Managing System Configuration Files

This topic describes the following:

Calculating and Validating CRC in Configuration Files

You can calculate and store CRC data in configuration files to detect any corrupt data in the configuration files. You can implement this feature in two steps:

  1. Run the copy running-configuration command. This command calculates the CRC value for the configuration file and stores the calculated CRC value in the configuration file header. For more information, see Saving the Current System Configuration.
    host1#copy running-configuration system2.cnf
  2. Run the service check-config command. This command unpacks a configuration file and calculates the CRC value on the complete file. It then reads the CRC value stored in the configuration file header. If the stored value is not zero, it is matched with the newly calculated CRC value. If there is a mismatch, the command generates an error which is stored in the system log.

    However, if the stored value is zero, the command ignores the CRC value to provide backward compatibility to configuration files created by JunosE Software versions that were released prior to Release 12.2.x.

    host1#service check--config system2.cnf

The service check-config command also generates an error if the configuration header file is invalid or if the configuration file has invalid date stored within the file. All of the header errors detected by this command are stored in the system log. For more details, refer to the os event logging category in the JunosE System Event Logging Reference Guide.

Detecting Corrupt Configuration Files on the SRPs

You can detect corruption of running configuration files and CNF files on both the primary SRP when the corruption is due to a fatal duplicate key error. CNF files must be present on the active file system to monitor them; you cannot monitor CNF files that reside alone on the standby SRP.

You can use the service check-config command to control the mode of detection for corruption detection of the running configuration. Auto mode provides a background monitoring task that periodically checks the validity of running configurations. The service config-monitor-periodicity command enables you to set the time for background monitoring of the active and standby SRP. By default, background monitoring is not running. Manual mode is the default detection mode. For corruption detection of the CNF files, you must use manual mode.

A critical message that indicates whether the corrupted configuration files are recoverable appears prompting you to manually recover the corrupt files.

When duplicate key corruption is detected in either the active or standby SRP:

File synchronization and monitoring the file system are separate operations. Depending on the wake up time of the monitoring task, there is a period of time when corruption can occur and the file systems are synchronized. We recommend that you run the manual command to check the file system before you enable HA or perform any unified ISSU-related operations.

To detect corruption of files:

  1. Check the running configuration. You can detect corruption of the running configuration on both primary and standby SRP due to a fatal duplicate key error. You can detect corruption of CNF files on the primary SRP only; you cannot monitor CNF files on the standby SRP.

    Note: Auto mode checks the running configuration at regular intervals; auto mode cannot be used for CNF files. When auto mode is enabled, if you check the running configuration for corruption manually, a warning message appears. If you confirm you want to check the running configuration in manual mode or ignore the warning message, then manual mode is enabled.

    • To check running configuration in auto mode:
      host1(config)#service check-config auto
    • To check running configuration in manual mode when auto mode is enabled:
      host1(config)#service check-config running-configurationWARNING: This command will cause config monitor to switch into manual mode. Proceed with current command? [confirm]

    Use the no version to restore the default action, manual detection.

  2. Set the time for background monitoring of the active and standby SRP. By default, background monitoring is not running.
    host1(config)#service config-monitor-periodicity 2000

    Note: For corruption detection of the CNF files, you must use manual mode. Auto mode checks the running configuration at regular intervals; auto mode cannot be used for CNF files.

Automatically Recovering Corrupt Configuration Files

You can automatically recover corrupted CFG files detected in the running configuration. When you turn on auto-recovery, the behavior of the file synchronization, stateful SRP switchover (high availability), and unified ISSU tasks changes to prevent synchronization of corrupt configuration. On detecting configuration file corruption, JunosE Software determines whether a corrupt file is recoverable by the application. If the file is recoverable:

  1. The configuration monitor on the SRP tries to recover it from a good configuration as determined by the application.
  2. The file synchronization, high availability, and unified ISSU operations are re-enabled.

You can manually or automatically recover the recoverable corrupt configuration files in the running configuration as determined by the application.

You can use the service check-config auto-recover command to enable auto-recovery of corrupt CFG files in the running configuration.

You can use the service check-config running-configuration command to view a list of corrupt files in the running configuration and the files that are recoverable.

You can use the service check-config running-configuration recover command to recover the corrupted CFG files in the running configuration. You can recover only the files that the service check-config running-configuration command output lists as recoverable.

Auto-recovery of a corrupted running configuration in the active and standby SRPs works as follows:

To recover corrupted CFG files:

Related Documentation