It wasn’t until I was fiddling around with what my SRX could do did I stumble across something that intrigued me. I was trying to figure out why my Alarm light was being displayed at the front of the SRX when it was operation and fine. I decided to investigate.
[email protected]> show system alarms 1 alarms currently active Alarm time Class Description 2012-12-16 14:09:04 EST Minor Rescue configuration is not set
Rescue configuration. Well, what do we have here readers? A quote of the Juniper support page states ” A rescue configuration file is helpful in the event that your router’s configuration file has been configured wrong. You can restore the router to this rescue configuration to bring the router back online.”
Well isn’t that handy. With my home SRX being used as a lab device and my office devices that reside behind it require internet, this feature is of use to me incase I bork something up. My wife’s Macbook Air and the modem + 1252 access point reside in their own network. This is so I do not affect the SLA’s!
So I have created my SRX configuration that is BAU. This configuration has some zones, has some screens, some rules for what I do. It has my virtual routing instances for labs. I want to save this so let’s get it done.
[email protected]> show system configuration rescue error: No rescue configuration is set.
Alright. Nothing defined so hence the alarm.
[email protected]> request system configuration rescue save
That’s it. We now have a safe, working configuration that can be used in emergencies. This configuration allows a customised version of your own to be used in emergencies. In the SRX branch platforms there is a default built-in configuration that you can press the reset button to revert too.
[email protected]> show system configuration rescue ## Last changed: 2012-12-18 15:14:43 EST version 12.1R3.5; <omitted output>
You can see what the current rescue configuration is by using the above command. Now to load our rescue configuration.
[email protected]# rollback rescue load complete
Now commit and you’re done. You have performed a rescue.
I think this feature is stella. It allows an engineer to guide “hands” through a rescue a simple process**. Press the reset button. This saves a long and maybe expensive drive. I hope this has been helpful and informative. Oh and after saving the rescue configuration my alarm light went from green to out. Happy days.
** Thanks to Per Westerlund for pointing this out in the comments.
Once you have set a good rescue configuration, you don’t have to connect to the console and perform “cli -> conf -> rollback rescue -> commit”. You only have to have someone press and quickly release the Config/Reset button. This invokes the above commands without any console access.
Thanks Per. There you go. I mis interpreted the use of the reset button. That is very handy. I will update the blog.