In this scenario, we are doing static routing, but we want the capability to provide fast failover in the event of an outage. We can use Bi-directional Forwarding Detection, but this requires it to be set up on both ends. Let's assume for this exercise that BFD is not an option for our neighbor routers.
As you can see (from left to right), we have one core Juniper router (10.0.0.1) and 2 next hops. Lets pretend that these next hops are both ISPs that we want in place for business continuity in the event that one ISP should experience an outage.
Core Juniper Router Configuration:
Configure a static route:
set routing-options static route 0.0.0.0/0 next-hop 10.0.0.2
Configure Real-time Performance Monitoring:
set services rpm probe ROUTE1 test ROUTE1 target address 10.0.0.2
set services rpm probe ROUTE1 test ROUTE1 probe-count 3
set services rpm probe ROUTE1 test ROUTE1 probe-interval 15
set services rpm probe ROUTE1 test ROUTE1 test-interval 10
set services rpm probe ROUTE1 test ROUTE1 thresholds successive-loss 3
set services rpm probe ROUTE1 test ROUTE1 thresholds total-loss 3
set services rpm probe ROUTE1 test ROUTE1 next-hop 10.0.0.2
Configure IP Monitoring:
Configure IP Monitoring:
set services ip-monitoring policy ROUTE1 match rpm-probe ROUTE1
set services ip-monitoring policy ROUTE1 then preferred-route route 0.0.0.0/0 next-hop 10.0.0.3
With the above configuration, we are telling our router to monitor the connection to our next hop. Should our performance monitoring metrics fail, then our policy that we create under the services ip-monitoring hierarchy will be applied.
We can verify that RPM is running properly by issuing the following command from operational mode:
show services rpm history-results
Owner, Test Probe received Round trip time
ROUTE1, ROUTE1 Wed Feb 6 01:26:34 2013 1461 usec
We can verify whether or not our IP monitoring policy has been applied by issuing the following command from operational mode:
show services ip-monitoring status
Policy - ROUTE1
RPM Probes:
Probe name Address Status
---------------------- ---------------- ---------
ROUTE1 10.0.0.2 PASS
Route-Action:
route-instance route next-hop State
----------------- ----------------- ---------------- -------------
inet.0 0.0.0.0 10.0.0.3 NOT-APPLIED
Enjoy!
With the above configuration, we are telling our router to monitor the connection to our next hop. Should our performance monitoring metrics fail, then our policy that we create under the services ip-monitoring hierarchy will be applied.
We can verify that RPM is running properly by issuing the following command from operational mode:
show services rpm history-results
Owner, Test Probe received Round trip time
ROUTE1, ROUTE1 Wed Feb 6 01:26:34 2013 1461 usec
ROUTE1, ROUTE1 Wed Feb 6 01:26:49 2013 1477 usec
ROUTE1, ROUTE1 Wed Feb 6 01:27:04 2013 7215 usec
ROUTE1, ROUTE1 Wed Feb 6 01:27:14 2013 1420 usec
show services ip-monitoring status
Policy - ROUTE1
RPM Probes:
Probe name Address Status
---------------------- ---------------- ---------
ROUTE1 10.0.0.2 PASS
Route-Action:
route-instance route next-hop State
----------------- ----------------- ---------------- -------------
inet.0 0.0.0.0 10.0.0.3 NOT-APPLIED
i think there is an error on your example in this line?
ReplyDeleteset services ip-monitoring policy ROUTE1 then preferred-route route 10.0.99.0/24 next-hop 10.0.0.3
it should be?
set services ip-monitoring policy ROUTE1 then preferred-route route 0/0 next-hop 10.0.0.3
Hi Hugo, you are correct. I will change it. When I originally was testing I had a remote network of 10.0.99.0/24 that I wanted to change the route for. In this instance since we are just monitoring the default route it would be 0/0. Thanks!
ReplyDeleteHi Mitchell, if router 10.0.0.1 is a MX960 router, not service ip-monitoring, how to config ?
ReplyDeletequangdung, there are multiple ways to do this. You can use dynamic routing with BFD, for example. You could also load balance per flow as well. It all depends on what you are trying to accomplish.
DeleteWhat version of Juniper code were you on?
ReplyDelete