[j-nsp] Bulk updates to Netscreen 5400
Tim Eberhard
xmin0s at gmail.com
Fri Jun 26 09:57:09 EDT 2009
I would not suggest playing with that fire...
My personal suggestion to make "bulk" updates or update many configuration
items at once would be to create the list of changes to a file and then tftp
merge it into the configuration.
It will go very fast and you can tell if anything errored out instantly.
merging part 1000 lines via tftp takes just 10-15 seconds.
Good luck,
-Tim Eberhard
On Fri, Jun 26, 2009 at 6:52 AM, Phil Mayers <p.mayers at imperial.ac.uk>wrote:
> All,
>
> We have a (quite busy) netscreen 5400, which we occasionally need to make
> big policy updates to. It goes very slow if we paste in changes via the CLI,
> and we're not inclined to buy Netscreen Security Manager (or whatever it's
> called these days) because our reseller stiffed us on a promised upgrade,
> and the demo we had was anyway pretty underwhelming.
>
> However - I have it on good authority that NSM merely uses a hidden CLI
> command to start & commit bulk updates "all at once", a bit like SQL
>
> e.g.
>
> set mode bulk
> set address Trust ...
> ...100 more lines
> set mode bulk-commit
>
> ...or something like that. Does anyone know what those magic commands are,
> if they really exist? Are there any caveats to using them?
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list