Category Archives: junos-automation

Fetching JUNOS config as xml

If you want to fetch a junos device config remotely first configure netconf on the device via;

Then connect to the junos device (IP via an ssh client from a linux host and redirect the output
to a file which is the xml config of the device indeed:

Once you enter your password you won’t see any output from junos. Just paste the RPC
command and press enter and after a while depending on the config side you will see the xml config /tmp/junos_config.xml

Running batch commands on remote junos devices

I am sure from time to time you need to run an operational command on multiple junos devices e.g deleting a specific file from all devices. It is up to you of course what sort of commands you can run. For the following script to work you should also install python paramiko module. You may possibly install this module on a linux system via the command “pip install paramiko” . I have also attached the script here as some characters may not be displayed properly in this post. Now let me explain how to use this script.

Once you save the script with the name, there are two types of execution

1) Single command on a single system

This command will run the command “file delete /tmp/test.txt” on the device having ip (root user should be used for this command to work)

2) Single command on multiple systems

This command will fetch all ip addresses written in the file /tmp/ipaddr.txt (each ip should be in a new line) and run the operational command one by one.

This is a very basic script but it may shed you some light to develop your own complex scripts. I also use it to fetch command outputs and then interpret the outputs via python again. Let me know if you need any help in using it.

Continue reading

Simple Junos Commit Script

Here is a simple junos commit script that checks if a given interface is assigned to trust zone or not. It is very basic of course but can be extended using junos automation reference documents.

Once you create this script place it under /var/db/scripts/commit/test.slax

Then enable it via cli in the configuration

junos#set system scripts commit file test.slax

You will see that if the interface ge-0/0/0.0 isn’t assigned to the trust zone you will receive the error message in <message> tag.

If you want to take a look at some more examples you can take a look at junos script library

How to upgrade JunOS remotely via NETCONF

In this post I would like to explain how to upgrade JunOS on a router remotely. Imagine that you have dozens of routers and you would like to script it somehow. Below is a script I have written in python. I must say that it really took me some time to comprehend paramiko API but finally I wrote one which does really work. As you might have known, NETCONF is a fantastic protocol by which you can send RPC calls to remote devices. This script opens a netconf channel and sends these command inside this channel.

By using the predefined connection parameters, script opens the netconf channel and sends the command in variable SOFT_ADD which orders the device to fetch the software from JUNOS_URL and then upgrade it.


Continue reading