Junos “commit” command apply configuration changes to active configuration. Up to 50 configuration changes are stored in juniper devices. “rollback” command restore and apply the configuration of any of these 50 stored committed versions.

We know both commit and rollback commands from the previous sections, but this section will add some handy and useful tips about these two commands.

Junos “commit” and “rollback” commands Overview

Before touching the configuration’ let’s review Junos “commit” and “rollback” commands.

Junos “commit” command Overview

As we know, when we change a configuration, it is stored in candidate configuration but will not be applied to the device. With “show | compare” command we can see the changes in candidate configuration which are not yet applied to the device. With “commit” command, changed will be pushed and applied to the active configuration.

Juniper Junos commit commands
Juniper Junos commit commands

In addition to normal “commit” command, there are some parameters for this command. with “commit check” command, you can check the configuration changes to make sure if there is any mistake, conflict or incomplete commands. if there are some errors then you will receive some messages to correct the commands.

However “commit check” command is not very necessary to use, since the “commit” command also shows these messages if there are some errors.

But there is a very handy and useful parameter for commit command. with “commit confirmed MINUTES”, you can apply the changes but temporary and for a specified time otherwise you confirm the commit command during this period.

The use case of this command is when you configure a changes in the device but remotely and if there is a mistake, then your connection will be lost. With “commit confirm” command, if there is a mistake, the configuration will be restored after specified time since you do not confirm your changes.

It is always recommended to use “commit confirmed” instead of “commit” to make sure that new changes create no problem in the network. then we can confirm the commit command.

Junos “rollback” command Overview

With “rollback” command, we can restore one of the previous configuration versions.

By default up to 50 “commit” version of configurations are stored in the device locally from 0 to 49.

You can easily compare the current configuration with any of previous configuration versions and restore any of them.

Juniper Junos rollback commands
Juniper Junos rollback commands

The command “show | compare” is actually the same as “show | compare rollback 0”, which means to compare current candidate configuration with the last active configuration (rollback 0). in other words, what changes are configured but they are not still applied to the device.

The command “rollback 0” is very handy and useful which discard any changes in candidate configuration and restore latest active configuration.

The “rollback n” command restore the configuration to the latest n+1 committed configuration version. Notice that the restored version is not applied to the device and will be located in candidate configuration. Check the changes with “show | Compare” command and then apply it with the “Commit” command.

To better understand these two commands, let’s touch them once again.

Junos “commit” and “rollback” commands demonstration

Junos “commit” command demonstration

Let’s make an incomplete changes in the active configuration. the concept of the changes itself is not important and only the use of “commit” and “rollback” commands are important to concentrate.

rayka@vSRX> configure 
Entering configuration mode

[edit]
rayka@vSRX# set security policies from-zone trust to-zone untrust policy PERMITALL match source-address any   

[edit]
rayka@vSRX#

After incomplete changes, I will use “commit check” command to check the configuration changes. The output of this command shows that there are some missing mandatory statements that I have to configure.

As I have said, “commit check” command is not very necessary to use, since the “commit” command also shows these messages if there are some errors.

rayka@vSRX# commit check 
[edit security policies from-zone trust to-zone untrust policy PERMITALL]
  'match'
    Missing mandatory statement: 'destination-address'
[edit security policies from-zone trust to-zone untrust]
  'policy PERMITALL'
    Missing mandatory statement: 'then'
error: configuration check-out failed: (missing mandatory statements)

[edit]
rayka@vSRX# commit 
[edit security policies from-zone trust to-zone untrust policy PERMITALL]
  'match'
    Missing mandatory statement: 'destination-address'
[edit security policies from-zone trust to-zone untrust]
  'policy PERMITALL'
    Missing mandatory statement: 'then'
error: commit failed: (missing mandatory statements)

[edit]
rayka@vSRX# 

Now let’s discard current changes and make some configuration by mistake that breaks our connectivity.

But this time I use “commit confirm 1” command instead of “commit” command. although my connectivity is broken but my connectivity will be restored after 1 minute since I do not confirm the commit command.  

To confirm the commit command, we enter the commit command again without a confirmed parameter during the specified period.

This command is very useful and recommended.

rayka@vSRX# rollback 0                                  
load complete

[edit]
rayka@vSRX# delete system services ssh  

[edit]
rayka@vSRX# commit confirmed 1 
commit confirmed will be automatically rolled back in 1 minutes unless confirmed
commit complete

# commit confirmed will be rolled back in 1 minute
[edit]
                                                                               
Broadcast Message from root@vSRX                                               
        (no tty) at 19:37 UTC...                                               
                                                                               
Commit was not confirmed; automatic rollback complete.                                                                               


[edit]
rayka@vSRX# 
Juniper Junos commit confirmed command
Juniper Junos commit confirmed command

Junos “rollback” command demonstration

As I have said, up to 50 version of committed configurations are stored locally in the device.

With command “show system commit” in operational mode, you can display all saved configuration versions. As you can see, there are more than 20 configuration versions stored in my device. For each version shows the date and also the user who modified it.

rayka@vSRX> show system commit    
0   2022-05-05 19:37:03 UTC by root via other
1   2022-05-05 19:35:01 UTC by rayka via cli commit confirmed, rollback in 1mins
2   2022-05-05 19:33:55 UTC by rayka via cli
3   2022-05-05 19:32:39 UTC by rayka via cli
4   2022-05-05 19:32:21 UTC by rayka via cli commit confirmed, rollback in 1mins
5   2022-05-05 19:32:17 UTC by rayka via cli commit confirmed, rollback in 10mins
6   2022-05-05 19:31:17 UTC by rayka via cli commit confirmed, rollback in 1mins
7   2022-05-01 19:37:21 UTC by rayka via cli
8   2022-05-01 19:36:44 UTC by rayka via cli
9   2022-05-01 19:25:59 UTC by rayka via cli
10  2022-05-01 19:25:15 UTC by rayka via cli
11  2022-04-30 20:18:00 UTC by root via cli
12  2022-04-30 20:15:31 UTC by root via cli
13  2022-04-30 20:13:58 UTC by root via cli
14  2022-04-30 20:12:13 UTC by root via cli
15  2022-04-30 20:03:38 UTC by root via cli
16  2022-04-30 19:35:16 UTC by rayka via cli
17  2022-04-30 19:32:39 UTC by rayka via cli
18  2022-04-30 19:21:12 UTC by root via cli
19  2022-04-30 19:02:13 UTC by rayka via cli
20  2022-04-30 19:00:31 UTC by root via cli
21  2022-04-27 17:47:00 UTC by rayka via cli
22  2022-04-26 18:14:48 UTC by rayka via cli
23  2022-04-26 18:13:59 UTC by rayka via cli
24  2022-04-25 18:31:37 UTC by rayka via cli
25  2022-04-25 18:27:19 UTC by rayka via cli
26  2022-04-23 18:30:12 UTC by root via cli
27  2022-04-23 18:03:22 UTC by root via other

With command “show configuration | compare rollback n”, you can compare your current active configuration with any version of saved configuration.

rayka@vSRX> show configuration | compare rollback 10 
[edit system]
-  host-name vSRX_temp;
+  host-name vSRX;

rayka@vSRX> 

With command “rollback n” in configuration mode, you can restore any version of stored configuration. the restored version is not applied to the device but it is located in candidate configuration.

With “show | compare” command, you will check again once again if the restored version of the configuration is correct.  Then you can use “commit” command to apply the restored configuration.

rayka@vSRX# rollback 10 
load complete

[edit]
rayka@vSRX# show | compare 
[edit system]
-  host-name vSRX;
+  host-name vSRX_temp;

[edit]
rayka@vSRX# 

The command “rollback 0” in configuration mode is very useful and handy command which discard the current candidate configuration to restore latest active configuration.

rayka@vSRX# rollback 0 
load complete

[edit]
rayka@vSRX# show | compare 

[edit]
rayka@vSRX# 
Back to: Juniper Junos Associate version 22.1R1.10 (JNCIA-Junos) > Junos User Interfaces

Leave a Reply

Your email address will not be published. Required fields are marked *


Post comment