Ethernet Switching
Highlighted
Ethernet Switching

HINT: EX switch dhcp snooping persistence across Junos upgrade

‎06-10-2013 01:51 AM

hi,

 

Small hint, it may save some time for other EX users.

 

Recently upgraded a few EX2200's from 11.4R5.5 to 11.4R5.7 and noticed dhcp-snooping-file was deleted after Junos upgrade (simple reboot is OK).  Initial EX configuration was:

 

admin@EX2200> show configuration ethernet-switching-options secure-access-port dhcp-snooping-file
location DB-dhcp-snooping;
write-interval 600;
timeout 30;

admin@EX2200> file list /var/tmp/ detail
[...]
-rw-r--r--  1 root  field      13235 Jun 10 10:24 DB-dhcp-snooping

 

With simple filename as 'location' it's saved in /var/tmp directory.

Unfortunately /var/tmp is lost after upgrade and IP-MAC bindings is gone. In my case EX2200 was a transit switch (no link down for clients) and some clients had a long time before requesting new DHCP lease. 

 

For next device we decided to change location to something else. Documentation gives no clue where to point dhcp-snooping-file at, so we took /var/home/:

 

admin@EX2200> show configuration ethernet-switching-options secure-access-port dhcp-snooping-file
location /var/home/DB-dhcp-snooping;
write-interval 600;
timeout 30;

admin@EX2200> file list /var/home/ detail    

/var/home/:
total 44
drwxr-xr-x  3 admin 20           512 Jan 28 18:45 admin/
-rw-r--r--  1 root  wheel      12463 Jun 10 10:39 DB-dhcp-snooping
[...]

 

DB-dhcp-snooping was saved across Junos upgrade, no more problems with lost dhcp bindings.

 

We also noticed empty directory /var/db/dhcp_snoop/, name suggest it's good place IP-MAC bindings but without clear advice/info from Juniper I prefer to stick with our custom solution. Why it's not used by default ?

jtb

 

3 REPLIES 3
Highlighted
Ethernet Switching

Re: HINT: EX switch dhcp snooping persistence across Junos upgrade

[ Edited ]
‎06-10-2013 05:27 AM

Hello,

During every JUNOS upgrade, there is an explicit warning presented to the operator, example below:

 

WARNING:     This package will load JUNOS 10.4R2.6 software.
WARNING:     It will save JUNOS configuration files, and SSH keys
WARNING:     (if configured), but erase all other files and information
WARNING:     stored on this machine.  It will attempt to preserve dumps
WARNING:     and log files, but this can not be guaranteed.  This is the
WARNING:     pre-installation stage and all the software is loaded when
WARNING:     you reboot the system.

 

So the preservation of ANY files EXCEPT as noted above is not guaranteed during upgrade. Now, in practice, /var/home/<user> directories are usually preserved intact with associated content but only preservation of /var/home/<user/.ssh directory with keys is guaranteed as per wording above. 

If You have no users on the box apart from root, then root's home directory (/root) is usually preserved with associated content but not guaranteed.

HTH

Thanks

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Ethernet Switching

Re: HINT: EX switch dhcp snooping persistence across Junos upgrade

‎06-10-2013 05:53 AM

hi Alex,

 

thanks for the comment. Good point, but in case of EX2200 upgrade we just have:

 

admin@EX2200> request system software add no-copy ftp://ftp@10.0.x.y/junos/jinstall-ex-2200-11.4R5.7-domestic-signed.tgz
Fetching package...
/var/tmp/incoming-package.tgz                          705 kB  705 kBps
WARNING: A reboot is required to install the software
WARNING:     Use the 'request system reboot' command immediately
admin@EX2200>

 

No explicit warning you show. Anyway, your point is valid, thanks ! 

 

I don't care where dhcp snooping is saved, I don't see any recommendation in Juniper documentation (/var/db/dhcp_snoop/ ?)  and default /var/tmp leads to operational problems after upgrade. It should not be lost during upgrade and that's my point.

jtb

Highlighted
Ethernet Switching

Re: HINT: EX switch dhcp snooping persistence across Junos upgrade

[ Edited ]
‎06-10-2013 06:40 AM

Hello,

I can confirm there is such explicit warning contained inside the EX2200 jinstall 11.4R7.5 domestic package.

Please raise a JTAC case as to why it is not displayed during EX2200 JUNOS installation via FTP.

Many thanks

Regards

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !