Has anyone else experienced issues with their automated scripts making use of JUNOScript over SSH? We just upgraded to 8.5, and we encountered a few issues.
1. The new SSH server cannot negotiate compression properly with the old SSH client in the perl Net::SSH::Perl module that the JUNOScript Perl API uses to connect to the router. The solution is to turn off Compression. However, due to a bug in the JUNOScript Perl API, the option to do that doesn't work--it isn't passed correctly to Net::SSH::Perl. Here is a fix for that (Case Matters in the Net::SSH::Perl options hash): diff -up JUNOS/Access/ssh.pm~ JUNOS/Access/ssh.pm --- JUNOS/Access/ssh.pm~ 2007-02-28 08:55:55.000000000 -0500 +++ JUNOS/Access/ssh.pm 2008-03-07 01:49:04.000000000 -0500 @@ -65,7 +65,7 @@ sub start protocol => '2,1', port => $rport || 22, interactive => $self->{'ssh-interactive'}, - compression => (defined $self->{'ssh-compress'} && + Compression => (defined $self->{'ssh-compress'} && !$self->{'ssh-compress'}) ? 'no' : 'yes', options => [ ForwardX11 => 'no' ]) || return; 2. Even with this fix, we see issues with our automated perl scripts hanging up after they are done doing what they need in JUNOScript, and try to close the SSH session with the router. The session hangs at that point. I have a case open with JTAC on this, but I was wondering if anyone else has seen this and may have a solution. We have been using this workaround with a timeout signal alarm for the time being: if ($state >= STATE_CONNECTED) { print "Closing connection\n" if $debug; eval { local $SIG{ALRM} = sub { die "timeout reached" }; alarm 60; print "Sending request_end_session\n" if $debug; $jnx->request_end_session(); print "request_end_session sent\nSending disconnect\n" if $debug; $jnx->disconnect(); print "disconnect sent\n" if $debug; alarm 0; } } alarm 0; if ($@ and $@ == "timeout reached"){ print "juniper-prefix-list.pl: Disconnect timeout, bailed\n"; } Here is an example of debug output from when this happens: ... No changes made Unlocking configuration Closing connection Sending request_end_session hostname: input_channel_request: rtype exit-status reply 0 hostname: channel 1: rcvd eof hostname: channel 1: output open -> drain hostname: channel 1: rcvd close hostname: channel 1: input open -> closed hostname: channel 1: close_read request_end_session sent Sending disconnect hostname: channel 1: obuf empty hostname: channel 1: output drain -> closed hostname: channel 1: close_write hostname: channel 1: send close hostname: channel 1: full closed Disconnect timeout, bailed REQUEST SUCCEEDED _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp