Backing Up an Installation Using Snapshots (Junos OS)
The installation process removes all stored files on the device except the juniper.conf and SSH files. Therefore, you should back up your current configuration in case you need to return to the current software installation after running the installation program. You can also recover the configuration file and the Junos OS if required.
Understanding How to Back Up an Installation on Switches
You can create copies of the software running on a switch using the system snapshot feature. The system snapshot feature takes a “snapshot” of the files currently used to run the switch—the complete contents of the /config and /var directories, which include the running Junos OS, the active configuration, and the rescue configuration—and copies all of these files into an alternate (internal, meaning internal flash, or an external, meaning USB flash) memory source. You can then use this snapshot to boot the switch at the next boot up or as a backup boot option.
Understanding System Snapshot on QFX Switches
On QFX3500 and QFX3600 switches running Enhanced Layer 2 Software, all of the directories that reside in the “/” partition are read only.
System snapshot is not supported on QFX10000 switches.
You can only use snapshots to move files to external memory if the switch was booted from internal memory, or to move files to internal memory if the switch was booted from external memory. You cannot create a snapshot in the memory source that booted the switch even if the snapshot is being created on a different partition in the same memory source.
Snapshots are particularly useful for moving files onto USB flash drives. You cannot
use the copy command or any other file-moving technique to move
files from an internal memory source to USB memory on the switch.
System snapshots on the switch have the following limitations:
-
You cannot use snapshots to move files to any destination outside of the switch other than an installed external USB flash drive.
-
Snapshot commands are always executed on a local switch.
Understanding System Snapshot on EX Series Switches
The switch can boot from either internal flash media or external (USB) flash media. The contents of the snapshot vary depending on whether you create the snapshot on the media that the switch booted from or on the media that it did not boot from.
Snapshots are particularly useful for moving files onto USB flash drives. You cannot
use the copy command or any other file-moving technique to move
files from an internal memory source to USB memory on the switch.
-
If you create the snapshot on the media that the switch did not boot from, the following partitions on the boot media are included in the snapshot: root, altroot, var, var/tmp, and config.
The root partition is the primary boot partition, and the altroot partition is the backup boot partition.
-
If you create the snapshot on the media that the switch booted from, the root partition that the switch booted from is copied to the alternate root partition. The var, var/tmp, and config partitions are not copied as part of the snapshot because they already exist on the boot media.
The system snapshot feature has the following limitations:
-
You cannot use snapshots to move files to any destination outside the switch other than an installed external USB flash drive or switches that are members of the same Virtual Chassis as the switch on which you created the snapshot.
-
Snapshot commands, like all commands executed on a Virtual Chassis, are executed on the local member switch. If different member switches request the snapshot, the snapshot command is pushed to the Virtual Chasis member creating the snapshot and is executed on that member, and the output is then returned to the switch that initiated the process. For instance, if the command to create an external snapshot on member 3 is entered on member 1, the snapshot of internal memory on member 3 is taken on external memory on member 3. The output of the process is seen on member 1. No files move between the switches.
Creating a Snapshot and Using It to Boot a QFX Series Switch
The system snapshot feature takes a “ snapshot” of the files currently used to run the device— the complete contents of the /config directories, which include the running Juniper Networks Junos OS, the active configuration, and the rescue configuration, as well as the host OS— and copies all of these files into an external USB flash drive.
You can use the snapshot to boot the device at the next bootup or as a backup boot option.
The system snapshot feature is especially effective as a bootup option after a partition corruption, as it is the only recovery option that allows you to completely restore the Junos OS and configuration in the event of a corrupted partition on a switch.
EX4600 and most QFX Series switches support snapshot via external USB. (EX4650 switches do not support system snapshot.)
The following products do not support system snapshot: QFabric and the QFX5110, QFX5200, and QFX10000 switches.
This topic includes the following tasks:
- Creating a Snapshot on an External USB Flash Drive and Using It to Boot a QFX Series Switch
- Creating a Snapshot and Using It to Boot a QFX3500 and QFX3600 Series Switch
Creating a Snapshot on an External USB Flash Drive and Using It to Boot a QFX Series Switch
A snapshot can be created on an external USB flash drive after a device is booted using files stored in internal memory.
Ensure that you have the following tools and parts available before creating a snapshot on an external USB flash drive:
An external USB flash drive that meets the device USB port specifications. See USB Port Specifications for the QFX Series.
To create a snapshot on the external USB flash drive and use it to boot the device:
Creating a Snapshot and Using It to Boot a QFX3500 and QFX3600 Series Switch
The system snapshot feature takes a “snapshot” of the files currently used to run the QFX Series switch—the complete contents of the /config and /var directories, which include the running Juniper Networks Junos OS, the active configuration, and the rescue configuration—and copies all of these files into an alternate (internal, meaning internal flash, or an external, meaning USB flash) memory source. You can then use these snapshots to boot the switch at the next bootup or as a backup boot option.
The system snapshot feature is especially effective as a bootup option after a partition corruption, as it is the only recovery option that allows you to completely restore the Junos OS and configuration in the event of a corrupted partition.
This topic includes the following tasks:
- Creating a Snapshot on a USB Flash Drive and Using It to Boot the Switch
- Creating a Snapshot on an Internal Flash Drive and Using it to Boot the Switch
- Creating a Snapshot on the Alternate Slice of the Boot Media
Creating a Snapshot on a USB Flash Drive and Using It to Boot the Switch
Creating a snapshot is not supported on QFX10000 switches.
A snapshot can be created on USB flash memory after a switch is booted using files stored in internal memory.
Ensure that you have the following tools and parts available before creating a snapshot on a USB Flash drive:
A USB flash drive that meets the QFX Series switch USB port specifications. See USB Port Specifications for the QFX Series.
To create a snapshot on USB flash memory and use it to boot the switch:
Creating a Snapshot on an Internal Flash Drive and Using it to Boot the Switch
A snapshot can be created on internal memory after a switch is booted using files stored in external memory.
To create a snapshot in internal memory and use it to boot the switch:
Creating a Snapshot on the Alternate Slice of the Boot Media
The alternate slice of the boot media contains a backup software image that the switch can boot from if it is unable to boot from the primary slice. When you upgrade software, the new software image gets copied only to the primary slice of the boot media.
To create a snapshot of the currently booted software image on the backup slice of the boot media:
user@switch> request system snapshot slice alternate
After the system boots up, you will see the following message before the login prompt:
WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP
JUNOS IMAGE
It is possible that the primary copy of JUNOS failed
to boot up properly, and so this device has booted up from the backup
copy.
Please re-install JUNOS to recover the primary
copy in case it has been corrupted.
The system will generate an alarm indicating that the switch has booted from the backup slice.
Creating a Snapshot and Using It to Boot an EX Series Switch
The system snapshot feature takes a “snapshot” of the files currently used to run the switch and copies them to an alternate storage location. You can then use this snapshot to boot the switch at the next bootup or as a backup boot option.
This topic includes the following tasks:
Creating a Snapshot on a USB Flash Drive and Using It to Boot the Switch
You can create a snapshot on USB flash memory after a switch is booted by using files stored in internal memory.
Ensure that you have the following tools and parts available before creating a snapshot on a USB flash drive:
A USB flash drive that meets the switch USB port specifications. See USB Port Specifications for an EX Series Switch.
To create a snapshot on USB flash memory and use it to boot the switch:
Creating a Snapshot and Using It to Boot an SRX Series Firewall
- Creating a Snapshot and Using It to Boot an SRX Series Firewall
- Backing Up the Current Installation on SRX Series Firewalls
Creating a Snapshot and Using It to Boot an SRX Series Firewall
This example shows how to configure a boot device.
Requirements
Before you begin, ensure that the backup device has a storage capacity of at least 1 GB. See Ensuring Sufficient Disk Space for Junos OS Upgrades on SRX Series Firewalls.
Overview
You can configure a boot device to replace the primary boot device on your SRX Series Firewall or to act as a backup boot device. Use either the J-Web user interface or the CLI to take a snapshot of the configuration currently running on the device, or of the original factory configuration and a rescue configuration, and save it to an alternate medium.
For media redundancy, we recommend that you keep a secondary storage medium attached to the SRX Series Firewall and updated at all times.
If the primary storage medium becomes corrupted and no backup medium is in place, you can recover the primary internal media from the TFTP installation.
You can also configure a boot device to store snapshots of software failures for use in troubleshooting.
You cannot copy software to the active boot device.
After a boot device is created with the default factory configuration, it can operate only in an internal media slot.
This example configures a boot device to back up the currently running and active file system partitions by rebooting from internal media and including only files shipped from the factory.
Topology
Configuration
Procedure
CLI Quick Configuration
To quickly configure this section of the example,
copy the following commands, paste them into a text file, remove any
line breaks, change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
From operational mode, enter:
user@host> request system snapshot partition media internal factory
GUI Quick Configuration
Step-by-Step Procedure
To configure a boot device:
In the J-Web user interface, select Maintain>Snapshot.
On the Snapshot page, specify the boot device to copy the snapshot to. From the Target Media list, select the internal boot device.
Select the Factory check box to copy only default files that were loaded on the internal media when it was shipped from the factory, plus the rescue configuration if one has been set.
Select the Partition check box to partition the medium that you are copying the snapshot to. This process is usually necessary for boot devices that do not already have software installed on them.
Click Snapshot.
Click OK to check your configuration and save it as a candidate configuration.
If you are done configuring the device, click Commit Options>Commit.
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode.
To configure a boot device:
user@host> request system snapshot partition media internal factory
Results
From configuration mode, confirm your configuration
by entering the show system snapshot media internal command.
If the output does not display the intended configuration, repeat
the configuration instructions in this example to correct it.
user@host> show system snapshot media internal
Information for snapshot on internal (/dev/ad0s1a) (backup) Creation date: Oct 9 13:30:06 2009 JUNOS version on snapshot: junos : 10.0B3.10-domestic Information for snapshot on internal (/dev/ad0s2a) (primary) Creation date: Jan 6 15:45:35 2010 JUNOS version on snapshot: junos : 10.2-20091229.2-domestic
If you are done configuring the device, enter commit from configuration mode.
Backing Up the Current Installation on SRX Series Firewalls
This topic includes the following sections:
- Backing Up the Current Installation on SRX5800, SRX5600, and SRX5400 Devices
- Backing Up the Current Installation on SRX300, SRX320, SRX340, SRX345, SRX380, SRX550M, SRX3400, and SRX3600 Devices
- Configuring External CompactFlash for SRX650 Devices
Backing Up the Current Installation on SRX5800, SRX5600, and SRX5400 Devices
Back up the current installation so that you can return to the current software installation. The installation process using the installation package (jinstall*, for example) removes all stored files on the device except the juniper.conf and SSH files. Therefore, you should back up your current configuration in case you need to return to the current software installation after running the installation program.
To back up Junos OS on the SRX Series Firewalls, issue the request system snapshot CLI operational command. This command saves the current software installation on the hard disk, external USB storage media device, or solid-state drive (SSD).
When the request system snapshot command is issued,
the /root file system is backed up
to /altroot, and /config is backed up to /altconfig. The /root and /config file systems are on the devices’s
CompactFlash card, and the /altroot and /altconfig file systems are
on the devices’s hard disk or or solid-state drive (SSD). When
the backup is completed, the current and backup software installations
are identical.
To copy the files to the device’s hard disk or solid-state drive (SSD), use the following command:
user@host> request system snapshot media
Backing Up the Current Installation on SRX300, SRX320, SRX340, SRX345, SRX380, SRX550M, SRX3400, and SRX3600 Devices
On SRX Series Firewalls, you can backup the current Junos OS image and configuration files onto a media (such as a USB or CompactFlash) so that you can retrieve it back if something goes wrong.
To back up the currently running and active file system partitions on the device, use the following command:
user@host> request system snapshot media
Following options are supported:
internal— Copies the snapshot to internal media.usb— Copies the snapshot to the USB storage device. This is the default option for SRX300, SRX320, SRX340, SRX345, SRX380, and SRX550M devices.external— Copies the snapshot to an external storage device. This option is available for the compact flash on the SRX650 Services Gateway only.
Configuring External CompactFlash for SRX650 Devices
Following procedure shows how to backup current installation on an SRX650 device.
The SRX650 Services Gateway includes the following 2 GB CompactFlash (CF) storage device:
The Services and Routing Engine (SRE) contains a hot-pluggable external CF storage device used to upload and download files.
The chassis contains an internal CF used to store the operating system.
By default, only the internal CF is enabled and an option to take a snapshot of the configuration from the internal CF to the external CF is not supported. This can be done only by using a USB storage device.
To take a snapshot of the configuration from the external CF:
Creating a Snapshot and Using It to Boot an ACX Series Router
- Understanding System Snapshot on an ACX Series Router
- Example: Taking a Snapshot of the Software and Configuration
Understanding System Snapshot on an ACX Series Router
The system snapshot feature enables you to create copies of
the software running on an ACX Series router. You can use the system
snapshot feature to take a “snapshot” of the files currently
used to run the router—the complete contents of the root (/) and /config directories, which include the running
Juniper Networks Juniper operating system (Junos OS) and the active
configuration—and copy all of these files to another media,
such as a universal serial bus (USB) storage device, the active slice
of a dual-root partitioned router, or the alternate slice of a dual-root
partitioned router.
Junos OS automatically uses the backup software if the
currently running software goes bad. For example, if the da0s1 slice goes bad, Junos OS automatically comes up using the da0s2 slice, and takes a snapshot of the da0s2 slice and copies
it to the da0s1 slice if the auto snapshot functionality
is configured, which is disabled by default. However, you can also
do this manually using the system snapshot feature.
In ACX5048 and ACX5096 routers, the system snapshot feature is applicable only when a USB storage device is used.
Typically, you can take a snapshot prior to the upgrade of an
image on the dual internal NAND flash device (da0s1 or da0s2), or to remedy a bad image, thereby preventing the bad
image from rendering the system useless. A snapshot to another media
ensures that the device can boot from the other media in case the
system does not boot up from the current image.
You can take a snapshot of the currently running software and configuration on a router in the following situations:
The router's active slice (for example,
da0s1) is updated with a new Junos OS image (using the jinstall package). In such a case, you must update the other slice (da0s2) with the new image.Note:The active slice can be
da0s1orda0s2.The router's active slice (for example,
da0s1) is corrupted and the router is rebooted from the backup slice (that is, fromda0s2). Therefore, you must restore a new image on the active slice—that is, onda0s1.Both slices of the router's dual internal NAND flash device are corrupted and the router continues trying to reboot. In this situation, you can insert a USB storage device, boot the router from that device, and restore the NAND flash device slices—
da0s1andda0s2.Note:Before you attempt to take a snapshot from the USB storage device, ensure that the USB storage device contains an image of Junos OS from which the router can boot up.
See Also
Example: Taking a Snapshot of the Software and Configuration
This example includes six scenarios in which you can take a snapshot of the currently running software and configuration on an ACX Series router, prior to the upgrade of an image or to remedy a bad image, thereby preventing the bad image from rendering the system useless.
Taking a Snapshot
- Step-by-Step Procedure
- Step-by-Step Procedure
- Step-by-Step Procedure
- Step-by-Step Procedure
- Step-by-Step Procedure
- Step-by-Step Procedure
Step-by-Step Procedure
Scenario: To take a snapshot from a NAND flash device slice to a USB storage device:
Boot up the router from the NAND flash device and make sure that a formatted USB storage device is plugged in to the router’s USB port. The USB storage device must be formatted for the root (
/) and/configdirectories.Issue the
request system snapshotcommand.user@host> request system snapshot Verifying compatibility of destination media partitions... Running newfs (254MB) on usb media / partition (da1s1a)... Running newfs (47MB) on usb media /config partition (da1s1e)... Copying '/dev/da0s2a' to '/dev/da1s1a' .. (this may take a few minutes) Copying '/dev/da0s2e' to '/dev/da1s1e' .. (this may take a few minutes) The following filesystems were archived: / /config
The root (
/) and/configdirectories from the currently mounted NAND flash slice are copied to the USB storage device.
Step-by-Step Procedure
Scenario: To take a snapshot from a NAND flash device slice to a USB storage device with formatting:
Boot up the router from the NAND flash device and make sure that a USB storage device is plugged in to the router’s USB port.
Note:Formatting a USB storage device deletes all the data on the USB storage device.
Issue the
request system snapshot partitioncommand.user@host> request system snapshot partition clearing current label... Partitioning usb media (da1) ... Partitions on snapshot: Partition Mountpoint Size Snapshot argument a / 312MB root-size e /config 47MB config-size f /var 620MB var-size Running newfs (312MB) on usb media / partition (da1s1a)... Running newfs (47MB) on usb media /config partition (da1s1e)... Running newfs (620MB) on usb media /var partition (da1s1f)... Copying '/dev/da0s2a' to '/dev/da1s1a' .. (this may take a few minutes) Copying '/dev/da0s2e' to '/dev/da1s1e' .. (this may take a few minutes) The following filesystems were archived: / /configAfter the USB storage device is formatted, the root (
/) and/configdirectories from the currently mounted NAND flash slice are copied to the USB storage device.
Step-by-Step Procedure
Scenario: To take a snapshot from the active slice of the NAND flash device to the alternate slice:
Boot up the router from the NAND flash device.
Issue the
request system snapshot slice alternatecommand.user@host> request system snapshot slice alternate Verifying compatibility of destination media partitions... Running newfs (439MB) on internal media / partition (da0s1a)... Running newfs (46MB) on internal media /config partition (da0s1e)... Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes) Copying '/dev/da0s2e' to '/dev/da0s1e' .. (this may take a few minutes) The following filesystems were archived: / /config
The root (
/) and/configdirectories from the currently mounted NAND flash slice are copied to the other slice.
Step-by-Step Procedure
Scenario: To take a snapshot from an active slice of the NAND flash device to the alternate slice after partitioning:
Boot up the router from the NAND flash device.
Issue the
request system snapshot partition slice alternatecommand.user@host> request system snapshot partition slice alternate Verifying compatibility of destination media partitions... Running newfs (439MB) on internal media / partition (da0s1a)... Running newfs (46MB) on internal media /config partition (da0s1e)... Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes) Copying '/dev/da0s2e' to '/dev/da0s1e' .. (this may take a few minutes) The following filesystems were archived: / /config
The BSD label (disk partitioning information) for the active flash slice is installed and then the root (
/) and/configdirectories from the currently mounted NAND flash slice are copied to the other slice.
Step-by-Step Procedure
Scenario: To take a snapshot from a USB storage device to the active slice of the NAND flash device:
Boot up the router from a USB storage device containing the required Junos OS image.
Issue the
request system snapshotcommand.user@host> request system snapshot Verifying compatibility of destination media partitions... Running newfs (439MB) on internal media / partition (da0s1a)... Running newfs (46MB) on internal media /config partition (da0s1e)... Copying '/dev/da1s1a' to '/dev/da0s1a' .. (this may take a few minutes) Copying '/dev/da1s1e' to '/dev/da0s1e' .. (this may take a few minutes) The following filesystems were archived: / /config
The root (
/) and/configdirectories from the USB storage device are copied to the active NAND flash slice.
Step-by-Step Procedure
Scenario: To take a snapshot from a USB storage device to the active slice of the NAND flash device after partitioning:
Boot up the router from a USB storage device containing the required Junos OS image.
Issue the
request system snapshot partitioncommand.user@host> request system snapshot partition Verifying compatibility of destination media partitions... Running newfs (439MB) on internal media / partition (da0s1a)... Running newfs (46MB) on internal media /config partition (da0s1e)... Copying '/dev/da1s1a' to '/dev/da0s1a' .. (this may take a few minutes) Copying '/dev/da1s1e' to '/dev/da0s1e' .. (this may take a few minutes) The following filesystems were archived: / /config
The BSD label (disk partitioning information) for the active flash slice is installed and then the root (
/) and/configdirectories from the USB storage device are copied to the active NAND flash slice.
Requirements
This example uses the following hardware and software components:
One ACX Series router
Junos OS Release 12.2 or later
Overview
In this example, the request system snapshot command
is used to take a copy of the currently running software and configuration
on another media—for example, a universal serial bus (USB) storage
device, the active slice (da0s1 or da0s2) of
a dual-root partitioned router, or the alternate slice (da0s1 or da0s2) of a dual-root partitioned router. A snapshot
to another media ensures that the device can boot from the other media
in case the system does not boot up from the current image.
After you run the request system snapshot command, you cannot return to the previous version of the software,
because the running and backup copies of the software are identical.