The SRX110 device that I have been labbing with has come with two USB slots. One is designed to be a 3g/4g wan module which would allow a failover internet connection and could server as a remote access gateway. I thought I might leverage the other slot as a USB storage device. I want to keep copies of the configuration locally incase remote/upstream/HQ access is lost and a remote site cannot be accessed for a period.
Junos runs on the FreeBSD kernel. It can be interacted with in the shell. We will need to do this to order to mount and access our usb stick. There is no auto complete in shell. Just need to learn and know these configurations.
When you plug your device in you will gain information included the device’s location and mount point.
umass0: Generic Mass Storage, rev 2.00/1.03, addr 2 uhub0: illegal enable change, port 1 da0 at umass-sim0 bus 0 target 0 lun 0 da0: Removable Direct Access SCSI-2 device da0: 40.000MB/s transfers da0: 1960MB (4014080 512 byte sectors: 255H 63S/T 249C)
Now if you type the following ( I have included the arguments/flags ) you will be able to mount your device.
usage: mount_msdosfs [-9ls] [-D DOS_codepage] [-g gid] [-L locale]
[-M mask] [-m mask] [-o options] [-u uid]
[-W table] special node
[email protected]% mount_msdosfs /dev/da0s1 /mnt
You can confirm the device with the following command. I should expect to see a 1.9gb device in this list.
[email protected]> show system storage Filesystem Size Used Avail Capacity Mounted on /dev/ad0s2a 295M 144M 127M 53% / devfs 1.0K 1.0K 0B 100% /dev /dev/md0 389M 389M 0B 100% /junos /cf 295M 144M 127M 53% /junos/cf devfs 1.0K 1.0K 0B 100% /junos/dev/ procfs 4.0K 4.0K 0B 100% /proc /dev/bo0s3e 24M 48K 22M 0% /config /dev/bo0s3f 344M 15M 302M 5% /cf/var /dev/md1 168M 18M 137M 12% /mfs /cf/var/jail 344M 15M 302M 5% /jail/var /cf/var/log 344M 15M 302M 5% /jail/var/log devfs 1.0K 1.0K 0B 100% /jail/dev /dev/md2 39M 4.0K 36M 0% /mfs/var/run/utm /dev/md3 1.8M 4.0K 1.7M 0% /jail/mfs /dev/da0s1 1.9G 26M 1.9G 1% /mnt
Time to make two separate folders to keep my configurations in. I want to keep apart my commit configs and my daily configs.
[email protected]% mkdir ../mnt/Commit_backup [email protected]% mkdir ../mnt/Scheduled_backup
Now to check our folders are made.
[email protected]% ls ../mnt Commit_backup Scheduled_backup
Bingo. Now these two lines below are all we need to enable what need.
set system archival configuration transfer-interval 10 archive-site /mnt/Scheduled_backup set system archival configuration transfer-on-commit archive-sit /mnt/Commit_backup
Lets confirm some configs and see how they come up in the display set.
set system archival configuration transfer-on-commit set system archival configuration archive-sites /mnt/Scheduled_backup set system archival configuration archive-sites /mnt/Commit_backup
Where did some of our configuration go? Well after re typing the configuration a few times and wondering why I couldn’t get the both to run. It seems that it is either one or the other. The appended archive-site command actually breaks off and define two locations. The last configured back up type whilst the first appearing archive-site in the display configuration is used. Now to confirm what is in the flash?
[email protected]> file list /mnt/? Possible completions: <[Enter]> Execute this command Path to list /mnt/Commit_backup/ Last changed: Dec 14 22:56:08 /mnt/Scheduled_backup/ Last changed: Dec 14 22:56:18 [email protected]> file list /mnt/Commit_backup/ /mnt/Commit_backup/: [email protected]> file list /mnt/Scheduled_backup/ /mnt/Scheduled_backup/: SRX110_juniper.conf.gz_20121214_115936* SRX110_juniper.conf.gz_20121214_120006* SRX110_juniper.conf.gz_20121214_120332* SRX110_juniper.conf.gz_20121214_120735* SRX110_juniper.conf.gz_20121214_121100* pewpew_juniper.conf.gz_20121214_120816* pewpew_juniper.conf.gz_20121214_121003* pewpew_juniper.conf.gz_20121214_121023* [email protected]>
Would you believe it. All my commits are saving to the first archive site defined in the configuration. Odd stuff. So it seems that you can have only one or the other. All those commit configuration archives are in the Scheduled folder. Oh dear.
Due the branch posture of the SRX110 I do not think it is paramount to have USB storage but it is nice to have. The idea of having configurations on regular back up is good. You could even have a spare JUNOS image there in case of any issues. If your infrastructure has a centralised component and this device is deployed to a tele-worker then an internal server may be better at handling configs. You would think you could configure both and have per commit and scheduled configuration backups occurring. Odd Juniper. If anyone knows the reason why or the way around this please comment below. Thanks for reading.
Marvelous feature!
Yeah, I found it to be rather smart. Either the 3G/4G USB slot can be used or the from USB slot can be used.
You can even have JUNOS extracted to it and run it as the boot partition off that same stick!
Good comment.
It definitely outlines the need for physical security on devices such as these. There is a back USB slot which may minimise this issue a little. I suggest a locked cabinet to put this SRX into!
Just be careful with leaving usb sticks plugged into devices, some good soul may grab it and bring it back to you with good intent “hey you forgot this plugged in there”.
Good comment.
It definitely outlines the need for physical security on devices such as these. There is a back USB slot which may minimise this issue a little. I suggest a locked cabinet to put this SRX into!
*dumb question*… why do we have all those listings as backups? I believed the ‘interval’ timer for scheduling backups is in minutes. So, I have followed the procedure and within less than 10 min, one commit, but the fille shows so many backup files (just like yours). Where do they all come from?
I expected to see, maybe just one backup file, or several, depending on time elapsed and number of commits done…