background image

CHAPTER 2 Media Flow Manager Overview

Media Flow Manager Administrator’s Guide

30

Admission Control

Copyright © 2010, Juniper Networks, Inc.

or pre-created according to a given format, or even with a proprietary format as long as the
client will understand the response.

Admission Control 

Admission Control works with Service Director. Media Flow Manager runs the Service Director
mechanism to control the edge servers that serve client requests for content, based on the
geographical location of the client. Service Director allows you to configure the closest Media
Flow Controller for a given geographical location. Admission Control leverages the interface
statistics from the Media Flow Controllers and controls the outgoing bandwidth for the content
served by the Media Flow Controllers using the Service Director.
Media Flow Controllers are designed to track the interface stats (RX bytes and TX bytes) on
every network interface. In a typical setup, the TX bytes would be the content delivered by the
Media Flow Controller while the RX bytes would the data fetched from the origin server. The
Media Flow Manager Admission Control feature fetches the interface stats from the Media
Flow Controllers at regular intervals (5 minutes). These RX and TX stats from the various
Media Flow Controllers are then collated to calculate the delivered bandwidth and the received
bandwidth. These collated bandwidths are recorded and plotted on a graph for easy viewing in
the Media Flow Manager. The Service Director uses the configuration of location-to-host
mapping to return an XML with the host name of the edge Media Flow Controller based on the
client’s location. To assist with Admission Control, configure a 

high watermark bandwidth

and low

 watermark bandwidth

 used by the Service Director in the following way:

If the current bandwidth measured in the last 5 minutes goes above the set 

high 

bandwidth watermark

, the Service Director only returns the default configured host 

(typically the CDN). This would mean that no new traffic comes to the Media Flow 
Controllers while they serve all the current requests.

If the current bandwidth drops below the set 

low bandwidth watermark

, the Service 

Director goes back to normal operation returning hosts based on the set configuration.

This lets you throttle the aggregate bandwidth delivered by the Media Flow Controllers,
ensuring that the publisher does not pay bandwidth overage charges.

Real-Time Log File Analyzer

Juniper Networks Media Flow Manager also provides an interface to AWStats™ realtime
logfile analyzer to provide aggregated log information output to the 

Reports

 page. A full log

analysis enables AWStats to show you the following information:

Number of visits, and number of unique visitors

Visits duration and last visits

Authenticated users, and last authenticated visits

Days of week and rush hours (pages, hits, KB for each hour and day of week)

Domains/countries of hosts visitors (pages, hits, KB, 269 domains/countries detected, 
GeoIp detection)

Hosts list, last visits and unresolved IP addresses list

Most viewed, entry and exit pages

Summary of Contents for MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI

Page 1: ...Published 2010 6 17 Release 2 0 2 Copyright 2010 Juniper Networks Inc Media Flow Manager Administrator s Guide and CLI Command Reference...

Page 2: ...ks are the property of their respective owners Juniper Networks assumes no responsibility for any inaccuracies in this document Juniper Networks reserves the right to change modify transfer or otherwi...

Page 3: ...d installation or use of the Software Customer may operate the Software after the 30 day trial period only if Customer pays for a license to do so Customer may not extend or create an additional trial...

Page 4: ...apabilities restricting Customer s ability to export the Software without an export license 12 Commercial Computer Software The Software is commercial computer software and is provided with restricted...

Page 5: ...V Media Flow Manager Administrator s Guide Document History Date Media Flow Manager Version Comments 2010 4 27 Release 2 0 Document Version 2 0 2010 6 17 Release 2 0 Document Version 2 0a...

Page 6: ...Media Flow Manager Administrator s Guide VI Copyright 2010 Juniper Networks Inc...

Page 7: ...1 21 Requesting Technical Support 1 22 Self Help Online Tools and Resources 1 22 Opening a Case with JTAC 1 23 2 Media Flow Manager Overview 2 25 Remote Monitoring and Management 2 26 Fault Management...

Page 8: ...System Config ARP Address Resolution 3 44 System Config Web 3 46 System Config Users 3 48 System Config SSH 3 50 System Config AAA authentication 3 50 System Config RADIUS 3 51 System Config TACACS 3...

Page 9: ...ure 3 87 View Logs 3 89 Reports 3 89 4 About the Command Line Interface CLI 4 93 Connecting and Logging In 4 93 Command Modes 4 93 Command Conventions 4 94 Prompt and Response Conventions 4 94 Command...

Page 10: ...5 debug 5 116 email 5 116 email event name 5 118 email class 5 119 enable 5 119 exit 5 119 file 5 120 ftp server 5 121 hostname 5 121 image 5 121 interface 5 122 ip 5 123 job 5 124 license 5 126 loggi...

Page 11: ...h client 5 139 ssh server 5 140 stats 5 141 stats alarms 5 143 stats CHDs 5 144 stats samples 5 145 tacacs server 5 145 tcpdump 5 147 telnet 5 147 telnet server 5 147 terminal 5 147 traceroute 5 147 u...

Page 12: ...TABLE OF CONTENTS Media Flow Manager Administrator s Guide XII Copyright 2010 Juniper Networks Inc...

Page 13: ...42 Figure 13 System Config DNS Page Detail Add or Modify Name Servers 3 42 Figure 14 System Config DNS Page Detail 3 43 Figure 15 System Config DNS Page Detail 3 43 Figure 16 System Config Hostname P...

Page 14: ...tion 3 62 Figure 47 System Config Configurations Page Detail Upload Configuration 3 62 Figure 48 System Config Configurations Page Import Configuration Detail 3 63 Figure 49 System Config Date and Tim...

Page 15: ...76 Service Director Configure Page Detail Optional Security Configuration 3 84 Figure 77 Service Director Configure Page Detail Match Response Configuration 3 85 Figure 78 Service Director Configure P...

Page 16: ...LIST OF FIGURES XVI Copyright 2010 Juniper Networks Inc...

Page 17: ...ty the ARP Cache 3 45 Configure the CMC Web based Interface 3 46 Configure the CMC Web based Proxy 3 47 Add a New User 3 49 Change User Passwords 3 49 Generate Host Keys 3 50 Set Authentication Method...

Page 18: ...ies CMC Authentication 3 71 Set CMC Rendezvous Parameters 3 73 Create and Manage CMC Profiles 3 74 Apply CMC Profiles 3 75 Edit CMC Profiles 3 76 View Node Namespaces 3 79 Purge Node Namespace Objects...

Page 19: ...rivileges terminology and CLI options CLI Commands Alphabetical list of all commands including keywords arguments and notes Documentation and Release Notes To obtain the most current version of all Ju...

Page 20: ...y a reverse proxy that provides these benefits reduces the load network and CPU on an origin server by servicing previously retrieved content and enhances the user experience due to a decrease in late...

Page 21: ...with Full Download see Full Download Pull vs Push Pull refers to media fetches from the origin server initiated by Media Flow Controller based on received requests Push refers to scheduled media deli...

Page 22: ...pport warranty JTAC Hours of Operation The JTAC centers have resources available 24 hours a day 7 days a week 365 days a year Self Help Online Tools and Resources For quick and easy problem resolution...

Page 23: ...pen a case with JTAC on the Web or by telephone Use the Case Manager tool in the CSC at http www juniper net cm Call 1 888 314 JTAC 1 888 314 5822 toll free in the USA Canada and Mexico For internatio...

Page 24: ...CHAPTER 1 Preface Media Flow Manager Administrator s Guide 24 Requesting Technical Support Copyright 2010 Juniper Networks Inc...

Page 25: ...ice provisioning systems Media Flow Manager supports various management interfaces command line interface CLI Web based Management Console XML APIs and SNMP GETs and traps Media Flow Controller nodes...

Page 26: ...nd software version is provided as well as summary information about the CMC console CMC allows you to access the Management Console of each of the Media Flow Controllers it manages You log into confi...

Page 27: ...Media Flow Controller CMC client logs into the CMC server using a password or SSH v2 RSA or DSA keys opens a connection and the same lines of communication are established as with the server initiated...

Page 28: ...ate a profile that configures NTP on a remote appliance the CMC has a special NTP configuration page that looks much like the NTP configuration page in the Management Console of a Media Flow Controlle...

Page 29: ...cks on a video at example com 2 Server returns HTML embedded with Flash player 3 Flash player makes a Web query to the Service Director to get the edge server s hostname 4 Service Director returns an...

Page 30: ...easy viewing in the Media Flow Manager The Service Director uses the configuration of location to host mapping to return an XML with the host name of the edge Media Flow Controller based on the clien...

Page 31: ...edia browsers 97 browsers more than 450 if using browsers_phone pm library file Visits of robots 319 robots detected Worms attacks 5 worm families Search engines keyphrases and keywords used to find y...

Page 32: ...CHAPTER 2 Media Flow Manager Overview Media Flow Manager Administrator s Guide 32 Real Time Log File Analyzer Copyright 2010 Juniper Networks Inc...

Page 33: ...ig Set up system functions including hosts users security and upgrades CMC Setup Set CMC options and add nodes and or groups of nodes to be managed CMC Profiles Create profiles sets of commands and ap...

Page 34: ...mespace usage CPU load and more Monitoring Summary The Summary page provides the following information See Figure 4 for graphic CMC Managed Media Flow Controller Nodes For each currently managed Media...

Page 35: ...Number of CPUs central processing units CPU load averages as of uptime Monitoring CMC Media Flow Controllers This page provides statistics and action options for managed Media Flow Controllers see Fig...

Page 36: ...CMC Setup page Click Detail for a selected Media Flow Controller to get more information see Figure 6 next for graphic Figure 5 Monitoring CMC Media Flow Controllers Page Details Page This page displa...

Page 37: ...ow Manager Web Based Interface Click Interrupt to stop a profile or command set from being applied once application has already started Click Remove Key if you need to install new Host Keys Figure 6 M...

Page 38: ...s a pie chart of Current Memory Statistics including statistics of Physical and Swap memory Total Used and Free Includes Pause and Resume buttons to stop start graph charting Also a pie chart of Curre...

Page 39: ...Type Speed Duplex MTU and a Comment if configured for each discovered interface eth0 configuration Make configurations for the eth0 interface See Figure 8 for graphic Enabled Select to enable the inte...

Page 40: ...Setting a primary interface ensures that DHCP messages arrive only on that interface to do so choose a Configured primary interface from the drop down list Click Apply to immediately apply changes Can...

Page 41: ...path See Figure 11 Destination The subnet path for this static route Mask The netmask for this route Gateway The configured gateway path to the Internet for this static route Interface The port config...

Page 42: ...Whether or not this DNS server is being used currently Source Configured means it was manually added Dynamic means it came from a name server Add or Modify Name Servers On the System Config DNS page y...

Page 43: ...for graphic Click Save at the top of the page to make changes persistent Figure 14 System Config DNS Page Detail Add New Domain Name on the System Config DNS page add a new domain name by entering a n...

Page 44: ...host entry cannot be removed Select an entry and click Remove Selected to delete it See Figure 17 for graphic next Click Save at the top of the page to make changes persistent Figure 17 System Config...

Page 45: ...try comes from DNS Click Remove Selected to delete an entry Click Save to make changes persistent Figure 19 System Config ARP Page Detail Add Static Entry Add a new static ARP entry on the System Conf...

Page 46: ...the Management Console Auto Logout Timeout Control the length of user inactivity required before the Management Console automatically logs out a user Enable HTTP and set an HTTP Port de select to disa...

Page 47: ...xy address Specify a proxy to be used for any HTTP or FTP downloads Web Proxy port If no port is specified the default is 1080 Authentication type Configure the type of authentication to be used with...

Page 48: ...r logins Full Name For the user as configured Host What system this user is configured on Idle seconds Time since the last command execution of this user User Accounts For each configured user account...

Page 49: ...pability There are three pre defined capabilities admin Full privileges default in Enable mode all EXEC commands are available monitor Privileges for reading all data and performing all actions but no...

Page 50: ...onfig AAA authentication Configure AAA authentication authorization and accounting settings accounting options are not supported RADIUS and or TACACS authentication must be configured before these opt...

Page 51: ...emote users are mapped to the user specified by Map Default User Any vendor attributes received by an authentication server are ignored Figure 28 System Config AAA Page Detail System Config RADIUS Con...

Page 52: ...s authorized to use when Login service is defined as LAT local area transport Enabled Whether or not this RADIUS server is enabled Disabling a server makes it inactive but does not delete it from the...

Page 53: ...fault TACACS Settings View and change Default TACACS Settings See Figure 32 next Key A shared secret text string If no key is set the user is prompted for the key Timeout Timeout for retransmitting a...

Page 54: ...ACACS Page Detail TACACS Servers Add New TACACS Server Add a new TACACS server see Figure 34 next you need this information Enabled The server must be enabled to do authentication Server IP IP address...

Page 55: ...abled the community configured is ignored Enable Traps Enable or disable by un checking sending SNMP traps from this system The SNMP server must be enabled first See snmp traps for details Sys Contact...

Page 56: ...management station a trap sink is where the trap is sent See snmp traps events for more information Add New Trap Sink Add hosts to receive traps See Figure 36 Trap Sink IP Add hosts to receive SNMP t...

Page 57: ...dots in it it is used as is Otherwise the currently active system domain name is used This can come either from the resolver configuration or from state dynamically instantiated by DHCP Return address...

Page 58: ...er or not this recipient receives Info class emails Failures Whether or not this recipient receives Failure class emails Figure 38 System Config Faults Page Detail Notify Recipients Add New Notify Rec...

Page 59: ...s class Click Apply to complete Log filtering configuration Cancel to revert to existing configuration Click Save at the top of the page to make changes persistent across reboots Figure 40 System Conf...

Page 60: ...ges persistent across reboots Remote Sink Address of configured Remote Sink Minimum Severity The configured log severity level for this Remote Sink Figure 42 System Config Logging Page Detail Remote L...

Page 61: ...ion Files Select a file and use the buttons to Delete it Switch To that configuration or Download the selected configuration as a binary file See Figure 45 below For each Configuration File Filename N...

Page 62: ...ocal text file Execute a set of CLI commands in a text file you upload Figure 47 System Config Configurations Page Detail Upload Configuration Execute CLI Commands Use this text box to enter CLI comma...

Page 63: ...gure 48 System Config Configurations Page Import Configuration Detail System Config Date and Time Set system Date and Time and Time Zone enable disable NTP time synchronization See Figure 49 for graph...

Page 64: ...P server Status Whether or not the server is currently in use Stratum The hierarchical system this NTP server uses Offset ms Whether or not an offset a degree in milliseconds of difference of the serv...

Page 65: ...re 52 next Figure 52 System Config NTP Page Detail Add New NTP Server System Config Licensing Use this page to view and remove installed licenses and add new licenses Installed Licenses View and Remov...

Page 66: ...ystem Config Reboot Reboot or Shutdown the appliance See Figure 55 for graphic A reboot brings up the same configuration that was last active Figure 55 System Config Reboot Page Detail System Config U...

Page 67: ...th of the install image Install via SCP Enter the URL and file path of the install image and a password allowing access Install from local file Use the Browse button to locate the file on your local s...

Page 68: ...ess of the Media Flow Controller Groups Any defined Group that the Media Flow Controller belongs to can belong to more than one Enabled Whether or not monitoring of this Media Flow Controller is enabl...

Page 69: ...er Enabled Enables monitoring of this Media Flow Controller Authentication Type How this CMC will authenticate the client Media Flow Controller and how the client Media Flow Controller will authentica...

Page 70: ...list Admin First Name Last Name E mail Phone Number and Alternate Phone Enter the contact information of the administrator you are adding 2 Click Add Media Flow Controller to complete the adding the n...

Page 71: ...roup and click Apply To remove a node simply un check its checkbox and click Apply again 3 Click Save at the top of the page to make changes persistent across reboots Group all Group n Group all is a...

Page 72: ...y The generated identity displays in the list table at the top of the page and is available to be selected in the drop down list to Push to an appliance It also becomes available in the drop down list...

Page 73: ...oller Administrator s Guide and CLI Command Reference 1 Once your nodes have been configured to rendezvous with your CMC server enable automatic rendezvous by selecting the Accept new clients automati...

Page 74: ...ou created it Comment The comment you added to the profile when you created it To delete an existing profile select it and click Remove Selected Click Save at the top of the page to make changes persi...

Page 75: ...ofile page to apply configured profiles to managed nodes or groups Note When you apply a profile its CLI commands are added to the existing configuration on the appliance See Figure 65 next 1 Select o...

Page 76: ...r s Guide 76 CMC Profiles Copyright 2010 Juniper Networks Inc Figure 65 CMC Profiles Apply Profile Page CMC Profiles Edit Profile Use this page to edit a configured profile chosen from the Profile nam...

Page 77: ...changes persistent Figure 67 CMC Profiles Edit Profile Page Detail Edit Comment Add Generic Command Enter a Sequence you can look at the commands already configured for that profile below in the All c...

Page 78: ...ou must re apply it to any nodes or groups that have had that profile applied The links at left for editing profiles are given below DNS and Hosts See System Config DNS on page 42 and System Config Ho...

Page 79: ...ler Node or Group and click Show Namespace A new window opens with all of the namespace settings configured on that node or the profile assigned to that node or Group See Figure 70 next Figure 70 Pres...

Page 80: ...All objects stored by Media Flow Controller RAM and disk cache are stored as UUID uri filename this options deletes all objects of the given namespace with that URI Click Purge Objects to complete th...

Page 81: ...namespace on the node s with name generic_probe uri prefix probe domain any and the Media Flow Manager as the origin server This namespace cannot be deleted There is a pre loaded object probe dat in...

Page 82: ...r One of the methods that you can use with the Service Director is an XML Response file in the format given below Once you configure the XML file post it to a location that the Media Flow Manager can...

Page 83: ...ted Reference Name A name for the XML response file Preset XML s URL The location of the XML response file Click Add to complete the XML response configuration and Save at the top of the page to make...

Page 84: ...d Save at the top of the page to make changes persistent across reboots Figure 76 Service Director Configure Page Detail Optional Security Configuration Match to Response Configuration For each config...

Page 85: ...ML Configuration A crossdomain file is required to be returned to flash players You can configure the crossdomain file in one of two ways Use the following preset XML Response Select this radio button...

Page 86: ...Media Flow Controllers are then collated to calculate the delivered bandwidth and the received bandwidth Admission Control leverages the interface statistics from the Media Flow Controllers and contr...

Page 87: ...his would mean that no new traffic comes to the Media Flow Controllers while they serve all the current requests Low Bandwidth Watermark Kbps If the current bandwidth drops below the set low watermark...

Page 88: ...ol monitoring list See Figure 82 below for graphic Media Flow Controller Node Name Choose a configured Media Flow Controller from the drop down list Media Flow Controller Node Interface Enter the inte...

Page 89: ...Log Page Detail Reports The Current Report based on the Media Flow Controller accesslogs loaded to the CMC log directory and is generated every 15 minutes See Figure 84 for graphic Tip You can set an...

Page 90: ...e following information Number of visits and number of unique visitors Visits duration and last visits Authenticated users and last authenticated visits Days of week and rush hours pages hits KB for e...

Page 91: ...rs 97 browsers more than 450 if using browsers_phone pm library file Visits of robots 319 robots detected Worms attacks 5 worm s families Search engines keyphrases and keywords used to find your site...

Page 92: ...CHAPTER 3 Media Flow Manager Web Based Interface Media Flow Manager Administrator s Guide 92 Reports Copyright 2010 Juniper Networks Inc...

Page 93: ...the IP address in a browser window and using admin as the login name Each user account has at least one privilege level that determines which commands they can issue and what CLI modes they can acces...

Page 94: ...the subcommand keywords described in this book Subcommand names are also case sensitive Most commands have subcommands arguments is a command specific list of space separated strings Each has its own...

Page 95: ...secutive characters interface Angle Brackets Text enclosed in angel brackets is variable and must be replaced by whatever it represents In the example to the right the user would replace file_name wit...

Page 96: ...P server installed in order to SCP or FTP respectively files to your machine Note Media Flow Manager does not support outbound FTP transactions except for logs Note If you omit the password part you m...

Page 97: ...output as well as all help text printed when the question mark key is pressed is displayed one screen at a time using the same pager as the show log command If the text to be displayed fits on a singl...

Page 98: ...ing show config hidden enable Enable or disable with no viewing hidden commands with show config commands session EXEC commands Configure CLI options for this session only auto logout Control the leng...

Page 99: ...ions on page 96 clock Set the system date and time cmc Configure and or use appliance authorization auth cancel execute group profile rendezvous server and status for Central Management Console on a M...

Page 100: ...t to the client show Display system configuration or statistics applies to most commands e g show files lists available files or displays their content if the file is specified Includes special subcom...

Page 101: ...US or TACACS is logged on as you must enter a username that exists locally and is enabled This mapping is used depending on the setting of authorization map order Use no to reset default admin order D...

Page 102: ...ge show banner Display contents of currently configured banners boot Configure system booting parameters boot bootmgr password 0 cleartext_password 7 encrypted_password cleartext_password next fallbac...

Page 103: ...page 96 for details clock Set the system clock and timezone clock set hh mm ss yyyy mm dd timezone zone zone_word zone_word Notes set Set the system clock The time must be specified The date is option...

Page 104: ...below auth See cmc auth below cancel Choose either an appliance or a group and cancel all outstanding commands execute Choose either an appliance or a group and execute either a specified command or i...

Page 105: ...rd are specified those are used to log into the appliance for pushing the key The password may be specified as if the account doesn t require one If the username and password are omitted the configure...

Page 106: ...ons from this appliance address Set the IP address from which Media Flow Controller gets client initiated connections from this appliance If set Media Flow Controller does not accept client initiated...

Page 107: ...have to either manually install a key or temporarily disable strict mode to get the key installed automatically With strict disabled default CMC automatically accepts a host key from a host for which...

Page 108: ...t specified on the command line the system will prompt for it and echo the characters securely in case the command is confidential rename new_profile_name Rename the specified profile comment comment...

Page 109: ...ed into the appliance record when the appliance is accepted authtype Enter either password to use configured password authentication ssh dsa2 to use configured ssh dsa2 authentication or ssh rsa2 to u...

Page 110: ...The status polling mechanism is the only way that a server can completely give up on a client and break the connection client requests enable Enable or disable processing of proxied requests from CMC...

Page 111: ...rn off checking of criterion X on appliance Y show cmc status Display status checking configuration and the most recent results of status checking for all appliances configuration The system can store...

Page 112: ...gument creates the new file with only factory defaults The optional keep arguments preserve portions of the running configuration keep basic Preserves licenses and SSH host keys and CMC rendezvous con...

Page 113: ...a comment Arguments files If no filename is specified display a list of configuration files in persistent storage If filename is specified display the commands to recreate the configuration in that f...

Page 114: ...se some to fail Note also that the configuration is not reset before executing the commands so the resulting configuration overlaid on top of the running configuration may be more than what is in the...

Page 115: ...encrypted and or authenticated this is used to create Virtual Private Networks for network to network communications e g between routers to link sites host to network communications e g remote user ac...

Page 116: ...oad the specified debug dump file to the specified URL Only FTP and TFTP URLs as well as SCP pseudo URLs are supported for the destination See the Command Arguments Key on page 95 for the scp URL form...

Page 117: ...rom which emails are to appear to come provided that the return address is not already fully qualified This is used in conjunction with the system hostname to form the full name of the host from which...

Page 118: ...Use no email return addr to reset to default return host Include the hostname in the return address for email notifications This only takes effect if the return address does not contain an at sign De...

Page 119: ...hung process exit A process in the system unexpectedly exited cpu util ok CPU utilization has fallen back to normal levels cpu util high CPU utilization has risen too high disk space ok File system fr...

Page 120: ...s report files See stats for details delete Delete a statistics report file by name move Rename to a new location a statistics report file upload Upload a statistics report file tcpdump Manipulate tcp...

Page 121: ...fy ignore sig require sig move source_image_name dest_image_name options require sig Notes boot Specify from which location the image should boot by default there are only two locations to choose from...

Page 122: ...signature is not required but if one is present it must be valid Use no image options require sig to disable show images Show all image files on the system as well as what images are installed in the...

Page 123: ...ng that is determined by querying the interface to find out its current auto detected state Important Changing the speed setting can interfere with auto configuration operations and should be avoided...

Page 124: ...alified hostnames in host Add or delete with no hostname IP mappings for etc hosts map hostname Set or delete with no a static host mapping for the current hostname name server Add or delete with no D...

Page 125: ...string comment comment_string schedule daily time hh mm ss monthly day of month day interval months time hh mm ss once time hh mm ss date yyyy mm dd periodic interval interval_time type once daily wee...

Page 126: ...e weekly executes use no to reset it the default which is midnight Options day of week Use a three letter code to set a day or multiple days one of the following sun Sunday mon Monday tue Tuesday wed...

Page 127: ...pct percentage force max num max_number_of_files_to_keep upload current 1 2 URL SCP filename format standard welf fw name firewall_name level cli commands severity_level none local override class clas...

Page 128: ...local log files This does not affect the schedule of auto rotation if it was done based on time the next automatic rotation still occurs at the same time it was previously scheduled Naturally if the a...

Page 129: ...ing local See logging severity level next for details Default is notice recieve Allow this system to receive log message from another host Default is disabled If enabled only log messages matching or...

Page 130: ...not matching the provided regular expression are printed Note Enclose all regex entries in single quotes i e example com show log files Display a list of local log files ntp Configure a Network Time...

Page 131: ...tion and does not cause the clock to be kept in sync on an ongoing basis It generates an error if NTP is enabled as the socket it requires is already in use show ntp Display NTP settings ping ping opt...

Page 132: ...ed for the string entries echo the asterisk character and the user must enter the same string retransmit For this host set or reset to zero with no the number of times the client attempts to authentic...

Page 133: ...inished noconfirm Suppresses the confirmations reset Reset configuration delete logs and all other data reset factory keep all config keep basic reboot Notes reset factory Scrub the system clean reset...

Page 134: ...kes it so you want to enter the most specific entities first For example if you configure Country USA as the first entry followed by City Santa Clara then all the IP addresses from USA are mapped only...

Page 135: ...break com host_2 host_3 media10 break com host_3 country_code USA country_code region_code California region_code city_code Los Angeles city_code client_ip 204 102 252 1 client_ip query_ip 98 22 15 52...

Page 136: ...n but includes commands that set default values running Same as show configuration except that it applies to the currently running configuration rather than the active saved configuration Note Command...

Page 137: ...list of hosts may still be edited if traps are disabled version Specify the SNMP version of traps to send to this host community string Set a password for the reading and writing of SNMP traps this i...

Page 138: ...re described in Table 5 below Table 5 SNMP Traps Notify able Events Trap Description cpu util high CPU utilization has risen too high cpu util ave ok CPU utilization has fallen back to acceptable leve...

Page 139: ...The specified key is added to the list of authorized SSHv2 RSA or DSA public keys for this user account These keys can be used to log into the user s account The specified user must be a valid accoun...

Page 140: ...the users ssh server Enable or disable and configure SSH secure sockets shell server options ssh server enable host key generate key_type private key key public key key listen enable interface interf...

Page 141: ...not listed in the command show ssh server host keys SSH server information including whether or not it is enabled and the host key fingerprints Use the host keys option to display information about t...

Page 142: ...Set alarm for when specified statistic rises too high clear threshold This value terminates the alarm error threshold This value initiates the alarm chd CHD_ID Configure computed historical datapoint...

Page 143: ...s cpu Basic statistics about CPU utilization the current level the peak over the past hour and the average over the last hour sample Sampling interval for all samples or the specified one stats alarms...

Page 144: ...clear threshold is 10 of disk space free intf_util Network utilization in B ps Default rising error threshold is 10485760 bytes per sec default rising clear threshold is 9437184 bytes per sec memory_...

Page 145: ...on across all interfaces memory_day Average physical memory usage bytes Default interval and range are 1800 seconds memory_pct Average physical memory usage mfds_tx_bw Transmissions out TX bandwidth o...

Page 146: ...er If unspecified the user is prompted for it prompt key Mutually exclusive with key string It requests to be prompted for the key with the entry echoed as asterisk characters for greater security ret...

Page 147: ...net finishes telnet server Manage the TELNET server telnet server enable Enable or disable with no the telnet server show telnet server Telnet server settings terminal EXEC command Set parameters for...

Page 148: ...password this leaves the account as a whole the same but forbids login with a password it is assumed that SSH key access is used instead To re enable the account the user must un disable it and put a...

Page 149: ...nterface interface_name https enable port TCP_port certificate regenerate proxy auth authtype none basic basic password plaintext_password username username host IP_address port TCP_port session renew...

Page 150: ...it to the default but does not disable HTTPS proxy Configure Web proxy settings See web proxy below for details session Configure session settings renewal Control the length of time before Web session...

Page 151: ...f the web proxy auth authtype is set to basic Note the user name is accepted and stored in plaintext host Specify a proxy to be used for any HTTP or FTP downloads If no port is specified the default i...

Page 152: ...CHAPTER 5 CLI Commands Media Flow Manager Administrator s Guide 152 write Copyright 2010 Juniper Networks Inc...

Page 153: ...auto logout CLI 97 Management Console 149 B banners commands 102 boot commands 102 image file location 121 C cache ARP add delete entries 102 capability user accounts 148 changing configuration 111 co...

Page 154: ...151 files 120 installed licenses 126 interface information 123 Management Console settings 150 notification settings 119 routing information 124 set system commands 113 SNMP settings 137 SSH client i...

Page 155: ...lhub email option 117 MB and MiB definitions 21 merging configurations 112 motd message of the day banner set 102 moving configuration files 112 image files 121 stats files 120 N notifications events...

Page 156: ...kie 150 timezone system 103 traps SNMP 55 137 troubleshooting changing duplex speed 123 SCP and FTP requirement 96 U uploading configuration files 112 log files 128 uri prefix example and usage 21 URL...

Reviews: