[j-nsp] Looking for Hints: Best Practices to PUSH prefix-list on MX platform with 16.x and UP
Chuck Anderson
cra at alum.wpi.edu
Thu Aug 12 19:44:48 EDT 2021
I've done this with perl scripts and the Juniper NETCONF libraries. I
make the changes inside a configuration group which is inherited into
the actual prefix-list(s), then lock down the account so it is only
able to make changes to that configuration group.
groups {
AUTO-PREFIX-LIST {
policy-options {
prefix-list AUTO-FOO {
...
prefix-list AUTO-BAR {
...
prefix-list AUTO-BAZ {
...
system {
login {
class AUTO-PREFIX-LIST {
permissions [ configure view view-configuration ];
allow-commands junoscript;
allow-configuration "(groups AUTO-PREFIX-LIST policy-options .*)";
On Thu, Aug 12, 2021 at 02:41:10PM -0400, Alain Hebert via juniper-nsp wrote:
> Context
>
> I'm looking for a *simple* & safe way to manage daily IRR changes
> from my customers...
>
> Right now its a simple script that push changes using command lines
> thru SSH...
More information about the juniper-nsp
mailing list