Header Image
Johannes

Three CLI tools you should use more often

If you have already used Juniper Networks products in the past, you have most likely dealt with JunOS, the operating system that runs on pretty much all Juniper products. In my opinion, the JunOS CLI is the best NOS (network operating system) CLI you can get. Why you ask? Well, let me introduce you to three really powerful CLI tools that you can use in your daily business.

Pattern replacement

Let’s start the list off with a pretty simple but oftentimes really helpful command – the replace pattern command. We create a little example situation here. Assume you just copied the following configuration snippet onto your MX. 

interfaces {
    ge-0/0/0 {
        description "to r1 - ge-0/0/0";
        unit 0 {
            family inet {
                address 10.0.0.25/30;
            }
        }
    }
}

The snippet was originally copied from another MX and you forgot to adjust the IP-Address to the new router – instead of .25 it should be .26. The most obvious solution to this problem would be to do the following (yes, there are numerous possibilities with this apporach, this is just one example):

edit interfaces ge-0/0/0 unit 0 family inet
delete address
set address 10.0.0.26/30

And to be honest, this takes way to much time. We network engineers want a shorter, easier approach. So what if we could do a “find and replace” like in any old text editor? This is exactly what the CLI offers us. The syntax for this command is also pretty simple.

replace pattern PATTERN with REPLACEMENT

Just a quick note: the pattern is actually a REGEX pattern, so especially when dealing with special characters, we must escape them. More on that in a bit.

To correct our typo from the beginning, we could issue a command similar to this one:

replace pattern \.25 with .26

As you see, we escaped the dot (.) in the pattern section with a leading backslash (\), in order to make the replacement work. After this command, the IP-address should be adjusted accordingly.

BUT BE ADVISED: the replace pattern command rigorously replaces any match (from the current configuration context) with the supplied replacement. Issuing this command from the root of the tree is very dangerous and should never be performed. A more safer approach for our situation would be to at least jump into the interfaces ge-0/0/0 context and then do the replacement.

If you want to read more about this powerful command, you can check the official documentation.

Copy & Paste configuration

If you have ever managed a few JunOS switches, you may have encountered a situation where you need to copy, for example, an interface configuration and paste it onto another interface. If it is only one additional interface, creating an apply group would be way to overkill, so you decide to just repeat the configuration.

But how would you exactly go about that? You would execute the following tasks (assuming you are already in configuration mode):

  1. show interfaces INTERFACE
  2. Copy the configuration for this interface into a text editor
  3. Change the interface name
  4. Load the new snippet using for example the load merge terminal command

This works, but requires the use of a text editor program and takes a lot of time. JunOS helps you with exactly this type of task by providing you with the copy SOURCE to DESTINATION command. Let’s pretend you want to copy the configuration of ge-0/0/0 to ge-0/0/1, the command would look something like this:

copy interfaces ge-0/0/0 to ge-0/0/1

If you look carefully, you notice that I only need to specify the interfaces level for the source element. This command always copies to the same level as the source is. And that’s it, JunOS creates an exact replica of the interface configuration for the new interface. It also provides a little safety mechanism: if the target element (in this case interface ge-0/0/1) already exists, it won’t copy the configuration but rather warn you about the situation. So overwriting an existing interface is not possible.

Another use-case for this command would be creating routing (or firewall) policies, where you oftentimes have similar terms and only need to adjust a few things.

Different display styles for CLI output

The last CLI tool I want to share with you is really cool if you want to programatically evaluate the output of JunOS commands. Take a look at the following CLI output:

{master:0}
master@fabric> show interfaces ge-0/0/2
Physical interface: ge-0/0/2, Enabled, Physical link is Up
  Interface index: 131, SNMP ifIndex: 505
  Description: Uplink to Home Network
  Link-level type: Ethernet, MTU: 1514, LAN-PHY mode, Speed: Auto, Duplex: Auto, BPDU Error: None,
  MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled, Flow control: 

....TRUNCATED FOR BREVITY....

For us humans, it is pretty easy to check all the neccessary information, but for a computer, parsing this text is a little complicated. For this exact reason, JunOS provides us with the ability to display the output in different formats using the | display MODE extension. You can output the data in either JSON or XML format.

{master:0}
master@fabric> show interfaces ge-0/0/2 | display json
{
    "interface-information" : [
    {
        "attributes" : {"xmlns" : "http://xml.juniper.net/junos/15.1R7/junos-interface",
                        "junos:style" : "normal"
                       },
        "physical-interface" : [
        {
            "name" : [
            {
                "data" : "ge-0/0/2"
            }
            ],
            "admin-status" : [
            {
                "data" : "up",
                "attributes" : {"junos:format" : "Enabled"}
            }
            ],
            "oper-status" : [
            {
                "data" : "up"
            }
            ],
            "local-index" : [
            {
                "data" : "131"
            }
            ],
            "snmp-index" : [
            {
                "data" : "505"
            }
            ]
....TRUNCATED FOR BREVITY....
        }
        ]
    }
    ]
}

Or alternatively as XML:

{master:0}
master@fabric> show interfaces ge-0/0/2 | display xml
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1R7/junos">
    <interface-information xmlns="http://xml.juniper.net/junos/15.1R7/junos-interface" junos:style="normal">
        <physical-interface>
            <name>ge-0/0/2</name>
            <admin-status junos:format="Enabled">up</admin-status>
            <oper-status>up</oper-status>
            <local-index>131</local-index>
            <snmp-index>505</snmp-index>
            <description>Uplink to Home Network</description>
            <link-level-type>Ethernet</link-level-type>
            <mtu>1514</mtu>
            <sonet-mode>LAN-PHY</sonet-mode>
            <source-filtering>disabled</source-filtering>
            <speed>Auto</speed>
....TRUNCATED FOR BREVITY....
        </physical-interface>
    </interface-information>
    <cli>
        <banner>{master:0}</banner>
    </cli>
</rpc-reply>

If you contemplate this with a scripting language, for example python, you can create some powerful automation. But more on that topic in a later post.

Alright folks, that’s all for this post. I hope you enjoyed it and if you’ve got any questions or comments, please feel free to post them below. Until next time!

Johannes

I am a 23 year old german network engineer, who loves learning new things and testing them inside the lab. I also enjoy sharing my knowledge with others and helping wherever I can.

Leave a Reply

Your email address will not be published. Required fields are marked *