- play_arrow Overview
- play_arrow Junos XML Management Protocol and Junos XML API Overview
- play_arrow Junos XML Protocol and Junos XML Tags Overview
- XML and Junos OS Overview
- XML Overview
- XML and Junos XML Management Protocol Conventions Overview
- Map Junos OS Commands and Command Output to Junos XML Tag Elements
- Map Configuration Statements to Junos XML Tag Elements
- Using Configuration Response Tag Elements in Junos XML Protocol Requests and Configuration Changes
- play_arrow Junos XML Protocol and JSON Overview
-
- play_arrow Manage Configurations Using the Junos XML Protocol
- play_arrow Change the Configuration Using the Junos XML Protocol
- Request Configuration Changes Using the Junos XML Protocol
- Upload and Format Configuration Data in a Junos XML Protocol Session
- Upload Configuration Data as a File Using the Junos XML Protocol
- Upload Configuration Data as a Data Stream Using the Junos XML Protocol
- Define the Format of Configuration Data to Upload in a Junos XML Protocol Session
- Specify the Scope of Configuration Data to Upload in a Junos XML Protocol Session
- Replace the Configuration Using the Junos XML Protocol
- Create, Modify, or Delete Configuration Elements Using the Junos XML Protocol
- Create New Elements in Configuration Data Using the Junos XML Protocol
- Merge Elements in Configuration Data Using the Junos XML Protocol
- Replace Elements in Configuration Data Using the Junos XML Protocol
- Replace Only Updated Elements in Configuration Data Using the Junos XML Protocol
- Delete Elements in Configuration Data Using the Junos XML Protocol
- Rename Objects In Configuration Data Using the Junos XML Protocol
- Reorder Elements In Configuration Data Using the Junos XML Protocol
- Protect or Unprotect a Configuration Object Using the Junos XML Protocol
- Change a Configuration Element’s Activation State Using the Junos XML Protocol
- Change a Configuration Element’s Activation State Simultaneously with Other Changes Using the Junos XML Protocol
- Replace Patterns in Configuration Data Using the NETCONF or Junos XML Protocol
- play_arrow Commit the Configuration on a Device Using the Junos XML Protocol
- Verify Configuration Syntax Using the Junos XML Protocol
- Commit the Candidate Configuration Using the Junos XML Protocol
- Commit a Private Copy of the Configuration Using the Junos XML Protocol
- Commit a Configuration at a Specified Time Using the Junos XML Protocol
- Commit the Candidate Configuration Only After Confirmation Using the Junos XML Protocol
- Commit and Synchronize a Configuration on Redundant Control Planes Using the Junos XML Protocol
- Log a Message About a Commit Operation Using the Junos XML Protocol
- View the Configuration Revision Identifier for Determining Synchronization Status of Devices with NMS
- play_arrow Ephemeral Configuration Database
- Understanding the Ephemeral Configuration Database
- Unsupported Configuration Statements in the Ephemeral Configuration Database
- Enable and Configure Instances of the Ephemeral Configuration Database
- Commit and Synchronize Ephemeral Configuration Data Using the NETCONF or Junos XML Protocol
- Managing Ephemeral Configuration Database Space
-
- play_arrow Request Operational and Configuration Information Using the Junos XML Protocol
- play_arrow Request Operational Information Using the Junos XML Protocol
- play_arrow Request Configuration Information Using the Junos XML Protocol
- Request Configuration Data Using the Junos XML Protocol
- Specify the Source for Configuration Information Requests in a Junos XML Protocol Session
- Specify the Output Format for Configuration Data in a Junos XML Protocol Session
- Request Commit-Script-Style XML Configuration Data Using the Junos XML Protocol
- Specify the Output Format for Configuration Groups and Interface Ranges Using the Junos XML Protocol
- Request Identifier Indicators for Configuration Elements Using the Junos XML Protocol
- Request Change Indicators for Configuration Elements Using the Junos XML Protocol
- Specify the Scope of Configuration Data to Return in a Junos XML Protocol Session
- Request the Complete Configuration Using the Junos XML Protocol
- Request a Configuration Hierarchy Level or Container Object Without an Identifier Using the Junos XML Protocol
- Request All Configuration Objects of a Specific Type Using the Junos XML Protocol
- Request a Specific Number of Configuration Objects Using the Junos XML Protocol
- Request Identifiers for Configuration Objects of a Specific Type Using the Junos XML Protocol
- Request a Single Configuration Object Using the Junos XML Protocol
- Request Subsets of Configuration Objects Using Regular Expressions
- Request Multiple Configuration Elements Using the Junos XML Protocol
- Retrieve a Previous (Rollback) Configuration Using the Junos XML Protocol
- Retrieve the Rescue Configuration Using the Junos XML Protocol
- Compare the Active or Candidate Configuration to a Prior Version Using the Junos XML Protocol
- Compare Two Previous (Rollback) Configurations Using the Junos XML Protocol
- Request an XML Schema for the Configuration Hierarchy Using the Junos XML Protocol
-
- play_arrow Junos XML Protocol Utilities
- play_arrow Develop Junos XML Protocol C Client Applications
-
- play_arrow Configuration Statements and Operational Commands
Satisfy the Prerequisites for Establishing a Connection to the Junos XML Protocol Server
To enable a client application to establish a connection to the Junos XML protocol server, you must satisfy the requirements that are applicable to all access protocols as well as your specific access protocol as discussed in the following sections:
Prerequisites for All Access Protocols
A client application must be able to log in to each device on which it establishes a connection with the Junos XML protocol server. The following instructions explain how to create a Junos login account for the application. Alternatively, you can skip this section and enable authentication through RADIUS or TACACS+. For more information about creating user accounts and enabling authentication, see the Junos OS User Access and Authentication User Guide for Routing Devices .
To determine whether a login account exists on a device running Junos OS, enter the CLI configuration mode on the device and issue the following commands:
[edit system login] user@host# show user account-name
If the appropriate account does not exist, perform the following steps:
Prerequisites for Clear-Text Connections
A client application that uses the Junos XML protocol-specific clear-text access protocol sends unencrypted text directly over a TCP connection without using any additional protocol (such as SSH, SSL, or Telnet).
Devices running the Junos-FIPS software do not accept Junos XML protocol clear-text connections. We recommend that you do not use the clear-text protocol in a Common Criteria environment. For more information, see the Secure Configuration Guide for Common Criteria and Junos-FIPS.
To enable client applications to use the clear-text protocol to connect to the Junos XML protocol server, perform the following steps:
Prerequisites for SSH Connections
To enable a client application to use the SSH protocol to connect to the Junos XML protocol server, perform the following steps:
Prerequisites for Outbound SSH Connections
The outbound SSH feature allows the initiation of an SSH session
between devices running Junos OS and Network and System Management
servers where client-initiated TCP/IP connections are blocked (for
example, when the device is behind a firewall). To configure outbound
SSH, you add an outbound-ssh
configuration statement to
the device. Once configured and committed, the device running Junos
OS will begin to initiate outbound SSH sessions with the configured
management clients. Once the outbound SSH session is initialized and
the connection is established, the management server initiates the
SSH sequence as the client and the device running Junos OS, acting
as the server, authenticates the client.
Setting up outbound SSH involves:
Configuring the device running Junos OS for outbound SSH
Configuring the management server for outbound SSH.
To configure the device for outbound SSH:
To set up the configuration management server:
Satisfy the prerequisites discussed in Prerequisites for All Access Protocols.
Enable the application to access the SSH software.
Obtain the SSH software and install it on the computer where the application runs. For information about obtaining and installing SSH software, see http://www.ssh.com and http://www.openssh.com.
(Optional) Manually install the device's public key for use with the SSH connection.
Configure the client system to receive and process initialization broadcast requests. The intialization requests use the following syntax:
If the secret attribute is configured, the device running Junos OS will send its public SSH key along with the intialization sequence (recommended method). When the key has been received, the client needs to determine what to do with the device’s public key. We recommend that you replace any current public SSH key for the device with the new key. This ensures that the client always has the current key available for authentication.
content_copy zoom_out_mapMSG-ID: DEVICE-CONN-INFO\r\n MSG-VER: V1\r\n DEVICE-ID: <device-id>\r\n HOST-KEY: <pub-host-key>\r\n HMAC: <HMAC(pub-SSH-host-key, <secret>)>\r\n
If the secret attribute is not configured, the device does not send its public SSH key along with the initialization sequence. You need to manually install the current public SSH key for the device.
content_copy zoom_out_mapMSG-ID: DEVICE-CONN-INFO\r\n MSG-VER: V1\r\n DEVICE-ID: <device-id>\r\n
Prerequisites for SSL Connections
To enable a client application to use the SSL protocol to connect to the Junos XML protocol server, perform the following steps:
Prerequisites for Telnet Connections
To enable a client application to use the Telnet protocol to access the Junos XML protocol server, perform the steps described in this section.
Devices running the Junos-FIPS software do not accept Telnet connections. We recommend that you do not use the Telnet protocol in a Common Criteria environment. For more information, see the Secure Configuration Guide for Common Criteria and Junos-FIPS.