Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] Using escape quotation marks not valid in NETCONF

0

0

Article ID: KB35615 KB Last Updated: 31 Mar 2020Version: 1.0
Summary:

For some third-party devices, configuring the Junos OS via NETCONF with escape quotation marks may result in configuration failure and other cascaded issues.

This article explains that NETCONF is an XML channel where strings are read as is, so using escape quotation marks is not valid and that the string value is required for any command attributes to work.

 

Symptoms:

For example, the following match string is unexpected, and may cause some errors:

<match>"\".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"\"</match>

The full details are listed as below:‚Äč

labroot@router> netconf
<!-- No zombies were killed during the creation of this user interface -->
<!-- user labroot, class j-super-user -->
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <capabilities>
    <capability>urn:ietf:params:netconf:base:1.0</capability>
    <capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
    <capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</capability>
    <capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
    <capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
    <capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
    <capability>urn:ietf:params:xml:ns:netconf:capability:candidate:1.0</capability>
    <capability>urn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</capability>
    <capability>urn:ietf:params:xml:ns:netconf:capability:validate:1.0</capability>
    <capability>urn:ietf:params:xml:ns:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
    <capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
    <capability>http://xml.juniper.net/netconf/junos/1.0</capability>
    <capability>http://xml.juniper.net/dmi/system/1.0</capability>
  </capabilities>
  <session-id>4131</session-id>
</hello>
]]>]]>
<?xml version="1.0" encoding="UTF-8"?>
<nc:rpc xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:c08d06b1-34b4-46e3-8289-49af1cfed204">
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/19.4R0/junos" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:c08d06b1-34b4-46e3-8289-49af1cfed204">
<open-configuration>
<private/>
</open-configuration>
</nc:rpc>
]]>]]></rpc-reply>
]]>]]>
<rpc>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/19.4R0/junos">
<edit-config>
<target>
<candidate/>
</target>
<config>
<configuration>
           <system>
                <syslog>
                    <file>
                        <name>cli.log</name>
                        <contents>
                            <name>interactive-commands</name>
                            <info/>
                        </contents>
                        <match>"\".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"\"</match>
                        <archive>
                            <size>5m</size>
                            <files>10</files>
                        </archive>
                    </file>
                </syslog>
            </system>
</configuration>
</config>
</edit-config>
</rpc>         
]]>]]> <ok/>
</rpc-reply>
]]>]]>
<?xml version="1.0" encoding="UTF-8"?>
<nc:rpc xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:e1569655-3894-48fd-b658-ff541faf2122">
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/19.4R0/junos" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:e1569655-3894-48fd-b658-ff541faf2122">
<get-configuration compare="rollback" rollback="0" format="text"/>
</nc:rpc>
]]>]]><configuration-information>
<configuration-output>
[edit system]
+   syslog {
+       file cli.log {
+           interactive-commands info;
+           match "\".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"\";
+           archive size 5m files 10;
+       }
+   }
</configuration-output>
</configuration-information>
</rpc-reply>
]]>]]>
<?xml version="1.0" encoding="UTF-8"?><nc:rpc xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:aa6e914d-ed1c-4457-bcb7-2c5ab3d53f10">
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/19.4R0/junos" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:aa6e914d-ed1c-4457-bcb7-2c5ab3d53f10">
<commit-configuration>
</commit-configuration>
</nc:rpc>
]]>]]>
<load-success/>
<load-success/>
<?xml version="1.0" encoding="UTF-8"?>
<nc:rpc xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:bdd80b22-9bfb-4c76-9ac6-0bc7c2cebb27">
<close-configuration/>
</nc:rpc>
]]>]]>
<ok/>
</rpc-reply>
]]>]]>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/19.4R0/junos" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:bdd80b22-9bfb-4c76-9ac6-0bc7c2cebb27">
</rpc-reply>
]]>]]>
<?xml version="1.0" encoding="UTF-8"?>
<nc:rpc xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:d6e9ffb7-eb8f-4e7c-81cb-12c7df521373">
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/19.4R0/junos" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:d6e9ffb7-eb8f-4e7c-81cb-12c7df521373">
<nc:close-session/>
</nc:rpc>
]]>]]><ok/>
</rpc-reply>
]]>]]>
<!-- session end at 2020-02-03 16:52:11 PST -->

Last login: Mon Feb  3 16:41:58 2020 from 172.27.16.111
--- JUNOS 19.4R1.10 built 2019-12-19 04:03:35 UTC
labroot@router> configure private
warning: uncommitted changes will be discarded on exit
Entering configuration mode

[edit]
labroot@router# set interfaces ae0 description "value3" 

[edit]
labroot@router# commit
commit complete

[edit]
labroot@router# run show system commit
0   2020-02-03 16:52:55 PST by labroot via cli
1   2020-02-03 16:52:04 PST by labroot via netconf
2   2020-02-03 16:45:35 PST by labroot via cli
3   2020-02-03 16:42:49 PST by labroot via cli
4   2020-02-03 16:41:43 PST by labroot via netconf
5   2020-02-02 21:09:16 PST by labroot via cli
6   2020-02-02 20:50:00 PST by labroot via cli
7   2020-02-02 20:26:28 PST by labroot via cli
8   2020-01-31 09:06:51 PST by root via cli
9   2020-01-31 09:04:46 PST by root via other
10  2020-01-31 08:18:32 PST by root via cli
11  2020-01-24 13:44:35 PST by root via cli
12  2020-01-22 14:01:55 PST by root via cli
13  2019-12-11 00:49:39 PST by root via other
14  2019-12-10 01:56:26 PST by labroot via cli
15  2019-12-10 01:55:31 PST by labroot via cli
16  2019-12-10 01:54:15 PST by labroot via cli commit confirmed, rollback in 2mins
17  2019-12-10 01:44:07 PST by root via other
18  2019-12-10 01:14:36 PST by labroot via cli
19  2019-12-10 01:13:30 PST by labroot via cli
20  2019-12-10 00:38:27 PST by labroot via cli
21  2019-12-10 00:38:14 PST by labroot via cli commit confirmed, rollback in 2mins
22  2019-12-10 00:37:29 PST by root via other
23  2019-12-10 00:35:11 PST by labroot via cli commit confirmed, rollback in 2mins
24  2019-11-17 22:24:50 PST by labroot via cli
25  2019-10-21 17:39:37 PDT by labroot via cli
26  2019-10-21 17:14:47 PDT by labroot via cli
27  2019-10-21 16:20:04 PDT by labroot via cli
28  2019-10-21 16:14:05 PDT by labroot via cli
29  2019-10-21 16:12:43 PDT by labroot via cli
30  2019-10-17 16:55:31 PDT by labroot via cli
31  2019-10-17 16:16:44 PDT by labroot via cli
32  2019-10-17 13:12:14 PDT by labroot via cli
33  2019-10-16 17:15:30 PDT by labroot via cli
34  2019-10-16 17:15:14 PDT by labroot via cli commit confirmed, rollback in 1mins
35  2019-09-12 10:37:02 PDT by labroot via cli
36  2019-09-12 10:19:44 PDT by labroot via cli
37  2019-09-12 10:08:59 PDT by labroot via cli
38  2019-09-11 17:00:24 PDT by labroot via cli
39  2019-09-11 16:52:50 PDT by labroot via cli
40  2019-09-11 16:48:29 PDT by labroot via cli
41  2019-09-11 16:38:34 PDT by labroot via cli
42  2019-09-11 16:36:31 PDT by labroot via cli
43  2019-09-11 16:29:31 PDT by labroot via cli
44  2019-09-11 16:16:16 PDT by labroot via cli
45  2019-09-11 16:11:31 PDT by labroot via cli
46  2019-09-11 16:03:11 PDT by labroot via cli
47  2019-09-11 16:00:33 PDT by labroot via cli
48  2019-09-11 15:49:50 PDT by labroot via cli
49  2019-09-11 15:34:13 PDT by labroot via cli

[edit]
labroot@router# rollback 2
load complete

[edit]
labroot@router# show | compare
[edit system]
-   syslog {
-       file cli.log {
-           interactive-commands info;
-           match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*";
-           archive size 5m files 10;
-       }
-   }
[edit interfaces ae0]
-   description value3;
+   description qld-fvly-re1:ae0_aar_cqu_jcu;

[edit]
labroot@router# commit and-quit
[edit system syslog file cli.log match]
  'match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"'
    warning: statement does not match patch: '".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"' != '.*CMDLINE.*|.*JUNOSCRIPT_CMD.*'

[edit]
labroot@router# exit
The configuration has been changed but not committed
Discard uncommitted changes? [yes,no] (yes) 

Exiting configuration mode

labroot@router> configure private
warning: uncommitted changes will be discarded on exit
Entering configuration mode

[edit]
labroot@router# rollback 2
load complete

[edit]
labroot@router# show | compare
[edit system]
-   syslog {
-       file cli.log {
-           interactive-commands info;
-           match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*";
-           archive size 5m files 10;
-       }
-   }
[edit interfaces ae0]
-   description value3;
+   description previousValue;

[edit]
labroot@router# commit and-quit
[edit system syslog file cli.log match]
  'match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"'
    warning: statement does not match patch: '".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"' != '.*CMDLINE.*|.*JUNOSCRIPT_CMD.*'

[edit]
labroot@router# exit
The configuration has been changed but not committed
Discard uncommitted changes? [yes,no] (yes) 

Exiting configuration mode

labroot@router> configure
Entering configuration mode

[edit]
labroot@router# rollback 2
load complete

[edit]
labroot@router# show | compare
[edit system]
-   syslog {
-       file cli.log {
-           interactive-commands info;
-           match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*";
-           archive size 5m files 10;
-       }
-   }
[edit interfaces ae0]
-   description value3;
+   description previousValue;

[edit]
labroot@router# commit and-quit
commit complete
Exiting configuration mode 

===================================

<<<<<  Without NETCONF, all good:

labroot@router> configure
Entering configuration mode
The configuration has been changed but not committed

[edit]
labroot@router# load merge terminal
[Type ^D at a new line to end input]
system {
    syslog {
        file cli.log {
            interactive-commands info;
            match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*";
            archive size 5m files 10;
        }
    }
}
load complete

[edit]
labroot@router# commit and-quit
commit complete
Exiting configuration mode

labroot@router> configure private
warning: uncommitted changes will be discarded on exit
Entering configuration mode

[edit]
labroot@router# set interfaces ae0 description "value3" 

[edit]
labroot@router# show | compare
[edit interfaces ae0]
-   description previousValue;
+   description value3;

[edit]
labroot@router# commit
commit complete

[edit]
labroot@router# run show system commit
0   2020-02-03 17:05:31 PST by labroot via cli
1   2020-02-03 17:04:52 PST by labroot via cli
2   2020-02-03 16:56:00 PST by labroot via cli
3   2020-02-03 16:52:55 PST by labroot via cli
4   2020-02-03 16:52:04 PST by labroot via netconf
5   2020-02-03 16:45:35 PST by labroot via cli
6   2020-02-03 16:42:49 PST by labroot via cli
7   2020-02-03 16:41:43 PST by labroot via netconf
8   2020-02-02 21:09:16 PST by labroot via cli
9   2020-02-02 20:50:00 PST by labroot via cli
10  2020-02-02 20:26:28 PST by labroot via cli
11  2020-01-31 09:06:51 PST by root via cli
12  2020-01-31 09:04:46 PST by root via other
13  2020-01-31 08:18:32 PST by root via cli
14  2020-01-24 13:44:35 PST by root via cli
15  2020-01-22 14:01:55 PST by root via cli
16  2019-12-11 00:49:39 PST by root via other
17  2019-12-10 01:56:26 PST by labroot via cli
18  2019-12-10 01:55:31 PST by labroot via cli
19  2019-12-10 01:54:15 PST by labroot via cli commit confirmed, rollback in 2mins
20  2019-12-10 01:44:07 PST by root via other
21  2019-12-10 01:14:36 PST by labroot via cli
22  2019-12-10 01:13:30 PST by labroot via cli
23  2019-12-10 00:38:27 PST by labroot via cli
24  2019-12-10 00:38:14 PST by labroot via cli commit confirmed, rollback in 2mins
25  2019-12-10 00:37:29 PST by root via other
26  2019-12-10 00:35:11 PST by labroot via cli commit confirmed, rollback in 2mins
27  2019-11-17 22:24:50 PST by labroot via cli
28  2019-10-21 17:39:37 PDT by labroot via cli
29  2019-10-21 17:14:47 PDT by labroot via cli
30  2019-10-21 16:20:04 PDT by labroot via cli
31  2019-10-21 16:14:05 PDT by labroot via cli
32  2019-10-21 16:12:43 PDT by labroot via cli
33  2019-10-17 16:55:31 PDT by labroot via cli
34  2019-10-17 16:16:44 PDT by labroot via cli
35  2019-10-17 13:12:14 PDT by labroot via cli
36  2019-10-16 17:15:30 PDT by labroot via cli
37  2019-10-16 17:15:14 PDT by labroot via cli commit confirmed, rollback in 1mins
38  2019-09-12 10:37:02 PDT by labroot via cli
39  2019-09-12 10:19:44 PDT by labroot via cli
40  2019-09-12 10:08:59 PDT by labroot via cli
41  2019-09-11 17:00:24 PDT by labroot via cli
42  2019-09-11 16:52:50 PDT by labroot via cli
43  2019-09-11 16:48:29 PDT by labroot via cli
44  2019-09-11 16:38:34 PDT by labroot via cli
45  2019-09-11 16:36:31 PDT by labroot via cli
46  2019-09-11 16:29:31 PDT by labroot via cli
47  2019-09-11 16:16:16 PDT by labroot via cli
48  2019-09-11 16:11:31 PDT by labroot via cli
49  2019-09-11 16:03:11 PDT by labroot via cli

[edit]
labroot@router# rollback 2
load complete

[edit]
labroot@router# show | compare
[edit system]
-   syslog {
-       file cli.log {
-           interactive-commands info;
-           match ".*CMDLINE.*|.*JUNOSCRIPT_CMD.*";
-           archive size 5m files 10;
-       }
-   }
[edit interfaces ae0]
-   description value3;
+   description previousValue;

[edit]
labroot@router# commit and-quit
commit complete
Exiting configuration mode

labroot@router> 

Note: Sometimes the third party device may successfully push the configuration to the Junos platform with the wrong format. However, when users roll back configuration with configure private, the system will report an error as shown above.

 

Cause:

NETCONF is an XML channel where strings are read as is, so using escape quotes is not valid. The programming language is strict and the format needs to be exact for any configuration to work.

 

Solution:

Use the following string format without escape quotation marks via NETCONF:

  1. <match>".*CMDLINE.*|.*JUNOSCRIPT_CMD.*"</match>

Issue is not seen with this data. 

  1. <match>.*CMDLINE.*|.*JUNOSCRIPT_CMD.*</match>

Issue is not seen with this data.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search