Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Managing System Configuration Files

    This topic describes the following:

    Calculating and Validating CRC in Configuration Files

    You can calculate and store CRC data in configuration files to detect any corrupt data in the configuration files. You can implement this feature in two steps:

    1. Run the copy running-configuration command. This command calculates the CRC value for the configuration file and stores the calculated CRC value in the configuration file header. For more information, see Saving the Current System Configuration.
      host1#copy running-configuration system2.cnf
    2. Run the service check-config command. This command unpacks a configuration file and calculates the CRC value on the complete file. It then reads the CRC value stored in the configuration file header. If the stored value is not zero, it is matched with the newly calculated CRC value. If there is a mismatch, the command generates an error which is stored in the system log.

      However, if the stored value is zero, the command ignores the CRC value to provide backward compatibility to configuration files created by JunosE Software versions that were released prior to Release 12.2.x.

      host1#service check--config system2.cnf

    The service check-config command also generates an error if the configuration header file is invalid or if the configuration file has invalid date stored within the file. All of the header errors detected by this command are stored in the system log. For more details, refer to the os event logging category in the JunosE System Event Logging Reference Guide.

    Detecting Corrupt Configuration Files on the SRPs

    You can detect corruption of running configuration files and CNF files on both the primary SRP when the corruption is due to a fatal duplicate key error. CNF files must be present on the active file system to monitor them; you cannot monitor CNF files that reside alone on the standby SRP.

    You can use the service check-config command to control the mode of detection for corruption detection of the running configuration. Auto mode provides a background monitoring task that periodically checks the validity of running configurations. The service config-monitor-periodicity command enables you to set the time for background monitoring of the active and standby SRP. By default, background monitoring is not running. Manual mode is the default detection mode. For corruption detection of the CNF files, you must use manual mode.

    A critical message that indicates whether the corrupted configuration files are recoverable appears prompting you to manually recover the corrupt files.

    When duplicate key corruption is detected in either the active or standby SRP:

    • File synchronization between the active and standby SRP occurs when HA is enabled. Configuration files are not synchronized to the standby SRP when corruption is detected and the auto-recovery option is disabled. You can restart file synchronization of configuration files only when you reinitialize the flash file system on the corrupted SRP.
    • If HA is disabled, you cannot enable HA until you reinitialize the flash file system on the corrupted system. HA is disabled because of the redundancy corruption criteria. HA cannot be reenabled until the flash file system is reinitialized on the corrupted system.
    • You cannot initialize unified ISSU until you reinitialize the flash file system on the corrupted system. If the corruption is detected after unified ISSU is initialized, HA is disabled, which then sets a redundancy criteria for corruption that prevents unified ISSU from starting.
    • If monitoring is configured to run in auto mode when unified ISSU starts, monitoring reverts back to manual mode to prevent monitoring during a unified ISSU upgrade. After a successful unified ISSU upgrade, monitoring switches back to the originally configured mode on both SRPs.

    File synchronization and monitoring the file system are separate operations. Depending on the wake up time of the monitoring task, there is a period of time when corruption can occur and the file systems are synchronized. We recommend that you run the manual command to check the file system before you enable HA or perform any unified ISSU-related operations.

    To detect corruption of files:

    1. Check the running configuration. You can detect corruption of the running configuration on both primary and standby SRP due to a fatal duplicate key error. You can detect corruption of CNF files on the primary SRP only; you cannot monitor CNF files on the standby SRP.

      Note: Auto mode checks the running configuration at regular intervals; auto mode cannot be used for CNF files. When auto mode is enabled, if you check the running configuration for corruption manually, a warning message appears. If you confirm you want to check the running configuration in manual mode or ignore the warning message, then manual mode is enabled.

      • To check running configuration in auto mode:
        host1(config)#service check-config auto
      • To check running configuration in manual mode when auto mode is enabled:
        host1(config)#service check-config running-configurationWARNING: This command will cause config monitor to switch into manual mode. Proceed with current command? [confirm]

      Use the no version to restore the default action, manual detection.

    2. Set the time for background monitoring of the active and standby SRP. By default, background monitoring is not running.
      host1(config)#service config-monitor-periodicity 2000

      Note: For corruption detection of the CNF files, you must use manual mode. Auto mode checks the running configuration at regular intervals; auto mode cannot be used for CNF files.

    Automatically Recovering Corrupt Configuration Files

    You can automatically recover corrupted CFG files detected in the running configuration. When you turn on auto-recovery, the behavior of the file synchronization, stateful SRP switchover (high availability), and unified ISSU tasks changes to prevent synchronization of corrupt configuration. On detecting configuration file corruption, JunosE Software determines whether a corrupt file is recoverable by the application. If the file is recoverable:

    1. The configuration monitor on the SRP tries to recover it from a good configuration as determined by the application.
    2. The file synchronization, high availability, and unified ISSU operations are re-enabled.

    You can manually or automatically recover the recoverable corrupt configuration files in the running configuration as determined by the application.

    You can use the service check-config auto-recover command to enable auto-recovery of corrupt CFG files in the running configuration.

    You can use the service check-config running-configuration command to view a list of corrupt files in the running configuration and the files that are recoverable.

    You can use the service check-config running-configuration recover command to recover the corrupted CFG files in the running configuration. You can recover only the files that the service check-config running-configuration command output lists as recoverable.

    Auto-recovery of a corrupted running configuration in the active and standby SRPs works as follows:

    • If the file system on the primary SRP is corrupt when HA is disabled and the mode of the service check-config command has been set to auto-recover, the following changes occur:
      • File Synchronization–Configuration files are not synchronized to the standby SRP until successful recovery of the corrupted files is complete.
      • HA–Enabling of HA is prevented during recovery and the state is restored on successful recovery.
      • Unified ISSU–If unified ISSU is in the idle state, the operation is disabled until recovery is complete. The unified ISSU process continues if it has started.
      • Auto-Recovery—A message indicates whether the configuration files are recoverable. If the files are recoverable, the auto-recovery process starts. If the recovery is unsuccessful, configuration monitoring is turned off. You can revert the SRP to the last-known good configuration on the standby SRP using the srp switch force command. The standby SRP boots up using the last indicated configuration using the boot conf command.
    • If the file system on the primary SRP is corrupt when HA is enabled and the mode of the service check-config command has been set to auto-recover, the following changes occur:
      • File Synchronization–Configuration files are not synchronized to the standby SRP when the HA state changes to disabled and the status is restored when the recovery window is complete.
      • HA–Enabling of HA is prevented (HA remains in disabled state) during the recovery window and the state is restored after the recovery window is complete.
      • Unified ISSU–If unified ISSU is in the idle state, the operation is disabled until successful recovery or the recovery window is complete. The unified ISSU process continues if it has started.
      • Auto-Recovery—A message indicates whether the configuration files are recoverable. If the files are recoverable, the auto-recovery process starts. If the recovery is unsuccessful, configuration monitoring is turned off. You can revert the SRP to the last-known good configuration on the standby SRP using the srp switch force command. The standby SRP boots up using the last indicated configuration using the boot conf command.
    • If the file system on the standby SRP is corrupt when HA is disabled and the mode of the service check-config command has been set to auto-recover, auto, or manual, the following changes occur:
      • File Synchronization–Configuration files do not synchronize and the synchronization state does not restore until successful recovery of the corrupted files or the recovery window is complete.
      • HA–Enabling of HA is prevented during recovery and the state is restored on successful recovery.
      • Unified ISSU–If unified ISSU is in the idle state, the operation is disabled until successful recovery or the recovery window is complete. The unified ISSU process continues if it has started.
      • Auto-Recovery—Monitoring of corrupt configuration stops and a message indicating whether the files are recoverable appears. If the SRP is successfully recovered, monitoring of corrupt configuration resumes. If recovery fails, reload the standby SRP module using the reload standby-srp command and re-initiate the flash system on the standby SRP.
    • If the file system on the standby SRP is corrupt when HA is enabled and the mode of the service check-config command has been set to auto-recover, auto, or manual, the following changes occur:
      • File Synchronization–Configuration files are not synchronized when the HA state changes to disabled and the synchronization state is not restored until the successful recovery of the corrupted files or the recovery window is complete.
      • HA–HA is disabled during recovery and the state is restored on successful recovery.
      • Unified ISSU–If unified ISSU is in the idle state, the operation is disabled until successful recovery or the recovery window is complete. The unified ISSU process continues if it has started.
      • Auto-Recovery—Monitoring of corrupt configuration stops and a message indicating whether the files are recoverable appears. If the SRP is successfully recovered, monitoring of corrupt configuration resumes. If recovery fails, reload the standby SRP module using the reload standby-srp command and re-initiate the flash system on the standby SRP.
    • If the file systems on both the primary and standby SRPs are corrupt when HA is disabled, the following changes occur:
      • File Synchronization–Configuration files are not synchronized and the synchronization state is not restored until the successful recovery of the corrupted files or the recovery window is complete.
      • HA–Enabling of HA is prevented during recovery and the state is restored on successful recovery.
      • Unified ISSU–If unified ISSU is in the idle state, the operation is disabled until successful recovery or the recovery window is complete. The unified ISSU process continues if it has started.
      • Auto-Recovery—Monitoring of corrupt configuration stops on both the primary and standby SRP modules and a message appears indicating whether the files are recoverable. If the SRPs are successfully recovered, monitoring of corrupt configuration resumes. If recovery fails, load another release on the primary SRP and run the reload force command. The primary and standby SRP modules re-initiate during a reboot.
    • If the file systems on both the primary and standby SRPs are corrupt when HA is enabled, the following changes occur:
      • File Synchronization–Configuration files are not synchronized when the HA state changes to disabled and the synchronization state is not restored until the successful recovery of the corrupted files or the recovery window is complete.
      • HA–HA is disabled during recovery and the state is restored on successful recovery.
      • Unified ISSU–If unified ISSU is in the idle state, the operation is disabled until successful recovery or the recovery window is complete. The unified ISSU process continues if it has started.
      • Auto-Recovery—Monitoring of corrupt configuration stops on both the primary and standby SRP modules and a message appears indicating whether the files are recoverable. If the SRPs are successfully recovered, monitoring of corrupt configuration resumes. If recovery fails, load another release on the primary SRP and run the reload force command. The primary and standby SRP modules re-initiate during a reboot.

    To recover corrupted CFG files:

    • Enable auto-recovery of files in the running configuration that are corrupted due to a fatal duplicate key error or the existence of values such as 0XFF and 0x00 in sectors of a Flash.
      host1(config)#service check-config auto-recover

      Note: You cannot auto-recover CNF files on the primary and standby SRPs.

      Use the no version without the auto-recover option to restore the default action, manual detection.

    • View a list of corrupt files in the running configuration and the files that are recoverable on the primary SRP and the standby SRP.
      host1(config)#service check-config running-configuration

      Use the no version without the running-configuration option to restore the default action, manual detection.

    • Recover the corrupted CFG files in the running configuration.
      host1(config)#service check-config running-configuration recover

      Note: You can recover only the files that the service check-config running-configuration command output lists as recoverable.

      Use the no version without the running-configuration recover option to restore the default action, manual detection.

    Published: 2014-08-12