Getting green with JUNOS

In a branch office you generally have workers who work standard business hours. These generally exist between the hours of 0700 and 1800 hours. Most branches have VOIP handsets or APs that run off PoE. These do not need to be on at night. In an effort to save money and leveraging SLAX scripts. It is possible to enable PoE at the beginning of the work day before staff arrive and ensure their phones and wireless are active. On the flip side it is great to be able to power down. This lab assumes correct time is configured.

Have a read through the script to see what is occurring when it is triggered.

/*
 * Author        : Patricio Giecco
 * Version       : 1.0
 * Last Modified :
 * JUNOS Release : 9.3 and above
 * Platform      : EX Series
 *
 * Description   : poesched.slax
 * This event script is executed on the occurrence of 'poe-scheduler-start'
 * event. According to the configuration mentioned in this file, under
 * 'event-definition', this event is triggered in every 1 hour and this
 * script get executed. This script disables/enables some interfaces for
 * poe, based on the configured schedule for a particular time.
 */ 

version 1.0;

ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";

import "../import/junos.xsl";

var $event-definition = {
     {
         {
             'poe-scheduler-start';
             '3600';
        }
         {
             'poe-scheduler';
             'poe-scheduler-start';
             {
                 {
                     'poesched.slax';
                }
            }
        }
    }
}

var $arguments =  {
     "time";
     "execute the scheduled action at the specified time";
}

/*
 * This script is executed on the occurrence of event 'poe-scheduler-start'
 * which occurs in every one hour. On execution of this script POE on/off
 * on some ports based on a configured schedule. If the time was passed as
 * a parameter then use the passed value otherwise get the system time-date
 * and extract the time portion of it i.e. current time (only the hour).
 */
param $time = {
    var $uptime = jcs:invoke("get-system-uptime-information");
    var $date = $uptime//current-time/date-time;

    expr substring($date, 12, 2);
}

match / {

    /*
     * Get the poe configuration
     */
    var $poe-rpc =  {
         {
            ;
        }
    }

    var $poe = jcs:invoke($poe-rpc);

    /*
     * Open a connection with mgd
     */
    var $con = jcs:open();

    if (not($con)) {
         {
             "Not able to connect with local mgd";
        }
    }

    /*
     * Generate the xml formated config delta
     */
    var $xml := {
         {
             {
                /*
                 * Go through all the groups that are scheduled at this time
                 */
                for-each ($poe//apply-macro[starts-with(name, "scheduler-") &&
                          data/value == number($time)]) {
                    var $splitName = jcs:regex("scheduler-(.+)", name);
                    var $group = $splitName[2];
                    var $action = data[value == number($time)]/name;

                    /*
                     * select all the interfaces belonging to the sceduled
                     * groups
                     */
                    for-each ($poe//interface[apply-macro/name == "scheduler" &&
                              apply-macro/data/name == "group" &&
                              apply-macro/data/value == $group]) {
                        if ($action == "on" && disable) {
                             {
                                 name;
                                ;
                            }
                        } else if ($action == "off" && not(disable)) {
                             {
                                 name;
                                ;
                            }
                        }
                    }
                }
            }
        }
    }

    /*
     * If some interface statements are present in the $xml/configuration/poe,
     * then commit the changes otherwise not required
     */
    if ($xml/configuration/poe/interface) {
        var $results = {
            call jcs:load-configuration($connection = $con,
                                        $configuration = $xml);
        }
    }
}

Now I have this script on my USB stick and will mount as show below. Once I have confirmed that my USB is successfully mounted and the files I require are contained within, it is time to move the file off my USB and onto the filesystem.

[email protected]:RE:0% mount_msdosfs /dev/da1 /mnt
[email protected]:RE:0% cd /mnt
[email protected]:RE:0% ls
Warcraft III OST
Diablo II LoD OST
j-sa-va-dte-7.2R4.0-b21697-package.zip
junos-vsrx-12.1I20121128_2352_slt-builder-domestic.ova
poesched.slax

Now to move the SLAX script.

[email protected]:RE:0% mv poesched.slax ..\

Oops! I accidentally moved it to the filesystem root folder. Just to be sure.

[email protected]:RE:0% ls
.snap           config          libexec         poesched.slax   usr
COPYRIGHT       data            mfs             proc            var
altconfig       dev             mnt             root
altroot         etc             modules         sbin
bin             jail            opt             tftpboot
boot            kernel          packages        tmp

As I suspected I moved it there. Not to worry. Time to move it into place. I need it in the event folder under /var/db/scripts

[email protected]:RE:0% mv poesched.slax /var/db/scripts/event/

Now to navigate to the directory and confirm the script.

[email protected]:RE:0% cd var/db/scripts/event
[email protected]:RE:0% ls
poesched.slax

Once this is done we need jump into the JUNOS and allow it to load the script. We are choosing an event option to trigger the script poesched.slax when an event defined in the script occurs.

[email protected]# set event-options event-script file poesched.slax

Copy and paste the following into a load merge terminal command and press control+D to finish.

poe {
apply-macro scheduler-admin {
off 20;
on 6;
}
interface all;
interface ge-0/0/3 {
apply-macro scheduler {
group admin;
}
}
interface ge-0/0/4 {
apply-macro scheduler {
group admin;
}
}

The script is invoked when the event poe-scheduler-start occurs. The script is run around the hour of choice not at the stroke of the hour. If you are leveraging this for voice then you need to ensure you set it an hour earlier just in case. Last think you want is pesky end users banging on your door!

This is just one of many examples of SLAX scripting in JUNOS. There are many more featured here. If you have a large deployment the power savings may be quite large. Even still, consider there are some security benefits too. Out of hours phones may be used by people who do not have permission. By disabling PoE at the switch the device is rendered inactive for the determined period and unusable to non business hours people.

Leave a Reply

Your email address will not be published. Required fields are marked *

*