Junos “commit” command apply configuration changes to active configuration. Up to 50 configuration changes are stored in juniper devices. “rollback” command restore and apply the configuration of any of these 50 stored committed versions.
We know both commit and rollback commands from the previous sections, but this section will add some handy and useful tips about these two commands.
Junos “commit” and “rollback” commands Overview
Before touching the configuration’ let’s review Junos “commit” and “rollback” commands.
Junos “commit” command Overview
As we know, when we change a configuration, it is stored in candidate configuration but will not be applied to the device. With “show | compare” command we can see the changes in candidate configuration which are not yet applied to the device. With “commit” command, changed will be pushed and applied to the active configuration.
In addition to normal “commit” command, there are some parameters for this command. with “commit check” command, you can check the configuration changes to make sure if there is any mistake, conflict or incomplete commands. if there are some errors then you will receive some messages to correct the commands.
However “commit check” command is not very necessary to use, since the “commit” command also shows these messages if there are some errors.
But there is a very handy and useful parameter for commit command. with “commit confirmed MINUTES”, you can apply the changes but temporary and for a specified time otherwise you confirm the commit command during this period.
The use case of this command is when you configure a changes in the device but remotely and if there is a mistake, then your connection will be lost. With “commit confirm” command, if there is a mistake, the configuration will be restored after specified time since you do not confirm your changes.
It is always recommended to use “commit confirmed” instead of “commit” to make sure that new changes create no problem in the network. then we can confirm the commit command.
Junos “rollback” command Overview
With “rollback” command, we can restore one of the previous configuration versions.
By default up to 50 “commit” version of configurations are stored in the device locally from 0 to 49.
You can easily compare the current configuration with any of previous configuration versions and restore any of them.
The command “show | compare” is actually the same as “show | compare rollback 0”, which means to compare current candidate configuration with the last active configuration (rollback 0). in other words, what changes are configured but they are not still applied to the device.
The command “rollback 0” is very handy and useful which discard any changes in candidate configuration and restore latest active configuration.
The “rollback n” command restore the configuration to the latest n+1 committed configuration version. Notice that the restored version is not applied to the device and will be located in candidate configuration. Check the changes with “show | Compare” command and then apply it with the “Commit” command.
To better understand these two commands, let’s touch them once again.
Junos “commit” and “rollback” commands demonstration
Junos “commit” command demonstration
Let’s make an incomplete changes in the active configuration. the concept of the changes itself is not important and only the use of “commit” and “rollback” commands are important to concentrate.
rayka@vSRX> configure
Entering configuration mode
[edit]
rayka@vSRX# set security policies from-zone trust to-zone untrust policy PERMITALL match source-address any
[edit]
rayka@vSRX#After incomplete changes, I will use “commit check” command to check the configuration changes. The output of this command shows that there are some missing mandatory statements that I have to configure.
As I have said, “commit check” command is not very necessary to use, since the “commit” command also shows these messages if there are some errors.
rayka@vSRX# commit check
[edit security policies from-zone trust to-zone untrust policy PERMITALL]
'match'
Missing mandatory statement: 'destination-address'
[edit security policies from-zone trust to-zone untrust]
'policy PERMITALL'
Missing mandatory statement: 'then'
error: configuration check-out failed: (missing mandatory statements)
[edit]
rayka@vSRX# commit
[edit security policies from-zone trust to-zone untrust policy PERMITALL]
'match'
Missing mandatory statement: 'destination-address'
[edit security policies from-zone trust to-zone untrust]
'policy PERMITALL'
Missing mandatory statement: 'then'
error: commit failed: (missing mandatory statements)
[edit]
rayka@vSRX# Now let’s discard current changes and make some configuration by mistake that breaks our connectivity.
But this time I use “commit confirm 1” command instead of “commit” command. although my connectivity is broken but my connectivity will be restored after 1 minute since I do not confirm the commit command.
To confirm the commit command, we enter the commit command again without a confirmed parameter during the specified period.
This command is very useful and recommended.
rayka@vSRX# rollback 0
load complete
[edit]
rayka@vSRX# delete system services ssh
[edit]
rayka@vSRX# commit confirmed 1
commit confirmed will be automatically rolled back in 1 minutes unless confirmed
commit complete
# commit confirmed will be rolled back in 1 minute
[edit]
Broadcast Message from root@vSRX
(no tty) at 19:37 UTC...
Commit was not confirmed; automatic rollback complete.
[edit]
rayka@vSRX# 
Junos “rollback” command demonstration
As I have said, up to 50 version of committed configurations are stored locally in the device.
With command “show system commit” in operational mode, you can display all saved configuration versions. As you can see, there are more than 20 configuration versions stored in my device. For each version shows the date and also the user who modified it.
rayka@vSRX> show system commit
0 2022-05-05 19:37:03 UTC by root via other
1 2022-05-05 19:35:01 UTC by rayka via cli commit confirmed, rollback in 1mins
2 2022-05-05 19:33:55 UTC by rayka via cli
3 2022-05-05 19:32:39 UTC by rayka via cli
4 2022-05-05 19:32:21 UTC by rayka via cli commit confirmed, rollback in 1mins
5 2022-05-05 19:32:17 UTC by rayka via cli commit confirmed, rollback in 10mins
6 2022-05-05 19:31:17 UTC by rayka via cli commit confirmed, rollback in 1mins
7 2022-05-01 19:37:21 UTC by rayka via cli
8 2022-05-01 19:36:44 UTC by rayka via cli
9 2022-05-01 19:25:59 UTC by rayka via cli
10 2022-05-01 19:25:15 UTC by rayka via cli
11 2022-04-30 20:18:00 UTC by root via cli
12 2022-04-30 20:15:31 UTC by root via cli
13 2022-04-30 20:13:58 UTC by root via cli
14 2022-04-30 20:12:13 UTC by root via cli
15 2022-04-30 20:03:38 UTC by root via cli
16 2022-04-30 19:35:16 UTC by rayka via cli
17 2022-04-30 19:32:39 UTC by rayka via cli
18 2022-04-30 19:21:12 UTC by root via cli
19 2022-04-30 19:02:13 UTC by rayka via cli
20 2022-04-30 19:00:31 UTC by root via cli
21 2022-04-27 17:47:00 UTC by rayka via cli
22 2022-04-26 18:14:48 UTC by rayka via cli
23 2022-04-26 18:13:59 UTC by rayka via cli
24 2022-04-25 18:31:37 UTC by rayka via cli
25 2022-04-25 18:27:19 UTC by rayka via cli
26 2022-04-23 18:30:12 UTC by root via cli
27 2022-04-23 18:03:22 UTC by root via otherWith command “show configuration | compare rollback n”, you can compare your current active configuration with any version of saved configuration.
rayka@vSRX> show configuration | compare rollback 10
[edit system]
- host-name vSRX_temp;
+ host-name vSRX;
rayka@vSRX> With command “rollback n” in configuration mode, you can restore any version of stored configuration. the restored version is not applied to the device but it is located in candidate configuration.
With “show | compare” command, you will check again once again if the restored version of the configuration is correct. Then you can use “commit” command to apply the restored configuration.
rayka@vSRX# rollback 10
load complete
[edit]
rayka@vSRX# show | compare
[edit system]
- host-name vSRX;
+ host-name vSRX_temp;
[edit]
rayka@vSRX# The command “rollback 0” in configuration mode is very useful and handy command which discard the current candidate configuration to restore latest active configuration.
rayka@vSRX# rollback 0
load complete
[edit]
rayka@vSRX# show | compare
[edit]
rayka@vSRX#