Junos OS

last person joined: 8 hours ago 

Ask questions and share experiences about Junos OS.

  • 1.  Event-option after 5 minutes

    Posted 03-02-2019 11:09

    My router has a upstream BGP connection and a downstream OSPF connection.

     

    Whenever BGP is up (and stable for 5 minutes) I want to export a default route (0.0.0.0/0) into OSPF. However when BGP comes up and within 5 minutes the connection goes down again I don't want to export a default route into OSPF until it comes back up again and is stable for 5 minutes. 

     

    Whenever the BGP connection goes down I want to remove the export of the default route into OSPF. 

     

    I thought I could do this with below "event-options" but for some reason it is not working completely as expected. Whenever BGP comes up it immediately exports a default route into OSPF without waiting for 5 minutes. When BGP goes down it removes the default route. So although exporting and removing a default route into OSPF works, the 5 minute delay doesn't. 

     

    Any tips or ideas?

     

    event-options {
    policy BGP_UP {
        events rpd_bgp_neighbor_state_changed;
        within 300 {
            not events rpd_bgp_neighbor_state_changed;
        }
        attributes-match {
            "{$$.new-state}" matches Established;
        }
        then {
            change-configuration {
                commands {
                    "set protocols ospf export DEFAULT_ROUTE";
                }
                commit-options {
                    log "OSPF Default Route injected";
                }
            }
        }
    }
    policy BGP_DOWN {
        events rpd_bgp_neighbor_state_changed;
        attributes-match {
            rpd_bgp_neighbor_state_changed.old-state matches Established;
        }
        then {
            change-configuration {
                commands {
                    "delete protocols ospf export DEFAULT_ROUTE";
                }
                commit-options {
                    log "OSPF Default Route removed";
                }
            }
        }
    }
}


  • 2.  RE: Event-option after 5 minutes

    Posted 03-02-2019 22:28

    Hello,

    Firstly, there is a better JUNOS feature called "delay-route-advertisements"

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/delay-route-advertisements-edit-protocols-group-family-unicast.html

    It does not work with OSPF though. So if You can afford sending 0/0 via iBGP then this feature is for You.

    Secondly, Your event policy looks back 300 seconds after BGP session becomes established:

    event-options {
    policy BGP_UP {
        events rpd_bgp_neighbor_state_changed;
        within 300 {
            not events rpd_bgp_neighbor_state_changed;
        }

     

    So, if BGP becomes established after 5 mins of clear silence, this policy will trigger immediately which is what You are observing.

    HTH

    Thx

    Alex



  • 3.  RE: Event-option after 5 minutes

    Posted 03-04-2019 02:37

    Thanks for the reply. Unfortunately I can't use iBGP with delay-route-advertisements in this case.

     

    Is there a way to adjest the policy so that is does what I want, which is:

     

    if rpd_bgp_neighbor_state_changed and the new state == Established and no other rpd_bgp_neighbor_state_changed occurs for 5 minutes. Execute: set protocols ospf export DEFAULT_ROUTE.

     

    If I look at the below example it is similar to what I'm trying to achieve. The only difference is that this script is checking if it occurs within 60 seconds after the triggering event, that is why I added the NOT state.

    https://www.juniper.net/documentation/en_US/junos/topics/example/junos-script-automation-event-policy-correlating-events.html



  • 4.  RE: Event-option after 5 minutes

    Posted 03-04-2019 05:41

    Hello,

    @mchlrv wrote:

     

    Is there a way to adjest the policy so that is does what I want, which is:

     

    if rpd_bgp_neighbor_state_changed and the new state == Established and no other rpd_bgp_neighbor_state_changed occurs for 5 minutes. Execute: set protocols ospf export DEFAULT_ROUTE.

     

    Of course there is. 

    Rough algorithm:

    1/ policy1:

    1a/ use periodic event to check back every X seconds (where X cannot be less than 60 but large X value slips the execution) if rpd_bgp_neighbor_state_changed and the new state == Established event did NOT occur within last 300 secs;

    1b/ if it did not, then commit the config, deactivate policy1 and activate policy2

    2/ policy2 :

    2a/ use event that watches rpd_bgp_neighbor_state_changed and the new state == NOT Established,

    2b/ if it happens, remove the previous config, deactivate policy2 and activate policy1.

     

    This approach would inject 0/0 route into OSPF between 300 sec and 300+X sec (300 to 360 secs if X==60 and value X less than 60 is not supported). 

     

    Hope this makes sense.

     

    @mchlrv wrote:

     

    If I look at the below example it is similar to what I'm trying to achieve. The only difference is that this script is checking if it occurs within 60 seconds after the triggering event, that is why I added the NOT state.

     

    This example correlates the triggering event with OTHER UNRELATED events. You are trying to correlate the triggering event with negated self which would always produce a false match every 5 mins.

     

    HTH

     

    Thanks

    Alex

     



  • 5.  RE: Event-option after 5 minutes

    Posted 03-04-2019 11:21

    Thanks for your support and it seems I almost have it. With below code it waits +/- 300 seconds to inject the default route, which is good. So it runs the policy BGP_UP.

     

    However when I shutdown the interface it runs the policy BGP_DOWN and removes the default route, but after roughly 30 it adds it back again. Even stranger is that it looks likes it is executing the policy BGP_UP, see message output below.

     

    generate-event {
    CHECK_BGP_STATE time-interval 60;
}
policy BGP_UP {
    events CHECK_BGP_STATE;
    within 240 {
        not events rpd_bgp_neighbor_state_changed;
    }
    attributes-match {
        rpd_bgp_neighbor_state_changed.new-state matches Established;
    }
    then {
        change-configuration {
            commands {
                "set protocols ospf export DEFAULT_ROUTE";
                "delete event-options policy BGP_DOWN then ignore";
                "set event-options policy BGP_UP then ignore";
            }
        }
    }
}
policy BGP_DOWN {
    events rpd_bgp_neighbor_state_changed;
    attributes-match {                  
        rpd_bgp_neighbor_state_changed.old-state matches Established;
    }
    then {
        ignore;
        change-configuration {
            commands {
                "delete protocols ospf export DEFAULT_ROUTE";
                "delete event-options policy BGP_UP then ignore";
                "set event-options policy BGP_DOWN then ignore";
            }
        }
    }
}

     


    Mar  4 19:07:07  rtr01 rpd[5533]: bgp_handle_notify:4274: NOTIFICATION received from 1.1.1.1 (External AS 65512): code 6 (Cease) subcode 2 (Administratively Shutdown)
Mar  4 19:07:07  rtr01 rpd[5533]: RPD_BGP_NEIGHBOR_STATE_CHANGED: BGP peer 1.1.1.1 (External AS 65512) changed state from Established to Idle (event RecvNotify) (instance master)
Mar  4 19:07:09  rtr01 file[6478]: auto-snapshot is not supported/configured
Mar  4 19:07:09  rtr01 file[6478]: UI_AUTH_EVENT: Authenticated user 'root' assigned to class 'super-user'
Mar  4 19:07:09  rtr01 file[6478]: UI_LOGIN_EVENT: User 'root' login, class 'super-user' [6478], ssh-connection '', client-mode 'junoscript'
Mar  4 19:07:09  rtr01 file[6478]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'lock-configuration'
Mar  4 19:07:09  rtr01 file[6478]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'load-configuration action="set" url="/tmp/evt_cmd_yYPB7t"'
Mar  4 19:07:09  rtr01 file[6478]: UI_CMDLINE_READ_LINE: User 'root', command 'rpc lock-configuration rpc rpc load-configuration delete protocols ospf export DEFAULT_ROUTE '
Mar  4 19:07:09  rtr01 file[6478]: UI_CFG_AUDIT_OTHER: User 'root' delete: [protocols ospf export] ""DEFAULT_ROUTE"
Mar  4 19:07:09  rtr01 file[6478]: UI_CMDLINE_READ_LINE: User 'root', command 'delete event-options policy BGP_UP then ignore '
Mar  4 19:07:09  rtr01 file[6478]: UI_CFG_AUDIT_OTHER: User 'root' delete: [event-options policy BGP_UP then] "ignore
Mar  4 19:07:09  rtr01 file[6478]: UI_CFG_AUDIT_SET: User 'root' set: [event-options policy BGP_DOWN then] "ignore -> "ignore"
Mar  4 19:07:09  rtr01 file[6478]: UI_CMDLINE_READ_LINE: User 'root', command 'set event-options policy BGP_DOWN then ignore '
Mar  4 19:07:09  rtr01 file[6478]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'commit-configuration'
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT: User 'root' requested 'commit' operation (comment: none)
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Obtaining lock for commit
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: updating commit revision
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: UI extensions feature is not configured
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Started running translation script
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Finished running translation script
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: start loading commit script changes
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: no commit script changes
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: no transient commit script changes
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: finished loading commit script changes
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: No translation output from the scripts
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_NO_MASTER_PASSWORD: No 'system master-password' set
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: copying juniper.db to juniper.data+
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: finished copying juniper.db to juniper.data+
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: exporting juniper.conf
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: expanding interface-ranges
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: finished expanding interface-ranges
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: expanding groups
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: finished expanding groups
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: setup foreign files
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: update license counters
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: finish license counters
Mar  4 19:07:09  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: propagating foreign files
Mar  4 19:07:09  rtr01 file[6478]: UI_CHILD_START: Starting child '/usr/sbin/mustd'
Mar  4 19:07:10  rtr01 mustd: UI_DELTA_CONSTRAINT_CHECK_NOT_RUNNING: delta constraint check process can not run because persist groups is not configured
Mar  4 19:07:10  rtr01 file[6478]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/mustd', PID 6482, status 0x700
Mar  4 19:07:10  rtr01 file[6478]: UI_CHILD_EXITED: Child exited: PID 6482, status 7, command '/usr/sbin/mustd'
Mar  4 19:07:10  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: cdg returns = 7(persist groups is not configured (needed for cdg))
Mar  4 19:07:10  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: complete foreign files
Mar  4 19:07:10  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: dropping unchanged foreign files
Mar  4 19:07:10  rtr01 file[6478]: UI_CHILD_START: Starting child '/usr/sbin/ffp'
Mar  4 19:07:11  rtr01 file[6478]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/ffp', PID 6483, status 0
Mar  4 19:07:11  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: daemons checking new configuration
Mar  4 19:07:11  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Spawning Routing protocols process to check new configuration
Mar  4 19:07:11  rtr01 file[6478]: UI_CHILD_START: Starting child '/usr/sbin/rpd'
Mar  4 19:07:11  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Spawning Event processing process to check new configuration
Mar  4 19:07:12  rtr01 file[6478]: UI_CHILD_START: Starting child '/usr/sbin/eventd'
Mar  4 19:07:12  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Collecting status of Event processing process
Mar  4 19:07:12  rtr01 file[6478]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/eventd', PID 6485, status 0
Mar  4 19:07:12  rtr01 rpd: proceeding. -C
Mar  4 19:07:13  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Collecting status of Routing protocols process
Mar  4 19:07:13  rtr01 file[6478]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/rpd', PID 6484, status 0
Mar  4 19:07:13  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: commit wrapup...
Mar  4 19:07:13  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: start ffp activate
Mar  4 19:07:13  rtr01 file[6478]: UI_CHILD_START: Starting child '/usr/sbin/ffp'
Mar  4 19:07:14  rtr01 ffp: pdb_activate:8399: Could not open profile database, continuing... err:PDB_ERROR_PLATFORM_NOT_SUPPORTED
Mar  4 19:07:14  rtr01 file[6478]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/ffp', PID 6486, status 0
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/pam.conf'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/pam_radius.conf'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/pam_tacplus.conf'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/issue'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/certs'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/motd'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/max-db-size-cfg'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/subs-mgmt-cfg'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/vmm.conf'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/db_ext-cfg'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/ephinst.conf'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: executing foreign_commands
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: not executing ui_commit in rc.ui
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: finish ffp activate
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: copying configuration to juniper.save
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: db_check_constraint_ids_clear start
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: db_check_constraint_ids_clear done
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: db_groups_info_clear start
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: db_groups_info_clear done
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/run/db/juniper.data'
Mar  4 19:07:14  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: Rotate backup configs
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Simple Network Management Protocol process', pid 5530, signal 31, status 0 with notification errors enabled
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync begins
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync ends
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync begins
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync ends
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: notifying daemons of new configuration
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress:  notifying none(0)
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: cannot signal 'None process', signal 1, no pid
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress:  notifying rpd(5)
Mar  4 19:07:15  rtr01 rpd[5533]: JTASK_TASK_REINIT: Reinitializing
Mar  4 19:07:15  rtr01 rpd[5533]: RPD_COMMIT_SYNC_STATUS: RPD commit sync completed on MASTER
Mar  4 19:07:15  rtr01 rpd[5533]: RPD_COMMIT_JOBS_STATUS: RPD commit jobs started on MASTER
Mar  4 19:07:15  rtr01 rpd[5533]: task_reconfigure reinitializing done
Mar  4 19:07:15  rtr01 rpd[5533]: RPD_COMMIT_JOBS_STATUS:  RPD commit jobs completed on MASTER
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Routing protocols process', pid 5533, signal 1, status 0 with notification errors enabled
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress:  notifying eventd(73)
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Event processing process', pid 5499, signal 1, status 0 with notification errors enabled
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync begins
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync ends
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: commit complete
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_COMPLETED: commit complete
Mar  4 19:07:15  rtr01 file[6478]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Alarm control process', pid 5528, signal 30, status 0 with notification errors enabled
Mar  4 19:07:15  rtr01 file[6478]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'unlock-configuration'
Mar  4 19:07:15  rtr01 eventd: EVENTD_CONFIG_CHANGE_SUCCESS: Configuration change successful: while executing policy BGP_DOWN with user root privileges
Mar  4 19:07:15  rtr01 file[6478]: UI_LOGOUT_EVENT: User 'root' logout
Mar  4 19:07:48  rtr01 file[6492]: auto-snapshot is not supported/configured
Mar  4 19:07:48  rtr01 file[6492]: UI_AUTH_EVENT: Authenticated user 'root' assigned to class 'super-user'
Mar  4 19:07:48  rtr01 file[6492]: UI_LOGIN_EVENT: User 'root' login, class 'super-user' [6492], ssh-connection '', client-mode 'junoscript'
Mar  4 19:07:48  rtr01 file[6492]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'lock-configuration'
Mar  4 19:07:48  rtr01 file[6492]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'load-configuration action="set" url="/tmp/evt_cmd_98jnEy"'
Mar  4 19:07:48  rtr01 file[6492]: UI_CFG_AUDIT_OTHER: User 'root' set: [protocols ospf export DEFAULT_ROUTE] 
Mar  4 19:07:48  rtr01 file[6492]: UI_CMDLINE_READ_LINE: User 'root', command 'rpc lock-configuration rpc rpc load-configuration set protocols ospf export DEFAULT_ROUTE '
Mar  4 19:07:48  rtr01 file[6492]: UI_CMDLINE_READ_LINE: User 'root', command 'delete event-options policy BGP_DOWN then ignore '
Mar  4 19:07:48  rtr01 file[6492]: UI_CFG_AUDIT_OTHER: User 'root' delete: [event-options policy BGP_DOWN then] "ignore
Mar  4 19:07:48  rtr01 file[6492]: UI_CFG_AUDIT_SET: User 'root' set: [event-options policy BGP_UP then] "ignore -> "ignore"
Mar  4 19:07:48  rtr01 file[6492]: UI_CMDLINE_READ_LINE: User 'root', command 'set event-options policy BGP_UP then ignore '
Mar  4 19:07:48  rtr01 file[6492]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'commit-configuration'
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT: User 'root' requested 'commit' operation (comment: none)
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Obtaining lock for commit
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: updating commit revision
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: UI extensions feature is not configured
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Started running translation script
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Finished running translation script
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: start loading commit script changes
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: no commit script changes
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: no transient commit script changes
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: finished loading commit script changes
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: No translation output from the scripts
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_NO_MASTER_PASSWORD: No 'system master-password' set
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: copying juniper.db to juniper.data+
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: finished copying juniper.db to juniper.data+
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: exporting juniper.conf
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: expanding interface-ranges
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: finished expanding interface-ranges
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: expanding groups
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: finished expanding groups
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: setup foreign files
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: update license counters
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: finish license counters
Mar  4 19:07:48  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: propagating foreign files
Mar  4 19:07:48  rtr01 file[6492]: UI_CHILD_START: Starting child '/usr/sbin/mustd'
Mar  4 19:07:49  rtr01 mustd: UI_DELTA_CONSTRAINT_CHECK_NOT_RUNNING: delta constraint check process can not run because persist groups is not configured
Mar  4 19:07:49  rtr01 file[6492]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/mustd', PID 6496, status 0x700
Mar  4 19:07:49  rtr01 file[6492]: UI_CHILD_EXITED: Child exited: PID 6496, status 7, command '/usr/sbin/mustd'
Mar  4 19:07:49  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: cdg returns = 7(persist groups is not configured (needed for cdg))
Mar  4 19:07:49  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: complete foreign files
Mar  4 19:07:49  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: dropping unchanged foreign files
Mar  4 19:07:49  rtr01 file[6492]: UI_CHILD_START: Starting child '/usr/sbin/ffp'
Mar  4 19:07:50  rtr01 file[6492]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/ffp', PID 6497, status 0
Mar  4 19:07:50  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: daemons checking new configuration
Mar  4 19:07:50  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Spawning Routing protocols process to check new configuration
Mar  4 19:07:50  rtr01 file[6492]: UI_CHILD_START: Starting child '/usr/sbin/rpd'
Mar  4 19:07:50  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Spawning Event processing process to check new configuration
Mar  4 19:07:50  rtr01 file[6492]: UI_CHILD_START: Starting child '/usr/sbin/eventd'
Mar  4 19:07:50  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Collecting status of Event processing process
Mar  4 19:07:50  rtr01 file[6492]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/eventd', PID 6499, status 0
Mar  4 19:07:50  rtr01 rpd: proceeding. -C
Mar  4 19:07:51  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Collecting status of Routing protocols process
Mar  4 19:07:51  rtr01 file[6492]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/rpd', PID 6498, status 0
Mar  4 19:07:51  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: commit wrapup...
Mar  4 19:07:51  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: start ffp activate
Mar  4 19:07:51  rtr01 file[6492]: UI_CHILD_START: Starting child '/usr/sbin/ffp'
Mar  4 19:07:52  rtr01 ffp: pdb_activate:8399: Could not open profile database, continuing... err:PDB_ERROR_PLATFORM_NOT_SUPPORTED
Mar  4 19:07:52  rtr01 file[6492]: UI_CHILD_STATUS: Cleanup child '/usr/sbin/ffp', PID 6500, status 0
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/pam.conf'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/pam_radius.conf'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/pam_tacplus.conf'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/issue'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/certs'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/motd'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/max-db-size-cfg'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/subs-mgmt-cfg'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/vmm.conf'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/db_ext-cfg'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/etc/ephinst.conf'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: executing foreign_commands
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: not executing ui_commit in rc.ui
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: finish ffp activate
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: copying configuration to juniper.save
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: db_check_constraint_ids_clear start
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: db_check_constraint_ids_clear done
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: db_groups_info_clear start
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: db_groups_info_clear done
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: activating '/var/run/db/juniper.data'
Mar  4 19:07:52  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: Rotate backup configs
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Simple Network Management Protocol process', pid 5530, signal 31, status 0 with notification errors enabled
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync begins
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync ends
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync begins
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync ends
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: notifying daemons of new configuration
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress:  notifying none(0)
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: cannot signal 'None process', signal 1, no pid
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress:  notifying rpd(5)
Mar  4 19:07:53  rtr01 rpd[5533]: JTASK_TASK_REINIT: Reinitializing
Mar  4 19:07:53  rtr01 rpd[5533]: RPD_COMMIT_SYNC_STATUS: RPD commit sync completed on MASTER
Mar  4 19:07:53  rtr01 rpd[5533]: RPD_COMMIT_JOBS_STATUS: RPD commit jobs started on MASTER
Mar  4 19:07:53  rtr01 rpd[5533]: task_reconfigure reinitializing done
Mar  4 19:07:53  rtr01 rpd[5533]: RPD_COMMIT_JOBS_STATUS:  RPD commit jobs completed on MASTER
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Routing protocols process', pid 5533, signal 1, status 0 with notification errors enabled
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress:  notifying eventd(73)
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Event processing process', pid 5499, signal 1, status 0 with notification errors enabled
Mar  4 19:07:53  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync begins
Mar  4 19:07:54  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: ssync ends
Mar  4 19:07:54  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: commit complete
Mar  4 19:07:54  rtr01 file[6492]: UI_COMMIT_COMPLETED: commit complete
Mar  4 19:07:54  rtr01 file[6492]: UI_COMMIT_PROGRESS: Commit operation in progress: signaling 'Alarm control process', pid 5528, signal 30, status 0 with notification errors enabled
Mar  4 19:07:54  rtr01 file[6492]: UI_JUNOSCRIPT_CMD: User 'root' used JUNOScript client to run command 'unlock-configuration'
Mar  4 19:07:54  rtr01 eventd: EVENTD_CONFIG_CHANGE_SUCCESS: Configuration change successful: while executing policy BGP_UP with user root privileges
Mar  4 19:07:54  rtr01 file[6492]: UI_LOGOUT_EVENT: User 'root' logout

     



  • 6.  RE: Event-option after 5 minutes

    Posted 03-04-2019 11:45

    Hello,

    Please try this config:

    generate-event {
    CHECK_BGP_STATE time-interval 60;
}
policy BGP_UP {
    events CHECK_BGP_STATE;
    within 240 {
        not events rpd_bgp_neighbor_state_changed;
    }
    attributes-match {
        rpd_bgp_neighbor_state_changed.new-state matches Established;
    }
    then {
        change-configuration {
            commands {
                "set protocols ospf export DEFAULT_ROUTE";
                "deactivate event-options policy BGP_UP";
				"activate event-options policy BGP_DOWN";
            }
        }
    }
}
policy BGP_DOWN {
    events rpd_bgp_neighbor_state_changed;
    attributes-match {                  
        rpd_bgp_neighbor_state_changed.old-state matches Established;
    }
    then {
        change-configuration {
            commands {
                "delete protocols ospf export DEFAULT_ROUTE";
                "activate event-options policy BGP_UP";
                "deactivate event-options policy BGP_DOWN";
            }
        }
    }
}

    The silent interval between BGP going down and then up must not exceed 240 secs, otherwise the BGP_UP policy will falsely trigger. 

    To cater for that, You need to use to an evert-script (instead of "change-configuration" knob) where one can insert jcs:sleep() or use additional "trailing event" (but then it could become a complex config).

    HTH

    Thx
    Alex



  • 7.  RE: Event-option after 5 minutes
    Best Answer

    Posted 03-05-2019 12:12

    Hi All,

     

    After hours of trying and testing I finally got (see code below) it and it turns out to be more easier then we thought.

    What the code does is as follow:

    - There is in inactive hold off timer set to 300 seconds;

    - When BGP comes UP and is Established, the timer is activated;

    - When the timer is finished it exports a default route into OSPF, and deactivates the hold off timer;

    - If BGP goes down it deletes the export of the default route into OSPF and deactivates the hold off timer (if it is still running) preventing it from exporting a default route into OSPF after BGP went down.

     

    generate-event {
    inactive: OSPF_EXPORT_HOLD_OFF time-interval 300;
}
policy BGP_UP {
    events rpd_bgp_neighbor_state_changed;
    attributes-match {
        rpd_bgp_neighbor_state_changed.new-state matches Established;
    }
    then {
        change-configuration {
            commands {
                "activate event-options generate-event OSPF_EXPORT_HOLD_OFF";
            }
        }
    }
}
policy BGP_DOWN {
    events rpd_bgp_neighbor_state_changed;
    attributes-match {
        rpd_bgp_neighbor_state_changed.old-state matches Established;
    }
    then {
        change-configuration {
            commands {
                "delete protocols ospf export DEFAULT_ROUTE";
                "deactivate event-options generate-event OSPF_EXPORT_HOLD_OFF";
            }
        }
    }
}
policy OSPF_EXPORT_DEFAULT {
    events OSPF_EXPORT_HOLD_OFF;
    then {
        change-configuration {
            commands {
                "set protocols ospf export DEFAULT_ROUTE";
                "deactivate event-options generate-event OSPF_EXPORT_HOLD_OFF";
            }
        }
    }
}