[Contents] [Prev] [Next] [Index] [Report an Error]

[edit system] Hierarchy Level

system {
accounting {
destination {
radius {
server {
server-address {
accounting-port port-number;
retry number;
port port-number;
secret password;
source-address address;
timeout seconds;
}
}
}
tacplus {
server {
server-address {
port port-number;
secret password;
single-connection;
timeout seconds;
}
}
}
}
events [ change-log interactive-commands login ];
}
archival {
configuration {
archive-sites {
ftp://<username>:<password>@<host>:<port>/<url-path>;
}
transfer-interval interval;
transfer-on-commit;
}
}
arp {
aging-timer {
minutes;
interface logical-interface-name;
}
passive-learning;
}
authentication-order [ authentication-methods ];
autoinstallation {
configuration-servers {
server-url <password password>;
}
interfaces {
interface-name {
bootp;
rarp;
}
}
}
backup-router address <destination [ destination-addresses ]>;
commit synchronize;
(compress-configuration-files | no-compress-configuration-files);
default-address-selection;
diag-port-authentication (encrypted-password "password" | plain-text-password);
domain-name domain-name;
domain-search [ domain-list ];
dump-device (boot-device | compact-flash | removable-compact-flash | usb);
encrypt-configuration-files;
extensions {
provider {
provider-id;
}
}
host-name hostname;
inet6-backup-router ipv6–address <destination address>;
internet-options {
(gre-path-mtu-discovery | no-gre-path-mtu-discovery);
icmpv4-rate-limit {
bucket-size number;
packet-rate rate;
}
icmpv6-rate-limit {
bucket-size number;
packet-rate rate;
}
(ipip-path-mtu-discovery | no-ipip-path-mtu-discovery);
(ipv6-path-mtu-discovery | no-ipv6-path-mtu-discovery);
ipv6-path-mtu-discovery-timeout;
no-tcp-rfc1323;
no-tcp-rfc1323-paws;
(path-mtu-discovery | no-path-mtu-discovery);
source-port upper-limit upper-limit;
source-quench;
tcp-drop-synfin-set;
}
location {
altitude feet;
building name;
country-code code;
floor number;
hcoord horizontal-coordinate;
lata service-area;
latitude degrees;
longitude degrees;
npa-nxx number;
postal-code postal-code;
rack number;
vcoord vertical-coordinate;
}
login {
announcement “text”;
class class-name {
allow-commands "regular-expression";
allow-configuration "regular-expression";
deny-commands "regular-expression";
deny-configuration "regular-expression";
idle-timeout minutes;
login-alarms;
login-tip;
permissions [ permissions ];
}
message “text”;
password {
change-type (character-sets | set-transitions);
format (des | md5 | sha1);
maximum-length length;
minimum-changes number;
minimum-length length;
}
retry-options {
backoff-factor number;
backoff-threshold number;
minimum-time number;
tries-before-disconnect number;
}
user username {
authentication {
(encrypted-password "password" | plain-text-password);
load-key-file filename;
ssh-dsa "public-key" <from hostname>;
ssh-rsa "public-key" <from hostname>;
}
class class-name;
full-name “complete-name”;
uid uid-value;
}
}
max-configurations-on-flash number;
mirror-flash-on-disk;
name-server {
address;
}
no-multicast-echo;
no-redirects;
no-ping-record-route;
no-ping-time-stamp;
ntp {
authentication-key key-number type md5 value password;
boot-server address;
broadcast <address> <key key-number> <version value> <ttl value>;
broadcast-client;
multicast-client <address>;
peer address <key key-number> <version value> <prefer>;
server address <key key-number> <version value> <prefer>;
trusted-key [ key-numbers ];
}
pic-console-authentication {
(encrypted-password encrypted-password | plain-text-password);
}
ports {
auxiliary {
disable;
insecure;
type (ansi | small-xterm | vt100 | xterm);
}
console {
disable;
insecure;
log-out-on-disconnect;
type (ansi | small-xterm | vt100 | xterm);
}
}
processes {
... the following statement represents the syntax for most processes on EX–series and MX-series platforms; processes with different syntax follow ...
process-name <disable> <command pathname> <failover (alternate-media | other-routing-engine)>;
... the following statement represents the syntax for most processes on M-series and T-series routing platforms; processes with different syntax follow ...
process-name <disable> <command pathname>;
(cfm | send) disable;
(chassis-control | ntp | routing) <disable> <failover alternate-media>;
(dhcp | ethernet-switching | kernel-replication | l2-learning | lacp | multicast-snooping) <disable> <command pathname>;     #nondefault syntax for process on EX-series platforms
(diameter-service | general-authentication-service) {
disable;
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
(process-monitor | resource-cleanup) {
disable;
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
level severity;
no-remote-trace;
}
}
sbc-configuration-process {
disable;
failover alternate-media;
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
watchdog <enable | disable> <timeout seconds>;
}
radius-options {
attributes {
nas-ip-address address;
}
}
radius-server {
server-address {
accounting-port port-number;
port port-number;
retry number;
secret password;
source-address source-address;
timeout seconds;
}
}
root-authentication {
(encrypted-password "password" | plain-text-password);
load-key-file filename;
ssh-dsa "public-key" <from hostname>;
ssh-rsa "public-key" <from hostname>;
}
(saved-core-context | no-saved-core-context);
saved-core-files saved-core-files;
scripts {
commit {
allow-transients;
file filename.xsl {
optional;
refresh;
refresh-from url;
source url;
}
refresh;
refresh-from url;
traceoptions {
file <filename> <files number> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
op {
file filename.xsl {
arguments {
argument-name <description description>;
}
command filename-alias;
description description;
refresh;
refresh-from url;
source url;
}
refresh;
refresh-from url;
traceoptions {
file <filename> <files number> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
}
services {
database-replication {
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
dhcp {
boot-file filename;
boot-server hostname;
default-lease-time (seconds | infinite);
domain-name domain-name;
domain-search {
domain-suffix;
}
maximum-lease-time (seconds | infinite);
name-server {
address;
}
next-server address;
option option-index (array type-name [ type-values ] | byte 8-bit-value | flag (false | off | on | true) | integer signed-32-bit-value | ip-address address | short signed-16-bit-value | string text-string | unsigned-integer 32-bit-value | unsigned-short 16-bit-value);
pool {
... pool-configuration ...
}
propagate-settings interface-name;
router {
address;
}
server-identifier identifier;
static-binding {
... static-binding-configuration ...
}
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
level severity;
no-remote-trace;
}
wins-server {
address;
}
pool ip-prefix/prefix-length {
address-range low address high address;
boot-file filename;
boot-server hostname;
default-lease-time (seconds | infinite);
domain-name domain-name;
domain-search {
domain-suffix;
}
exclude-address {
ipv4–address;
}
maximum-lease-time (seconds | infinite);
name-server {
address;
}
next-server address;
option option-index (array type-name  type-values ] | byte 8-bit-value | flag (false | off | on | true) | integer signed-32-bit-value | ip-address address | short signed-16-bit-value | string text-string | unsigned-integer 32-bit-value | unsigned-short 16-bit-value);
propagate-settings interface-name;
router {
address;
}
server-identifier identifier;
wins-server {
address;
}
}
static-binding mac-address {
boot-file filename;
boot-server hostname;
client-identifier (ascii ascii-text | hexadecimal hexadecimal-value);
domain-name domain-name;
domain-search {
domain-suffix;
}
fixed-address {
ipv4-address;
}
host-name hostname;
name-server {
address;
}
next-server address;
option option-index (array type-name  type-values ] | byte 8-bit-value | flag (false | off | on | true) | integer signed-32-bit-value | ip-address address | short signed-16-bit-value | string text-string | unsigned-integer 32-bit-value | unsigned-short 16-bit-value);
router {
address;
}
server-identifier identifier;
wins-server {
address;
}
}
}
dhcp-local-server {
authentication {
password password-string;
username-include {
circuit-type;
delimiter delimiter-character;
domain-name domain-name;
logical-system-name;
mac-address;
option-60;
option-82 <circuit-id> <remote-id>;
routing-instance-name;
user-prefix prefix-string;
}
}
dynamic-profile profile-name (aggregate-clients | use-primary primary-profile-name);
group {
... group-configuration ...
}
overrides {
client-discover-match;
interface-client-limit number;
no-arp;
}
pool-match-order {
ip-address-first;
option-82;
}
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
group group-name {
authentication {
password password-string;
username-include {
circuit-type;
delimiter delimiter-character;
domain-name domain-name;
logical-system-name;
mac-address;
option-60;
option-82 <circuit-id> <remote-id>;
routing-instance-name;
user-prefix prefix-string;
}
}
dynamic-profile profile-name (aggregate-clients | use-primary primary-profile-name);
interface interface-name <exclude> <upto interface-name>;
overrides {
client-discover-match;
interface-client-limit number;
no-arp;
}
}
}
dns-proxy {
cache {
hostname inet address;
}
interface {
interface-name;
}
server-select list-identifier {
domain-name domain-name;
name-server {
address;
}
}
traceoptions {
file filename <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
}
}
dynamic-dns {
client hostname {
agent agent-name;
interface interface-name;
password password;
server (ddo | dyndns);
username server-username;
}
}
finger {
connection-limit limit;
rate-limit limit;
}
flow-tap-dtcp {
ssh {
connection-limit limit;
rate-limit limit;
}
}
ftp {
connection-limit limit;
rate-limit limit;
}
netconf {
ssh {
connection-limit limit;
rate-limit limit;
}
}
outbound-ssh {
application-id application-id {
address {
port port-number;
retry number;
timeout seconds;
}
device-id device-id;
keep-alive {
retry number;
timeout seconds;
}
reconnect-strategy (in-order | sticky);
secret secret;
services netconf;
}
traceoptions {
file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
service-deployment {
local-certificate certificate-name;
servers {
server-address {
port port-number;
security-options (ssl3 | tls);
user username;
}
}
source-address address;
traceoptions {
flag flag;
}
}
ssh {
connection-limit limit;
protocol-version [ v1 v2 ];
rate-limit limit;
root-login (allow | deny | deny-password);
}
telnet {
connection-limit limit;
rate-limit limit;
}
web-management {
control {
max-threads number;
}
http {
interface [ interface-names ];
port port-number;
}
https {
interface [ interface-names ];
(local-certificate certificate-name | pki-local-certificate certificate-name | system-generated-certificate);
port port-number;
}
session {
idle-timeout minutes;
session-limit number;
}
}
xnm-clear-text {
connection-limit limit;
rate-limit limit;
}
xnm-ssl {
connection-limit limit;
local-certificate certificate-name;
rate-limit limit;
}
}
static-host-mapping {
hostname {
alias [ aliases ];
inet [ addresses ];
inet6 [ addresses ];
sysid system-identifier;
}
}
syslog {
archive {
files number;
size maximum-file-size;
(world-readable | no-world-readable);
}
console {
facility severity;
}
file filename {
facility severity;
explicit-priority;
match "regular-expression";
archive {
files number;
size maximum-file-size;
(world-readable | no-world-readable);
}
}
host (hostname | other-routing-engine | scc-master) {
facility severity;
explicit-priority;
facility-override facility;
log-prefix string;
match "regular-expression";
}
source-address source-address;
time-format (year | millisecond | year millisecond);
user (username | *) {
facility severity;
match "regular-expression";
}
}
tacplus-options {
(exclude-cmd-attribute | no-cmd-attribute-value);
service-name service-name;
}
tacplus-server {
server-address {
port port-number;
secret password;
single-connection;
source-address address;
timeout seconds;
}
}
time-zone (GMT | GMT+hour-offset | GMT-hour-offset | zone-name);
}
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.