Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  Use mgmt_junos vrf for archive and events

    Posted 08-22-2024 05:21

    Quite new to Junos and are setting up my first couple of QFX 5120 i virtual chassis setup.  Version 20.4R3.8 on both.
    They will be upgraded later when I've done some basic configurations. 

    Have separated traffic from management ports to the recomended mgmt_junos vrf and are trying to get backups to work, either with events or Archival functions. 

    My problem is that the switches do not seem to use the vrf when trasfering the file.  I get the following errors in syslog when trying archival.

     SWITCH pfed: ACCT_TRANSFER_FILE_FAILED_ITER: Error <256> uploading file '/var/transfer/config/SWITCH_20240822_060558_juniper.conf.gz'. Remaining retry attempts = 1, retry in 135 seconds..
    SWITCH logger: transfer-file failed to transfer /var/transfer/config/SWITCH_20240822_060558_juniper.conf.gz rc 1
    SWITCH fetch: fetch-secure: ftp://juniper@10.10.10.1/SWITCH/SWITCH_20240822_060558_juniper.conf.gz: Can't assign requested address

    Configuration for Archival is:
     show system archival 
    configuration {
        transfer-interval 15;
        routing-instance mgmt_junos;
        archive-sites {
            "ftp://username@10.10.10.1/SWITCH" password "redacted"; ## SECRET-DATA
        }
    }

    I've also tried "transfer-on-commit" with the same errors.

    Doing it manually from operational mode works. 

    file copy /var/transfer/config/SWITCH_20240822_053328_juniper.conf.gz ftp://usernamer@10.10.10.1/SWITCH/ routing-instance mgmt_junos

    Looking on the Filezilla logs on the server, I can't see any connection attemts on the failed connections, making me think that archival do not honour the "routing-instance mgmt_junos" statement. 

    I'm also trying the same with event-options, but here I can't specify route-instance mgmt_junos for the destination. 
    Same error in the logs.
    SWITCH fetch: fetch-secure: ftp://juniper@10.10.189.207:*: Can't assign requested address

    Any ideas where I can have gone wrong, or if this is a know problem? 



    ------------------------------
    ANDREAS JANSSON
    ------------------------------



  • 2.  RE: Use mgmt_junos vrf for archive and events

    Posted 08-22-2024 08:09

    Hi Andreas,

    Before conducting any further investigation, I recommend upgrading to version 23.4R2-S1 (the recommended release). Many bugs present in 20.4R3 have been resolved in newer releases.



    ------------------------------
    Kalle Andersson
    ------------------------------



  • 3.  RE: Use mgmt_junos vrf for archive and events

    Posted 08-22-2024 08:46

    Hi Kalle,

    Thank you. I'll wait with more troubleshooting until I've uppgraded the units. 

    Wanted to upgrade as much as possible first to see the impact of an upgrade :)



    ------------------------------
    ANDREAS JANSSON
    ------------------------------



  • 4.  RE: Use mgmt_junos vrf for archive and events

    Posted 08-23-2024 05:04

    Hello 

    I don't know if an upgrade will help because I have the same problem on MX204 



    ------------------------------
    --
    Grzegorz Dacka
    ------------------------------



  • 5.  RE: Use mgmt_junos vrf for archive and events

    Posted 12 days ago

    I have exactly the same problem on SRX4100 running  JUNOS 23.4R2-S2.



    ------------------------------
    GREGORY SHIBA
    ------------------------------



  • 6.  RE: Use mgmt_junos vrf for archive and events

    Posted 11 days ago

    I would also recommend upgrading.

    I had problems with some services on JunoS 20, but this is working on 22 and 23 versions, QFX5120, when running SCP as the transfer protocol.

    Other things I have experienced - On 5100s if there are too many files piled up in the transfer queue before the archive site is reachable it can get stuck. I can't remember from the top of the head how I deleted the transfer files. Have not seen this on 5120.

    Any firewall in between the switch and server that can show logs? (blocked/permitted attempts)

    /Johan




  • 7.  RE: Use mgmt_junos vrf for archive and events

    Posted 8 days ago

    Hi,

    First have you got a static route on the management interface to that IP? and can you ping that ip from the cli with the "routing-instance mgmt_junos" option. if you can I would recommend putting the ftp server config in the following format:

    set system archival configuration archive-sites "ftp://username:password@10.10.10.22/file location"

    See if any of that is helpful



    ------------------------------
    HARRY
    ------------------------------