Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] What occurs internally during the commit process on Junos devices?

0

0

Article ID: KB25124 KB Last Updated: 23 Jul 2020Version: 2.0
Summary:

This article provides information about what occurs internally on Junos devices during the commit process.

Solution:

Understanding  the commit process:

Any changes that are made to the configuration have to be committed, for them to be applied. When a commit command is issued on a Junos platform device, several internal events take place, which the user cannot notice via the CLI. But, to get a glimpse, the display detail CLI knob can be used. This has to be used along with the commit command piping it. For example:

{primary:node0}[edit]
root@CL-PRIV-FW1# commit | display detail
node0:
2012-06-22 16:21:30 EDT: merging latest committed configuration
2012-06-22 16:21:30 EDT: start loading commit script changes
2012-06-22 16:21:30 EDT: no commit script changes
2012-06-22 16:21:30 EDT: no transient commit script changes
2012-06-22 16:21:30 EDT: finished loading commit script changes
2012-06-22 16:21:30 EDT: copying juniper.db to juniper.data+
2012-06-22 16:21:30 EDT: finished copying juniper.db to juniper.data+
2012-06-22 16:21:30 EDT: exporting juniper.conf
2012-06-22 16:21:31 EDT: expanding interface-ranges
2012-06-22 16:21:31 EDT: finished expanding interface-ranges
2012-06-22 16:21:31 EDT: expanding groups
2012-06-22 16:21:31 EDT: finished expanding groups
2012-06-22 16:21:31 EDT: setup foreign files
2012-06-22 16:21:31 EDT: update license counters
2012-06-22 16:21:31 EDT: finish license counters
2012-06-22 16:21:31 EDT: propagating foreign files
2012-06-22 16:21:31 EDT: complete foreign files
2012-06-22 16:21:31 EDT: dropping unchanged foreign files
2012-06-22 16:21:31 EDT: executing 'ffp propagate'
2012-06-22 16:21:31 EDT: daemons checking new configuration
2012-06-22 16:21:31 EDT: Routing protocols process checking new configuration
2012-06-22 16:21:32 EDT: Interface control process checking new configuration
2012-06-22 16:21:32 EDT: Web management gatekeeper process checking new configuration
2012-06-22 16:21:33 EDT: Event processing process checking new configuration
2012-06-22 16:21:33 EDT: Link Layer Discovery Protocol checking new configuration
2012-06-22 16:21:33 EDT: updating shared candidate configuration
2012-06-22 16:21:33 EDT: commit wrapup...
2012-06-22 16:21:33 EDT: start ffp activate
2012-06-22 16:21:33 EDT: executing 'ffp activate'
2012-06-22 16:21:34 EDT: activating '/var/etc/rc.conf.inc'
2012-06-22 16:21:34 EDT: activating '/var/etc/newsyslog.conf'
2012-06-22 16:21:34 EDT: activating '/var/etc/certs'
2012-06-22 16:21:34 EDT: activating '/var/etc/crontab'
2012-06-22 16:21:34 EDT: executing foreign_commands
2012-06-22 16:21:34 EDT: /bin/sh /etc/rc.ui ui_setup_users (sh)
2012-06-22 16:21:34 EDT: executing ui_commit in rc.ui
2012-06-22 16:21:39 EDT: finish ffp activate
2012-06-22 16:21:39 EDT: copying configuration to juniper.save
2012-06-22 16:21:39 EDT: activating '/var/run/db/juniper.data'
2012-06-22 16:21:39 EDT: notifying daemons of new configuration
2012-06-22 16:21:39 EDT: notifying mgd(1)
2012-06-22 16:21:39 EDT: signaling 'Management process', pid 1119, signal 1, status 0 with notification errors enabled
2012-06-22 16:21:39 EDT: notifying rpd(2)
2012-06-22 16:21:39 EDT: signaling 'Routing protocols process', pid 1173, signal 1, status 0 with notification errors enabled
2012-06-22 16:21:39 EDT: notifying dcd(15)
2012-06-22 16:21:39 EDT: signaling 'Interface control process', pid 1201, signal 1, status 0 with notification errors enabled
2012-06-22 16:21:39 EDT: notifying httpd-gk(31)
2012-06-22 16:21:39 EDT: signaling 'Web management gatekeeper process', pid 1189, signal 1, status 0 with notification errors enabled
2012-06-22 16:21:39 EDT: notifying eventd(82)
2012-06-22 16:21:39 EDT: signaling 'Event processing process', pid 890, signal 1, status 0 with notification errors enabled
2012-06-22 16:21:39 EDT: notifying lldpd(89)
2012-06-22 16:21:39 EDT: signaling 'Link Layer Discovery Protocol', pid 17089, signal 1, status 0 with notification errors enabled
2012-06-22 16:21:40 EDT: Rotate backup configs
2012-06-22 16:21:44 EDT: commit complete
commit complete

What happens with the configuration files?

When a configuration change is made and committed, the configuration files on the flash are overwritten with the new configuration and they are also rotated for the rollback purpose. A copy of the Active Configuration  is created, which is known as Candidate Configuration, when editing the configuration.

Any changes being made are added to the Candidate Configuration, before committing. When the commit is complete, the active configuration is also modified with the same changes.

What daemons are involved?

Daemons are notified of the change, which has been implemented on the device, during the commit process. The new configuration has to be approved by specific daemons, which is known as commit check. They are also notified after the commit. Multiple daemons are notified, depending on the configuration change.
 
For example, consider the following configuration changes:
  • Adding a static route:
    {primary:node0}[edit]
    root@test# show | compare 
    [edit routing-options static]
    route 0.0.0.0/0 { ... }
    + route 172.0.0.0/8 next-hop 172.22.145.1;
    
    {primary:node0}[edit]
    root@CL-PRIV-FW1# commit | display detail 
    node0: 
    2012-06-22 16:21:30 EDT: merging latest committed configuration
    2012-06-22 16:21:30 EDT: start loading commit script changes
    2012-06-22 16:21:30 EDT: no commit script changes
    2012-06-22 16:21:30 EDT: no transient commit script changes
    2012-06-22 16:21:30 EDT: finished loading commit script changes
    2012-06-22 16:21:30 EDT: copying juniper.db to juniper.data+
    2012-06-22 16:21:30 EDT: finished copying juniper.db to juniper.data+
    2012-06-22 16:21:30 EDT: exporting juniper.conf
    2012-06-22 16:21:31 EDT: expanding interface-ranges
    2012-06-22 16:21:31 EDT: finished expanding interface-ranges
    2012-06-22 16:21:31 EDT: expanding groups
    2012-06-22 16:21:31 EDT: finished expanding groups
    2012-06-22 16:21:31 EDT: setup foreign files
    2012-06-22 16:21:31 EDT: update license counters
    2012-06-22 16:21:31 EDT: finish license counters
    2012-06-22 16:21:31 EDT: propagating foreign files
    2012-06-22 16:21:31 EDT: complete foreign files
    2012-06-22 16:21:31 EDT: dropping unchanged foreign files
    2012-06-22 16:21:31 EDT: executing 'ffp propagate'
    2012-06-22 16:21:31 EDT: daemons checking new configuration
    2012-06-22 16:21:31 EDT: Routing protocols process checking new configuration
    2012-06-22 16:21:32 EDT: Interface control process checking new configuration
    2012-06-22 16:21:32 EDT: Web management gatekeeper process checking new configuration
    2012-06-22 16:21:33 EDT: Event processing process checking new configuration
    2012-06-22 16:21:33 EDT: Link Layer Discovery Protocol checking new configuration
    2012-06-22 16:21:33 EDT: updating shared candidate configuration
    2012-06-22 16:21:33 EDT: commit wrapup...
    2012-06-22 16:21:33 EDT: start ffp activate
    2012-06-22 16:21:33 EDT: executing 'ffp activate'
    2012-06-22 16:21:34 EDT: activating '/var/etc/rc.conf.inc'
    2012-06-22 16:21:34 EDT: activating '/var/etc/newsyslog.conf'
    2012-06-22 16:21:34 EDT: activating '/var/etc/certs'
    2012-06-22 16:21:34 EDT: activating '/var/etc/crontab'
    2012-06-22 16:21:34 EDT: executing foreign_commands
    2012-06-22 16:21:34 EDT: /bin/sh /etc/rc.ui ui_setup_users (sh)
    2012-06-22 16:21:34 EDT: executing ui_commit in rc.ui
    2012-06-22 16:21:39 EDT: finish ffp activate
    2012-06-22 16:21:39 EDT: copying configuration to juniper.save
    2012-06-22 16:21:39 EDT: activating '/var/run/db/juniper.data'
    2012-06-22 16:21:39 EDT: notifying daemons of new configuration
    2012-06-22 16:21:39 EDT: notifying mgd(1)
    2012-06-22 16:21:39 EDT: signaling 'Management process', pid 1119, signal 1, status 0 with notification errors enabled
    2012-06-22 16:21:39 EDT: notifying rpd(2)
    2012-06-22 16:21:39 EDT: signaling 'Routing protocols process', pid 1173, signal 1, status 0 with notification errors enabled
    2012-06-22 16:21:39 EDT: notifying dcd(15)
    2012-06-22 16:21:39 EDT: signaling 'Interface control process', pid 1201, signal 1, status 0 with notification errors enabled
    2012-06-22 16:21:39 EDT: notifying httpd-gk(31)
    2012-06-22 16:21:39 EDT: signaling 'Web management gatekeeper process', pid 1189, signal 1, status 0 with notification errors enabled
    2012-06-22 16:21:39 EDT: notifying eventd(82)
    2012-06-22 16:21:39 EDT: signaling 'Event processing process', pid 890, signal 1, status 0 with notification errors enabled
    2012-06-22 16:21:39 EDT: notifying lldpd(89)
    2012-06-22 16:21:39 EDT: signaling 'Link Layer Discovery Protocol', pid 17089, signal 1, status 0 with notification errors enabled
    2012-06-22 16:21:40 EDT: Rotate backup configs
    2012-06-22 16:21:44 EDT: commit complete
    commit complete
    
  • Changing chassis cluster configuration:

    When heartbeat-interval and hearbeat-threshold are added to the configuration, the chassisd and JSRPD daemons are notified of the change.
    {primary:node0}[edit]
    root@test# show | compare 
    [edit chassis cluster]
    + heartbeat-interval 1000;
    + heartbeat-threshold 4;
    
    {primary:node0}[edit]
    root@test# commit | display detail 
    node0: 
    2012-06-22 16:36:32 EDT: merging latest committed configuration
    2012-06-22 16:36:32 EDT: start loading commit script changes
    2012-06-22 16:36:32 EDT: no commit script changes
    2012-06-22 16:36:32 EDT: no transient commit script changes
    2012-06-22 16:36:32 EDT: finished loading commit script changes
    2012-06-22 16:36:32 EDT: copying juniper.db to juniper.data+
    2012-06-22 16:36:33 EDT: finished copying juniper.db to juniper.data+
    2012-06-22 16:36:33 EDT: exporting juniper.conf
    2012-06-22 16:36:33 EDT: expanding interface-ranges
    2012-06-22 16:36:33 EDT: finished expanding interface-ranges
    2012-06-22 16:36:33 EDT: expanding groups
    2012-06-22 16:36:33 EDT: finished expanding groups
    2012-06-22 16:36:33 EDT: setup foreign files
    2012-06-22 16:36:33 EDT: update license counters
    2012-06-22 16:36:33 EDT: finish license counters
    2012-06-22 16:36:33 EDT: propagating foreign files
    2012-06-22 16:36:33 EDT: complete foreign files
    2012-06-22 16:36:33 EDT: dropping unchanged foreign files
    2012-06-22 16:36:33 EDT: executing 'ffp propagate'
    2012-06-22 16:36:33 EDT: daemons checking new configuration
    2012-06-22 16:36:33 EDT: Chassis control process checking new configuration
    2012-06-22 16:36:35 EDT: Juniper Stateful Redundancy Protocol Daemon checking new configuration
    2012-06-22 16:36:35 EDT: updating shared candidate configuration
    2012-06-22 16:36:35 EDT: commit wrapup...
    2012-06-22 16:36:35 EDT: start ffp activate
    2012-06-22 16:36:35 EDT: executing 'ffp activate'
    2012-06-22 16:36:36 EDT: activating '/var/etc/certs'
    2012-06-22 16:36:36 EDT: executing foreign_commands
    2012-06-22 16:36:36 EDT: /bin/sh /etc/rc.ui ui_setup_users (sh)
    2012-06-22 16:36:36 EDT: not executing ui_commit in rc.ui
    2012-06-22 16:36:36 EDT: finish ffp activate
    2012-06-22 16:36:36 EDT: copying configuration to juniper.save
    2012-06-22 16:36:36 EDT: activating '/var/run/db/juniper.data'
    2012-06-22 16:36:36 EDT: notifying daemons of new configuration
    2012-06-22 16:36:36 EDT: notifying chassisd(5)
    2012-06-22 16:36:36 EDT: signaling 'Chassis control process', pid 1116, signal 1, status 0 with notification errors enabled
    2012-06-22 16:36:36 EDT: notifying jsrpd(67)
    2012-06-22 16:36:36 EDT: signaling 'Juniper Stateful Redundancy Protocol Daemon', pid 1129, signal 1, status 0 with notification errors enabled
    2012-06-22 16:36:36 EDT: Rotate backup configs
    2012-06-22 16:36:42 EDT: commit complete
    commit complete
    

To notify all the daemons of the configuration change, commit full has to be used.

Modification History:
2020-07-23: Article reviewed for accuracy; made minor non-technical edits.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search