Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

request security policies resync

Syntax

Description

Synchronize the configuration of security policies in the Routing Engine and Packet Forwarding Engine.

This command recovers the security policies in the Packet Forwarding Engine. If policy inconsistencies between the Routing Engine and Packet Forwarding Engine are determined, the security policies resync.

Options

<from-zone zone-name

Recover the policies from this zone.

global

Recover global policies.

logical-system (logical-system name | all)

Recover the policies on all logical systems or on a particular logical system.

pfe

Recover the policies on the Packet Forwarding Engine.

root-logical-system

Recover the policies on the root logical system. This is the default option.

to-zone zone-name

Recover the policies to this zone.

tenant tenant-name

Recover the policies of a tenant.

Additional Information

Security policies are stored in the routing engine and the packet forwarding engine. Security policies are pushed from the Routing Engine to the Packet Forwarding Engine when you commit configurations. If the security policies on the Routing Engine are out of sync with the Packet Forwarding Engine, the commit of a configuration fails. Core dump files may be generated if the commit is tried repeatedly. The out of sync can be due to:

  • A policy message from Routing Engine to the Packet Forwarding Engine is lost in transit.

  • An error with the routing engine, such as a reused policy UID.

When the policy configurations are modified and the policies are out of sync, the following error message displays - error: Warning: policy might be out of sync between RE and PFE <SPU-name(s)>. Please request security policies check/resync.

Use the show security policies checksum command to display the security policy checksum value and use the request security policies check to display the security policy sync status.

Required Privilege Level

maintenance

Sample Output

request security policies resync

request security policies resync logical-system all

Release Information

Command introduced in Junos OS Release 18.4R1.