The SR Linux device must have a host name configured. The default host name is srlinux. The host name normally appears on all CLI prompts on the device, although you can override this with the environment prompt CLI command.
The host name should be a unique name on the network, and can be a fully qualified domain name (FQDN), or an unqualified single-label name. If the host name is a single-label name (for example, srlinux), the system may use its domain name, if configured, to infer its own FQDN.
Example:
The following shows the configuration for a host name on the SR Linux device.
The SR Linux device uses its host name, combined with a domain name to form its fully qualified domain name (FQDN). It is expected that the FQDN exists within the DNS server(s) used by SR Linux, though this is not a requirement.
Assuming the SR Linux FQDN is in the DNS server, you can use the FQDN to reach the SR Linux device without knowing its management address. A domain name is not mandatory, but if specified, it is added to the DNS search list by default.
Example:
The following shows the configuration for a domain name on the SR Linux device. In this example, the device FQDN is set to 3-node_srlinux-A.mv.usa.nokia.com.
The SR Linux device uses DNS to resolve host names within the configuration, or for operational commands, such as ping. You can specify up to three DNS servers for the SR Linux device to use, with either IPv4 or IPv6 addressing.
You can also specify a search list of DNS suffixes that the device can use to resolve single-label names; for example, for a search list of nokia1.com and nokia2.com, a ping for host srlinux does a DNS lookup for srlinux.nokia1.com, and if unsuccessful, does a DNS lookup for srlinux.nokia2.com.
The SR Linux device supports configuration of static DNS entries. Static DNS entries allow resolution of host names that may not be in the DNS servers used by the SR Linux device. Using a static DNS entry, you can map multiple addresses (both IPv4 and IPv6) to one host name. The SR Linux linux_mgr application adds the static DNS entries to the /etc/hosts file in the underlying Linux OS.
Example:
In the following example, the SR Linux device is configured to use two DNS servers to resolve host names, a search list of DNS suffixes for resolving single-label names, and IPv4 and IPv6 static DNS entries for a host.
DNS requests are sourced from the mgmt network-instance (see Configuring the management network-instance).
Management of the SR Linux device is primarily done via a management network-instance. The management network-instance isolates management traffic from other network-instances configured on the device.
The out-of-band mgmt0 port is automatically added to the management network-instance, and management services run within the management network-instance.
Although the management network-instance is primarily intended to handle management traffic, you can configure it in the same way as any other network-instance on the device, including protocols, policies, and filters. The management network instance is part of the default configuration, but may be deleted if necessary.
Addressing within the management network-instance is available via DHCP and static IP addresses. Both IPv4 and IPv6 addresses are supported.
Example:
Access to the SR Linux device is available via a number of APIs and protocols. The SR Linux supports the following ways to access the device:
Regardless of the method of access, all sessions are authenticated (if authentication is enabled), whether the session is entered via the console, SSH, or an API. Access to the device is controlled via the aaa_mgr application. See Securing access.
You can enable an SSH server for one or more network instances on the SR Linux device, so that users can log in to the CLI using an SSH client. The SR Linux device implements SSH via OpenSSH, and configures /etc/ssh/sshd_config in the underlying Linux OS. Only SSHv2 is supported.
Example:
In the following example, an SSH server is enabled in the mgmt and default network-instances, specifying the IP addresses where the device listens for SSH connections:
You can enable an FTP server for one or more network instances on the SR Linux device, so that users can transfer files to and from the device. The SR Linux uses the vsftpd (very secure FTP daemon) application within the underlying Linux OS. The authenticated user’s home directory returned by the aaa_mgr application is set as the user’s FTP root directory.
Example:
In the following example, the FTP server is enabled in the mgmt and default network-instance, specifying the IP addresses where the device listens for FTP connections:
The SR Linux device supports SNMPv2. To allow an SNMP client to read information about the system as an aid in monitoring the device, the SR Linux supports the following OIDs. The MIB file that covers these OIDs is packaged with each release.
ifOperStatus OID value | ID | /interface[]/oper-state enum | /interface[]/oper-state value |
up | 1 | up | 1 |
down | 2 | down | 2 |
testing | 3 | ||
unknown | 4 | ||
dormant | 5 | ||
notPresent | 6 | empty | 3 |
lowerLayerDown | 7 | down | 2 |
ifAdminStatus OID value | ID | /interface[]/admin-state enum | /interface[]/admin-state value |
up | 1 | enable | 1 |
down | 2 | disable | 2 |
testing | 3 |
Example:
In the following example, an SNMP server is running within the mgmt and default network-instances, and the configuration specifies the IP addresses where the device listens for SNMP client connections:
You can specify banner text that appears when a user connects to the SR Linux device. The following banners can be configured:
The banners appear regardless of the method used to connect to the SR Linux, so they are displayed to users connecting via SSH, console, and so on.
Example:
In the following example, login and motd banners are configured. The login banner text appears at the prompt when a user attempts to log in to the system, and the motd banner text appears after the user has been authenticated.
Network Time Protocol (NTP) is used to synchronize the system clock to a time reference. You can configure NTP settings on the SR Linux device using the CLl, and the SR Linux linux_mgr application provisions the settings in the underlying Linux OS.
NTP does not account for time zones, instead relying on the host to perform such computations. Time zones on the SR Linux device are based on the IANA tz database, which is implemented by the underlying Linux OS. You can specify the time zone of the SR Linux device using the CLI.
Example:
The following configuration enables the system NTP client on the SR Linux device and specifies an NTP server to use for clock synchronization. The NTP client runs in the mgmt network-instance. The system time zone is set to America/Los_Angeles.