Ethernet Switching
Highlighted
Ethernet Switching

dhcp-snooping-file location remote_URL (FTP/TFTP) support ?

[ Edited ]
‎04-10-2013 07:30 AM

hi,

 

EX2200 running 11.4R5.7,  dhcp snooping with dhcp-snooping-file set to local file (/var/tmp), work fine:

 

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# show 
location EX2200-dhcp-snooping;
write-interval 600;
timeout 30;

 

I'm looking into changing it to remote location. Docs say: 'remote_URL —Use ftp://ip-address or ftp:// hostname/path to store database on remote location'

http://www.juniper.net/techpubs/en_US/junos11.4/topics/reference/configuration-statement/location-ed...

 

 

Anyway it looks like Junos does not like FTP:

 

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# set location ftp://1.2.3.4/dhcp_file   

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# show 
location ftp://1.2.3.4/dhcp_file;
write-interval 600;
timeout 30;

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# commit check 
[edit ethernet-switching-options secure-access-port]
  'dhcp-snooping-file'
    Invalid URL format
error: configuration check-out failed

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# set location tftp://1.2.3.4/dhcp_file   

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# show 
location tftp://1.2.3.4/dhcp_file;
write-interval 600;
timeout 30;

[edit ethernet-switching-options secure-access-port dhcp-snooping-file]
admin@EX2200# commit check
configuration check succeeds

 

Is anyone using remote_URL in dhcp-snooping-file location ? TFTP or something else ? What Junos version ?

It's also interesting how long & how many times EX tries to load the file after switch startup.

jtb

2 REPLIES 2
Highlighted
Ethernet Switching
Solution
Accepted by topic author jtb
‎08-26-2015 01:27 AM

Re: dhcp-snooping-file location remote_URL (FTP/TFTP) support ?

[ Edited ]
‎04-11-2013 09:19 AM

Hello,

If You are using FTP, You need to specify FTP username and password in the URL itself:

 

{master:0}[edit]
aarseniev@ex4200vc# show ethernet-switching-options                                          
secure-access-port {
    dhcp-snooping-file {
        location "ftp://anonymous:emailATdomain.tld@1.2.3.4/dhcp_file";
        write-interval 600;
        timeout 30;
    }
}
storm-control {
    interface all;
}

{master:0}[edit]
aarseniev@ex4200vc# commit check 
configuration check succeeds

 Not sure how char @ in password will interact with char @ before IP address, could You please test and report back.

HTH

Thanks

Alex

 

[EDIT]

This link http://www.cs.tut.fi/~jkorpela/ftpurl.html suggests that following might work:

 

{master:0}[edit]
aarseniev@ex4200vc# show ethernet-switching-options                                          
secure-access-port {
    dhcp-snooping-file {
        location "ftp://anonymous:email%40domain.tld@1.2.3.4/dhcp_file";
        write-interval 600;
        timeout 30;
    }
}

 where %40 is char @ encoded as per http://www.cs.tut.fi/~jkorpela/HTML3.2/3.5.html#urlenc

HTH

Thanks

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Ethernet Switching

Re: dhcp-snooping-file location remote_URL (FTP/TFTP) support ?

[ Edited ]
‎04-12-2013 06:57 AM

hi Alex,

 

it really helps to have someone else to look at your problem ...  basic staff I've missed. I tested it with scp://user : pass@1.2.3.4/, dreaming SCP works here, but forgot to add user/pass in FTP tests.

 

I will test it, once I have access to EX I can restart. Want to know how/when EX tries to load the file, what happens if it can't access the FTP server initially.

jtb