Jared Mauch writes: >Try "load update" first. >That should be much faster than load replace.
"load update" is faster than "load override", since under the covers, it keeps the old config and finds the delta between the new config and the old, allowing the system to see only the changed bits of the config. "load override" wipes the old and loads the new. "load merge" is identical to "load replace", with the exception that "load replace" honors "replace:" tags, where "merge" ignores them. > On Feb 22, 2016, at 9:06 PM, Chuck Anderson <c...@wpi.edu> wrote: >Otherwise we get a failure trying to replace the prefix-list. I don't like this because now a rogue script could mess with the entire policy-options hierarchy. Consider using a config group, where the group would be completely "owned" by this app, and the junoscript user would be able to only write to that group, but to the entire contents. Then only apply that group where appropriate. If your "AUTO-*" list is static, you could put "apply-groups auto-app" under each specific prefix list; otherwise, you'd need to put in under policy-options. Thanks, Phil _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp