JUNOS Default Groups

The JUNOS software provides a default, hidden configuration group called junos-defaults that is automatically applied to the configuration of your routing platform. The junos-defaults group contains preconfigured statements that contain predefined values for common applications. Some of the statements must be referenced to take effect, such as applications like File Transfer Protocol (FTP) or telnet. Other statements are applied automatically, such as terminal settings. All of the preconfigured statements begin with the reserved name junos-.

NOTE: You can override the JUNOS default configuration values, but you cannot delete or edit them. If you delete a configuration, the defaults return when a new configuration is added. You cannot use the apply-groups statement with the JUNOS defaults group.

To view the full set of available preset statements from the JUNOS default group, issue the show groups junos-defaults configuration mode command. The following example displays a partial list of junos default groups.

user@host> show groups junos-defaults

groups {

    junos-defaults {

        applications {

            #

            # File Transfer Protocol 

            #

            application junos-ftp {

                application-protocol ftp;

                protocol tcp;

                destination-port 21;

            }

            #

            # Trivial File Transfer Protocol 

            #

            application junos-tftp {

                application-protocol tftp;

                protocol udp;

                destination-port 69;

            }

            #

            # RPC portmapper on TCP 

            #

            application junos-rpc-portmap-tcp {

                application-protocol rpc-portmap;

                protocol tcp;

                destination-port 111;

            }

            #

            # RPC portmapper on UDP 

            #

            application junos-rpc-portmap-udp {

                application-protocol rpc-portmap;

                protocol udp;

                destination-port 111;

            }

        }

    }

}

To reference statements available from the junos-defaults group, include the selected junos-default-name statement at the applicable hierarchy level.

Example: Reference the Preset Statement from the JUNOS Default Group

The following example is a preset statement from the JUNOS default groups that is available for FTP in a stateful firewall:

[edit]

groups {

    junos-defaults {

        applications {

            application junos-ftp {                                                                            # Use FTP default configuration 

                application-protocol ftp; 

                protocol tcp;

                destination-port 21;

            }

        }

    }

}

To reference a preset JUNOS default statement from the JUNOS default groups, include the junos-default-name statement at the applicable hierarchy level. For example, to reference the JUNOS default statement for FTP in a stateful firewall, include the junos-ftp statement at the [edit services stateful-firewall rule rule-name term term-name from applications] hierarchy level.

[edit]

services {

    stateful-firewall {

        rule my-rule {

            term my-term {

                from {

                    applications junos-ftp; #Reference predefined statement, junos-ftp,

                }                           #for FTP in the stateful firewall configuration

            }

        }

    }

}