SRX Services Gateway
Reply
Contributor
rotearc
Posts: 82
Registered: ‎07-10-2010
0

disable system processes

Hi,

 

Saw a post on Juniper NSP maillist (https://puck.nether.net/pipermail/juniper-nsp/) about disabling utm process, one of the post mentioned about disable system processes,  I just check my lab SRX210, there are whole list of processes,

 

root@SRX210# show system processes ?
Possible completions:
  <[Enter]>            Execute this command
  802.1x-protocol-daemon  Port based Network Access Control
  alarm-control        Alarm control process
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don't inherit configuration data from these groups
  audit-process        Audit process
  bootp                Booting daemon
> chassis-control      Chassis control process
  class-of-service     Class-of-service process
  craft-control        Craft interface I/O control process
  database-replication  Database Replication process
  dhcp                 Dynamic Host Configuration Protocol process
> dialer-services      Dial-Out On Demand process
> diameter-service     Diameter process
  dynamic-flow-capture  Dynamic flow capture service
  ethernet-connectivity-fault-management  Connectivity fault management process
  ethernet-switching   Ethernet Switching Process
  event-processing     Event processing process
  firewall             Firewall process
> firewall-authentication-service  Firewall authentication service process
  forwarding           Forwarding Daemon
> general-authentication-service  General authentication service process
  idp-policy           IDP policy daemon
  ilmi                 Intergrated Local Management Interface process
  inet-process         Inet process
  init                 Init daemon
  interface-control    Interface control process
  ipmi                 Intelligent platform management interface daemon
> isdn-signaling       ISDN process
> jsrp-service         Juniper stateful redundancy process
  kernel-replication   Kernel replication process
  l2-learning          Layer 2 address flooding and learning process
  lacp                 Link Aggregation Control Protocol process
  lldpd-service        Link Layer Discovery Protocol
  logical-system-mux   Logical system multiplexer process
> logical-system-service  Logical system process
  mib-process          Management Information Base II process
  mobile-ip            Mobile IP process
  mountd-service       Service for NFS mounts requests
  multicast-snooping   Multicast Snooping process
> named-service        DNS server process
  neighbor-liveness    Bidirectional Forwarding Detection process
> network-security     Network security process
  network-security-trace  Network security trace daemon
  nfsd-service         Remote NFS server
> ntp                  Network time process
  peer-selection-service  Peer selection service process
  periodic-packet-services  Periodic packet management process
  pfe                  Packet Forwarding Engine management process
  pgcp-service         Packet gateway service process
  pgm                  Pragmatic General Multicast process
  ppp                  PPP process
  pppoe                Point-to-Point Protocol over Ethernet process
> process-monitor      Process health monitor process
  profilerd            Profiler Daemon
  r2cp                 Radio-to-Router Control Protocol process
  redundancy-interface-process  Redundancy interface management process
  remote-operations    Remote operations process
> resource-cleanup     Resource cleanup process
> routing              Routing process
> rtmd                 Real Time Media Daemon process
  sampling             Traffic sampling control process
> sbc-configuration-process  SBC configuration process
> sdk-service          SDK Service Daemon
  secure-neighbor-discovery  Secure Neighbor Discovery Protocol process
  security-log         Security Log Daemon
> send                 Secure Neighbor Discovery Protocol process
  service-deployment   Service Deployment Client
  simple-mail-client-service  Simple Mail Transfer Protocol Client process
> smtpd-service        SMTP mail client service process
  snmp                 Simple Network Management Protocol process
> static-subscribers   Static subscribers process
  uac-service          Unified access control daemon
  usb-control          USB supervise process
  vrrp                 Virtual Router Redundancy Protocol process
> wan-acceleration     WAN acceleration (WX) process
> watchdog             Watchdog timer
> web-management       Web management process
> wireless-lan-service  Wireless LAN service process
> wireless-wan-service  Wireless WAN service process
  |                    Pipe through a command

 

This brings up some questions,

 

1.  Are all these system processes running on the SRX 210 all the time?

2.  Is it safe to disable system processes which I will never use?  for example, dialer-services, isdn-signaling?

3.  By disabling these un-needed system processes any harmful effect?

 

Thanks,

Ernest

Trusted Contributor
SomeITGuy
Posts: 330
Registered: ‎01-08-2010
0

Re: disable system processes

I honestly can't see a reason to do it under normal conditions.. Also it would depend on the JUNOS version and the service. As of 10.1 JUNOS has a watchdog service that restarts other services that have failed / aren't running

Contributor
rotearc
Posts: 82
Registered: ‎07-10-2010
0

Re: disable system processes

 


SomeITGuy wrote:

I honestly can't see a reason to do it under normal conditions.. Also it would depend on the JUNOS version and the service. As of 10.1 JUNOS has a watchdog service that restarts other services that have failed / aren't running


 

If that is the case, why provude the option to disable these services in config?

 

E

Super Contributor
colemtb
Posts: 313
Registered: ‎09-30-2009
0

Re: disable system processes

SLAX event / op :smileywink: ? Just more flexablility in the platform IMO.

Trusted Contributor
SomeITGuy
Posts: 330
Registered: ‎01-08-2010
0

Re: disable system processes

Some services can be stopped, all I am saying is that others are mandatory or monitored by the watch dog.

 

Overall performance should not be impacted by the standard services as the system as a whole is designed to meet a specific service level.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.