KB23337 - How to upload large files to a JTAC Case SUMMARY: This article explains how to attach/upload files larger than 10GB to a JTAC case. It also and describes what files can be attached/uploaded to a Juniper Case. SYMPTOMS: JTAC often requires data such as configuration files, tracedump data files, log files, and more, to be collected and sent in for review. The instructions in this article show how to use SSH File Transfer Protocol (SFTP) to transfer files to JTAC in a secure and reliable format. CAUSE: If the files collected and sent in for review are larger than 10GB, they cannot be attached to a Case using Case Manager. SOLUTION: SSH File Transfer Protocol (SFTP) allows files to be transferred over Secure Shell (SSH) connections. SFTP transfers are encrypted as they are transported over the Internet. SFTP can be used to transfer files to Juniper s Technical Assistance Center (JTAC), and is ideal for larger files. Although functionally similar to File Transfer Protocol (FTP), SFTP is, in fact, quite different in implementation. At this time, FTP can still be used as a legacy technique to transfer files to Juniper as described in KB15585. SFTP as described in this article is recommended for transferring files to Juniper, however, due to better integration with the JTAC process, as well as the transport encryption it provides. Files uploaded to directories that match a case are automatically attached to the case, and the JTAC engineer is notified. The initial attachment is Private in order to allow a JTAC engineer to validate that the upload is associated with the case. After that, the JTAC engineer can mark the attachment as Public so that it becomes visible for the customer. The customer does not see a notification of the upload in Case Manager. If the upload is urgent, the customer should contact the JTAC engineer to track the transfer of the file to JTAC after the transfer to the SFTP server is completed. Clients that can be used include: SFTP from Unix and MacOS terminal. SFTP from the Junos CLI (encryption-enabled images only). Mac/PC file transfer applications such as FileZilla and WinSCP. Login details: Host: sftp.juniper.net
Notes: User: anonymous Password: anonymous Files should be uploaded to a case-specific directory. For example, all files for a case numbered 2012-0321-0722 should be uploaded to this directory: /pub/incoming/2012-0321-0722. o Be sure to use your JTAC case number for the directory in which you are going to upload your files. Uploaded files are attached internally to the case. o There is also an option to make the attachment visible through Case Manager. o Files ending in.exe or.com are not transferred, and are deleted from the servers. The JTAC engineer is notified within one (1) hour of the completion of the transfer of data. When reviewing the attachment, the JTAC engineer may contact the customer for confirmation. If the upload is not acknowledged by JTAC within an hour and the transfer is urgent, the customer should contact JTAC directly. Using SFTP on Unix or MacOS In this procedure, a case numbered 2012-0321-0722 is used. Be sure to use your JTAC case number for the directory in which you are going to upload your files. 1. Log into the SFTP server: unix:~> sftp anonymous@sftp.juniper.net Connecting to sftp.juniper.net... The authenticity of host 'sftp.juniper.net (66.129.230.52)' can't be established. RSA key fingerprint is 8b:6b:36:94:ea:6d:92:55:bb:1f:80:3e:54:ea:4d:30. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'sftp.juniper.net,66.129.230.52' (RSA) to the list of known hosts. anonymous@sftp.juniper.net's password: [ENTER anonymous for password] 2. Make a directory for your case uploads. These directories are removed after one (1) day, and can be re-created as needed. sftp> mkdir pub/incoming/2012-0321-0722 If the directory already exists, you may see an error message such as this: sftp> mkdir pub/incoming/2012-0321-0722 Couldn't create directory: Failure 3. Change directory to your case directory: sftp> cd pub/incoming/2012-0321-0722 If the directory doesn t exist, you may see an error message such as this:
sftp> cd pub/incoming/2012-0321-0722 Couldn't canonicalise: No such file or directory You can list your case directory, as shown below, but be aware that the files are removed from your case directory minutes after the upload completes: sftp> ls sftp> dir sftp> 4. Upload your file(s): sftp> put bigfile.enc Uploading bigfile.enc to /pub/incoming/2012-0321-0722/bigfile.enc bigfile.enc 6% 356MB 10.8MB/s 07:26 ETA. sftp> put bigfile.enc Uploading bigfile.enc to /pub/incoming/2012-0321-0722/bigfile.enc bigfile.enc 100% 5158MB 10.8MB/s 07:58 sftp> ls -l -rw-r--r-- 1 30000 30000 5409027850 Mar 19 18:39 bigfile.enc You can list the directory content only for a short time after the upload completes because the file is moved on the server to a location where it is not accessible to SFTP users. Here is the same listing two minutes later: sftp> ls -l sftp> Using SFTP on a Junos Router The commands used in the procedure above can also be executed from a Junos router with encrypted software support, as shown in the example below: --- JUNOS 11.4R1.6 built 2011-11-15 12:44:14 UTC user@router> sftp anonymous@sftp.juniper.net anonymous@sftp.juniper.net's password: Connected to sftp.juniper.net. sftp> Using Applications such as FileZilla and WinSCP on a Mac/PC In this procedure, a case numbered 2012-0321-0722 is used. Be sure to use your JTAC case number for the directory in which you are going to upload your files. The instructions below are very similar to the ones above. FileZilla (two different methods) and WinSCP are popular file transfer applications for MacOS and Windows. Note: FileZilla and WinSCP may produce errors because they do not have read permission to /pub/incoming. Reminder: You must specify the full path of your case directory when browsing or creating directories.
FileZilla - Method 1 Download Video 1. Create a folder on your PC with the JTAC case number 2. Move the files to upload into the directory 3. Open FileZilla
4. Enter sftp://sftp.juniper.net 5. Enter anonymous for the username and password
6. Click Connect 7. (Optional) Accept Key if needed
8. Double-click on Pub folder 9. Drag folder to incoming
10. File Transfers FileZilla - Method 2 1. Start a session by entering the host as sftp://sftp.juniper.net (or specify port 22). After you are connected, FileZilla remembers the connection in the history for quick reference. 2. Change the remote directory to your case directory by entering the full directory in the Remote site field. If the directory does not exist, an error message appears, as indicated in red type in the image below. If this happens, you must create the directory.
3. Create the case upload directory: Click the directory symbol, right-click to open the drop-down menu, and select Create Directory. 4. Specify the full path to the upload directory for the case, then click OK. Note that error messages may appear in the status window, even if the directory is created. For example, you can see in the image below that the directory is created; nevertheless, the error messages appear because FileZilla is trying to read /pub/incoming.
5. Navigate to the case directory by entering the full path in Remote site. Files can be dropped into the case folder, or into the directory listing, as highlighted by the blue arrows added in the image below.
Files are visible in the remote directory listing for a few minutes before they are moved to a location that is not accessible via SFTP.
WinSCP WinSCP is very similar to FileZilla. However, the path used to navigate to the directory is presented in the Address bar.
If you attempt to navigate to a directory that doesn t exist, an error window opens like the example below: In this situation, you must create the directory before proceeding. To create a directory, go to File > New > Directory (Ctrl-D), or use the Create Directory icon shown below: If you attempt to create a directory that already exists, an error window opens like the example below:
In this situation, navigate to the directory using the Address bar (the directory already exists). RELATED LINKS: Link Title How to reliably and securely FTP files to JTAC Link URL http://kb.juniper.net/kb15585