Monday 21 April 2014

Lock, block and unravel

Some tricks in Junos


Are you using these advanced features in Junos?  Or at least they're advanced in that not everyone seems to know about them.

Protect


This is a very useful feature that was quietly added to Junos a couple of years ago.

Almost all routers have critical sections in the configuration file.  If someone changes one of these sections (well at least without using commit confirmed), the day will take a turn for the worse.

With Junos 12, the protect keyword was added to the CLI interface.  Once a section of the configuration file has been protected, it can't be changed, unless it is first unprotect'ed.

In the configuration file, look for the protect: marker in the text to show this.  In Routlets that section appears with a darker background in the editor and a padlock icon in the outline view.  A warning will be shown if you try to edit it.  There's also a shortcut key to easily turn on protection for one or more lines of configuration, once they are stable.

Deactivate


This has been in Junos since year dot, and is well worth knowing about if you've not already seen it.

To take a section of configuration out of action for a while (e.g. to turn off some traceoptions until the next investigation), use the deactivate command from the CLI.  The section is still there to be seen in the configuration file, but will be ignored by the routing engine.  When it is needed again, use the activate command.

In the configuration file, look for the inactive: marker in the text to show this.  It is possible to have both inactive: and protect: on the same section, though this isn't too useful.

In Routlets, an inactive section appears with the configuration text greyed out in both the editor and outline tree.  Sections can be toggled between active and inactive with Ctrl+Shift+I.

Annotate


If you need to remember why a section of the router configuration has been done the way it is, or leave an explanation of those OSPF timers for the next person to work with the router, Junos has the annotate command.  This adds a comment to that section of the configuration file.

There are a couple of tips to working with annotate in the Junos CLI.  Firstly, you need to use "quotes" if the annotation contains more than one word (exactly the same as adding a description to an interface for example):

        annotate routing-options static route 10.0.1.1 "Through to the lab"
       
Also, to remove an annotation, annotate the section with nothing (in quotes):

        annotate routing-options static route 10.0.1.1 ""

Routlets tries to encourage the use of annotations.  They are very easy to use - just press Ctrl+Shift+A anywhere in the configuration section and start typing.  Once the annotation is there, Routlets will include that text in the outline view of the configuration tree, as a signpost to you or the next visitor.

Summary


These tricks in Junos add a lot of structure to the task of looking after router configurations.  They also make it easier for another engineer to make sense of a router configuration - to see which bits to edit at his or her peril, and to see why the configuration is the way it is.

This section in the tour of Routlets says more about how to take advantage of these features.  The visual indicators in the editor make them easier to see and review, and the hotkeys make them quick and easy to use.

Saturday 25 January 2014

F, G and H

Now where did I put it?


Finding where I, or someone else, put something is part of being human.  This is especially so when configuring and troubleshooting routers - configuration files are rarely short, and there's always more than one of them, subtly related to each other.

Here's some tips to help if you're working with Routlets - in increasing order of usefulness.

Find


No surprise here.  If you open a router configuration in Routlets, you can press Ctrl+F to search the configuration file.  You can do the same through the Junos CLI ( show | match ), though the editor shows the match in the context of the rest of the configuration file.

Go to


Junos configuration files are very neatly structured by section, and every section has a unique edit path, e.g. you'll see [edit interfaces ge-0/0/0 unit 0] in the CLI.  If you're a true CLI junky, you may have tried typing "cd" instead of "edit" to change levels?

Similarly Routlets can hop around a configuration file by edit path - press Ctrl+G.  At each level in the edit path the next level sections are shown (like pressing ? on the CLI), but there are a couple more tricks to know.

Wildcards - to save stepping through all the levels, start the edit path with the asterisk '*' symbol.  This will cut to a match at any level in the configuration file.  This is usually quicker than using Ctrl+F to find a match, as all the matches are listed to be reviewed at a glance.

CapsForHyphen - is a way to separate matching sections.  For example, a common 'collision' in a Junos edit path is between the top-level sections "routing-options" and "routing-instances" - normally with the CLI it is necessary to type the matching letters before the auto complete can work.  An upper case letter can be used in Routlets to cut through.  Just type "rO" to match ahead to the "o" of "options", after the hyphen '-' symbol.

Search


For when you don't know which router to look on (e.g. where was the IP address configured) try Ctrl+H to search.  This is a free text search and works from an index - there's no need to connect to any router.  All the normal search engine rules apply too - e.g. search for one or more words near each other, combine searches with 'and' and 'or', or "quote a phrase" for an exact search.

It seems like a small thing, but if a word is selected anywhere in Routlets when a search is started, the search defaults to that word.  This can come in very handy when troubleshooting.  For example to hunt down the source of a route in the output from a show route command, select that IP address and press Ctrl+H.  This will quickly get you to the router concerned.

Summary


These features make it easy to find your way around a set of routers.  Of course they are there on the menus and toolbars in Routlets, but you may find you can remember the keystokes now.

Saturday 2 March 2013

An introduction to Routlets

What is Routlets


Routlets is a relatively new configuration tool, designed to help with managing a network of Juniper routers.  The central feature of the product is the ability to directly edit a Junos router configuration file.

The editor in Routlets shows the same configuration file that would be returned by the show configuration command on the router.  This can then be edited, without the use of set and delete commands, and with a clear view of how the section that is being edited relates to the rest of the configuration file.

As would be expected, content assist is there in the editor to explain the structure of the sections in the configuration file as you go.  The content assist is even slightly enhanced compared to on the router, with the ability to jump to related sections in the configuration file, or show the related help topic for the proposed keyword.

Also linked to the editor there is the Outline View, which shows the sections in the configuration file, laid out in a tree. This tree can be used for copy and paste (or drag and drop) between sections.  Reordering the terms in a policy-statement or filter is easy with this, as is setting up a configuration group (as in apply-groups).

How to copy sections of configuration between routers is a really common question when getting to know Junos (e.g. using load merge terminal or show | display set from the CLI).  From the Outline View this can be done with drag and drop.

Offline Mode


For the Junos aficionados among you, the content assist in Routlets actually works by looking at the "Junos XML Schema", an XML file that can be requested from any Junos based router.  This provides the guide to the router configuration file, firstly to prompt for valid configuration sections, but also to validate the configuration file while you type, and show syntax highlighting in the editor.

When it connects to a router, Routlets automatically keeps a copy of both the Junos configuration file, and the related Junos XML Schema.  This means you can later open and edit that configuration file in an offline mode, if no connection to the router is available.

Any changes made while using Routlets offline can be saved back to the router, once a connection is possible.  The other option is to generate a "save script" to put in an email back to base.  For a typical network operations environment, especially where a VPN connection into the routers is not permitted or practical, this is a boon for those 'out of office' support moments.

Wrap up


This was a brief introduction to Routlets.  Please browse the tour on the website to see a more complete list of the features of Routlets, or download it and give it a try.