SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Conflicting items when provisioning through TFTP

    Posted 06-12-2014 17:58

    Hi!

     

    I am trying to provision an SRX through TFTP. It succeeds in downloading the configuration but it is unable to merge the configuration :

     

    Jun  9 00:01:41 spawned /usr/sbin/mgd -Zd -n autod autoinstall-merge /var/run/autod/ge-000/network.conf for ge-0/0/0 at pid 1514
Jun  9 00:01:43 autod_mgd_handle_child: mgd on pid 1514 could not commit configuration on ge-0/0/0, exited with 3

    If I run the command by hand, I get:

    Network security daemon: [edit security zones security-zone MGMT-LOCAL]
Network security daemon:   'interfaces ge-0/0/0.0'
Network security daemon:     Interface ge-0/0/0.0 already assigned to another zone
mgd: error: configuration check-out failed
mgd: load complete

    The problem is that the default configuration already assigns this interface to some builtin zone. Is it possible for autoinstallation to not merge the configuration but replace it?



  • 2.  RE: Conflicting items when provisioning through TFTP

    Posted 06-12-2014 18:15

    Hi...

     

       When we manually restore config file, we can use    load override    command to completely replace exising config and     load replace    going to replace conflicting configs only.

     

    root@SRX650# load ?                  
    Possible completions:
      factory-default      Override existing configuration with factory default
      merge                Merge contents with existing configuration
      override             Override existing configuration     <-<-<-<---------
      patch                Load patch file into configuration
      replace              Replace configuration data
      set                  Execute set of commands on existing configuration
      update               Update existing configuration

     

    Can you please share the step by step commands you run ?

     

    Thanks

    SHKM



  • 3.  RE: Conflicting items when provisioning through TFTP
    Best Answer

    Posted 06-14-2014 09:32

    I don't run any command, I rely on the autoinstallation feature. The SRX is loading a configuration file from a TFTP server and tries to merge it. It is like a "load merge".

     

    Meanwhile, I have found that I can delete some items by prepending them with "delete:" (like "deactivate:"). This solves my problem. It would be more convenient to be able to do that globally. Maybe with a comment at the beginning of the configuration file that would be interpreted by mgd to do a "load override" instead of "load merge".