnny";
<uid> "928";
<class> "superuser";
<authentication> {
<encrypted-password>"$ABC123";
}
}
}
<services> {
<finger>;
<ftp>;
<ssh>;
<telnet>;
<xnm-clear-text>;
}
<syslog> {
<user> {
<name> "*";
<contents> {
<name> "any";
<emergency>;
}
}
<host> {
<name> "host1";
<contents> {
<name> "any";
<notice>;
}
<contents> {
<name> "interactive-commands";
<any>;
}
}
<file> {
<name> "messages";
<contents> {
<name> "any";
<notice>;
}
<contents> {
<name> "any";
<warning>;
}
<contents> {
<name> "authorization";
<info>;
}
<archive> {
<world-readable>;
}
}
<file> {
<name> "security";
<contents> {
<name> "interactive-commands";
<any>;
}
<archive> {
<world-readable>;
}
}
}
<processes> {
<routing> {
<undocumented><enable>;
}
<snmp> {
<undocumented><enable>;
}
<ntp> {
<undocumented><enable>;
}
<inet-process> {
<undocumented> <enable>;
}
<mib-process> {
<undocumented> <enable>;
}
<undocumented><management> {
<enable>;
}
<watchdog> {
<enable>;
}
<ntp> {
<boot-server> "domain.net";
<server> {
<name> "domainr.net";
}
}
}
<snmp> {
<location> "Software lab";
<contact> "Michael Landon";
<interface> "fxp0.0";
<community> {
<name> "public";
<authorization> "read-only";
<clients> {
<name> "0.0.0.0/0";
<restrict>;
}
<clients> {
<name> "192.168.1.252/32";
}
<clients> {
<name> "10.197.169.222/32";
}
<clients> {
<name> "10.197.169.188/32";
}
<clients> {
<name> "10.197.169.193/32";
}
<clients> {
<name> "192.168.65.46/32";
}
<clients> {
<name> "10.209.152.0/23";
}
}
<community> {
<name> "private";
<authorization> "read-write";
<clients> {
<name> "0.0.0.0/0";
<restrict>;
}
<clients> {
<name> "10.197.169.188/32";
}
}
}
<routing-options> {
<static> {
<junos:comment> "/* safety precaution */";
<route> {
<name> "0.0.0.0/0";
<discard>;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* corporate net */";
<route> {
<name> "172.16.0.0/12";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* lab nets */";
<route> {
<name> "192.168.0.0/16";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* reflector */";
<route> {
<name> "10.17.136.192/32";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* another lab1*/";
<route> {
<name> "10.10.0.0/16";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* ssh servers */";
<route> {
<name> "10.17.136.0/24";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* Workstations */";
<route> {
<name> "10.150.0.0/16";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* Hosts */";
<route> {
<name> "10.157.64.0/19";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
<junos:comment> "/* Build Servers */";
<route> {
<name> "10.10.0.0/16";
<next-hop> $bkup-rtr;
<retain>;
<no-readvertise>;
}
}
}
<policy-options> {
<policy-statement> {
<name> "redist";
<from> {
<protocol> "static";
}
<then> {
<accept>;
}
}
}
<apply-groups> "re0";
<apply-groups> "re1";
<groups> {
<name> "re0";
<system> {
<host-name> $hostname;
}
<interfaces> {
<interface> {
<name> "fxp0";
<unit> {
<name> "0";
<family> {
<inet> {
<address> {
<name> $fxp0-addr;
}
}
}
}
}
}
}
<groups> {
<name> "re1";
}
<interfaces> {
<interface> {
<name> "lo0";
<unit> {
<name> "0";
<family> {
<inet> {
<address> {
<name> $rid;
}
}
}
}
}
}
}
}
}
}Configuration
Procedure
Step-by-Step Procedure
To download, enable, and test the script:
Copy the script into a text file, name the file config-system.xsl or config-system.slax as appropriate, and copy it to the /var/db/scripts/commit/ directory on the device.
Select the following test configuration stanzas, and press Ctrl+c to copy them to the clipboard.
If you are using the SLAX version of the script, change the filename at the
[edit system scripts commit file]hierarchy level to config-system.slax.content_copy zoom_out_mapsystem { scripts { commit { allow-transients; file config-system.xsl; } } } apply-macro config-system { host-name test; mgmt-address 10.0.0.1/32; backup-router 10.0.0.2; }The
host-nameandmgmt-addressstatements are mandatory. Thebackup-routerstatement is optional. You can substitute a hostname, a management Ethernet (fxp0) IP address, and a backup router IP address that are appropriate for your device.In configuration mode, issue the
load merge terminalcommand to merge the stanzas into your device configuration.content_copy zoom_out_map[edit] user@host# load merge terminal [Type ^D at a new line to end input] ... Paste the contents of the clipboard here ...
At the prompt, paste the contents of the clipboard by using the mouse and the paste icon.
Press Enter.
Press Ctrl+d.
Commit the configuration.
content_copy zoom_out_mapuser@host# commit
Verification
Verifying the Configuration
Purpose
Verify that the script behaves as expected.
Action
After committing the configuration, issue the show
| display commit-scripts configuration mode command to view
the device base configuration.
content_copy zoom_out_map
user@host# show | display commit-scripts ...
