Ethernet Switching
Highlighted
Ethernet Switching

EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

[ Edited ]
‎10-17-2019 12:04 AM

Hello,

 

After a long break I wanted to change the port configuration on my EX3300 based Virtual Chassis.
To my surprise, the switch has returned an error (as below). I didn't change any rstp related configuration lines, only the port description.

 

What I tried already in order to solve that:
- run 'commit synchronize force'
- login to member 1 and run 'mgd -i' and 'commit' from master again

VC is a three member stack with JUNOS Base OS boot 12.3R3.4.

 

fpc0:
configuration check succeeds
fpc1:
/var/tmp/juniper.conf+.gz:1786:(8) syntax error: rstp
/var/tmp/juniper.conf+.gz:1794:(5) error recovery ignores input until this point: }
/var/tmp/juniper.conf+.gz:1797:(5) error recovery ignores input until this point: }
/var/tmp/juniper.conf+.gz:1800:(5) error recovery ignores input until this point: }
/var/tmp/juniper.conf+.gz:1815:(1) error recovery ignores input until this point: }
/var/tmp/juniper.conf+.gz:1904:(1) error recovery ignores input until this point: }
/var/tmp/juniper.conf+.gz:1907:(1) error recovery ignores input until this point: }
/var/tmp/juniper.conf+.gz:1915:(1) error recovery ignores input until this point: }
error: remote load-configuration failed on fpc1
/config/juniper.conf:1786:(8) syntax error: rstp
/config/juniper.conf:1794:(5) error recovery ignores input until this point: }
/config/juniper.conf:1797:(5) error recovery ignores input until this point: }
/config/juniper.conf:1800:(5) error recovery ignores input until this point: }
/config/juniper.conf:1815:(1) error recovery ignores input until this point: }
/config/juniper.conf:1904:(1) error recovery ignores input until this point: }
/config/juniper.conf:1907:(1) error recovery ignores input until this point: }
/config/juniper.conf:1915:(1) error recovery ignores input until this point: }
fpc0:
error: remote unlock-configuration failed on fpc1


Dawid

6 REPLIES 6
Highlighted
Ethernet Switching

Re: EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

‎10-17-2019 02:57 AM

I've not seen this before but it looks like the local config on that member is somehow corrupt.  You could try to delete and replace the config file from another member inthe config directory and see if that clears the issue.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
Ethernet Switching

Re: EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

‎10-17-2019 05:11 AM

Hello Steve,

Thank you for an advice. Will the replacement of the config file can involve the need to restart the switch or maybe a whole stack?

Dawid

Highlighted
Ethernet Switching

Re: EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

‎10-17-2019 05:38 PM

A restart of just that switch may clear the issue by itself depending on how and where the corruption is.

 

I was suggesting this approach to avoid a reboot.  I have moved configs by physical copy before to load them on devices.  But have not had this specific problem so am not certian if it will work or not.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Ethernet Switching

Re: EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

‎10-29-2019 03:26 AM

Good Day Dawid,

 

I have a pretty obvious suggestion - to upgrade Virtual-Chassis to one of the latest releases from official Juniper download web-page.

JunOS which you are running is relatively old - release date is 18-Sep-2013.

Similar issue was observed on such old releases and has been fixed in last ones.

We do not have enough data to clarify is it a exact match, but still... my advice will be to upgrade JunOS as it already resolved similar cases before.

 

Thank you!

Highlighted
Ethernet Switching

Re: EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

[ Edited ]
‎10-29-2019 06:14 AM

Hello again,

As I can't perform the switch restart, I plan to copy necessary files from working one.
The question is: exactly which files in which directory shall I copy from working switch to damaged one?
Can I just use:

file copy fpc0:/path/file fpc1:/path/file

?

Files on affected switch:

drwxrwxr-x  2 root  wheel   512 Dec 24  2011 .snap
drwxr-xr-x  4 root  wheel   512 Jul  1 13:19 db
-rw-r-----  1 root  wheel  3666 Jul  1 12:40 juniper.conf.1.gz
-rw-r-----  1 root  wheel  3666 Jul  1 12:06 juniper.conf.2.gz
-rw-r-----  1 root  wheel  3665 Jul  1 12:00 juniper.conf.3.gz
-rw-r-----  1 root  wheel  3666 Jul  1 12:58 juniper.conf.gz
-r-s------  1 root  wheel    32 Jul  1 13:14 juniper.conf.md5
-rw-------  1 root  wheel   672 Jul  1 12:59 ssh_host_dsa_key
-rw-r--r--  1 root  wheel   601 Jul  1 12:59 ssh_host_dsa_key.pub
-rw-------  1 root  wheel   227 Jul  1 12:59 ssh_host_ecdsa_key
-rw-r--r--  1 root  wheel   173 Jul  1 12:59 ssh_host_ecdsa_key.pub
-rw-------  1 root  wheel   976 Jul  1 12:59 ssh_host_key
-rw-r--r--  1 root  wheel   641 Jul  1 12:59 ssh_host_key.pub
-rw-------  1 root  wheel  1675 Jul  1 12:59 ssh_host_rsa_key
-rw-r--r--  1 root  wheel   393 Jul  1 12:59 ssh_host_rsa_key.pub
-rw-r--r--  1 root  wheel  1836 Jun 14  2013 usage.db
drwxr-xr-x  2 root  wheel   512 Jul  1 13:19 vchassis
root@st_0-1:LC:1% cd db
root@st_0-1:LC:1% ls -l
total 48
-rw-r--r--  1 root  wheel   1684 Jul  1 12:58 commits
drwxr-xr-x  2 root  wheel   1536 Jul  1 12:58 config
-rw-r--r--  1 root  wheel  15879 Jul  1 13:18 dcd.snmp_ix
drwxr-xr-x  2 root  wheel    512 Apr 11  2000 scripts
-rw-r--r--  1 root  wheel     99 Jul  1 12:58 snmp_engine.db
root@st_0-1:LC:1% cd config/
root@st_0-1:LC:1% ls -l

 

Dawid

Highlighted
Ethernet Switching

Re: EX3300 [12.3R3.4] returns an error: remote unlock-configuration failed

‎10-30-2019 03:06 AM

The active configuration is /config/juniper.conf.gz

 

copy the known good one to the failing member

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Feedback