Advantages of Using Commit Scripts
Reducing human error in a network configuration can significantly improve network uptime. Commit scripts enable you to control operational practices and enforce operational policy, thereby decreasing the possibility of human error. Restricting device configurations in accordance with custom design rules can vastly improve network reliability.
Consider the following examples of actions you can perform with commit scripts:
Basic sanity test—Ensure that the [edit interfaces] and [edit protocols] hierarchies have not been accidentally deleted.
Consistency check—Ensure that every T1 interface configured at the [edit interfaces] hierarchy level is also configured at the [edit protocols rip] hierarchy level.
Dual Routing Engine configuration test—Ensure that the re0 and re1 configuration groups are set up correctly. When you use configuration groups, the inherited values can be overridden in the target configuration. A commit script can determine if an individual target configuration element is blocking proper inheritance of the configuration group settings.
Interface density—Ensure that a channelized interface does not have too many channels configured.
Link scaling—Ensure that SONET/SDH interfaces never have a maximum transmission unit (MTU) size less than 4 kilobytes (KB).
Import policy check—Ensure that an interior gateway protocol (IGP) does not use an import policy that imports the full routing table.
Cross-protocol checks—Ensure that all LDP-enabled interfaces are configured for an IGP, or ensure that all IGP-enabled interfaces are configured for LDP.
IGP design check—Ensure that Level 1 IS-IS routers are never enabled.
When a candidate configuration does not adhere to your design rules, a commit script can instruct Junos OS to generate custom warnings, system log messages, or error messages that block the commit operation from succeeding. In addition, the commit script can change the configuration in accordance with your rules and then proceed with the commit operation.
Consider a network design that requires every interface on which the International Organization for Standardization (ISO) family of protocols is enabled to also have MPLS enabled. At commit time, a commit script inspects the configuration and issues an error if this requirement is not met. This error causes the commit operation to fail and forces the user to update the configuration to comply.
Instead of an error, the commit script can issue a warning about the configuration problem and then automatically correct it by changing the configuration to enable MPLS on all interfaces. A system log message can also be generated, indicating that corrective action was taken.
Another option is to define a macro that enables ISO protocols and MPLS when the macro is applied to an interface. Configuring this macro simplifies the configuration task while ensuring that both protocols are configured together.
Finally, you can have the commit script correct the configuration using a transient change. In our example, a transient change allows MPLS to always be enabled on ISO-enabled interfaces without having the configuration statements appear in the candidate configuration.
Transient changes cause a change to be generated in the checkout configuration but not in the candidate configuration. The checkout configuration is the configuration database that is checked for standard Junos OS syntax just before a configuration becomes active. This means transient changes are not saved in the configuration if the associated commit script is deleted or deactivated. The show configuration | display commit-scripts command displays all the statements that are in the configuration, including statements that were generated by transient changes. For more information, see Overview of Generating Persistent or Transient Configuration Changes Using Commit Scripts.