Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX/QFX] Failover static/default routes using RPM Event-Options

0

0

Article ID: KB32290 KB Last Updated: 28 Dec 2020Version: 2.0
Summary:

Some customers may need to enable IP service-level agreement (SLA) monitoring on EX/QFX switches to monitor reachability of next-hop static routes and to cut over traffic to an alternate route in case the primary one is down. Although IP SLA monitoring can be used to achieve this requirement, IP SLA monitoring is supported only on SRX firewall platforms.

This article uses an example to describe how the requirement can be achieved by using an alternative method.

Also review:

Cause:

On EX/QFX switch platforms, real-time performance monitoring (RPM) is an effective option to detect reachability of next-hop static routes. However, RPM cannot alter traffic to pass through other available routes to reach the same destination. This is as per design.

 

Solution:

Example Topology

Example Output

{master:0}[edit]
root# show routing-options   
static {
    route 0.0.0.0/0 next-hop 10.1.1.254;
    route 0.0.0.0/0 next-hop 10.1.2.254;
}

To both monitor the reachability of next-hop static routes and to cut over traffic to an alternate route in case the primary route is down, a combination of RPM and event-options features is required.

  1. RPM is used to detect reachability of next-hop static routes by using Internet Control Message Protocol (ICMP). An event, PING_TEST_FAILED, is initiated whenever the primary next-hop is not operational.

  2. An event-options policy is then triggered by this event (PING_TEST_FAILED). This event-options policy can be used to deactivate the primary route and activate the secondary one via the change-configuration option. Subsequently, the event-options policy can re-activate the primary route as soon as it is up again and put the secondary route into backup.

Example Configuration

{master:0}[edit]
root# show event-options
policy PING_UP {
    events ping_test_failed;
    attributes-match {
        ping_test_failed.test-owner matches PING;
        ping_test_failed.test-name matches Monitor;
    }
    then {
        change-configuration {
            commands {
                "deactivate routing-options static route 10.1.1.100/32";
                "deactivate event-options policy PING_UP";
                "activate routing-options static route 10.1.2.100/32";
                "activate event-options policy PING_DOWN";
            }
        }
    }
}

policy PING_DOWN {
    events ping_test_completed;
    attributes-match {
        ping_test_completed.test-owner matches PING;
        ping_test_completed.test-name matches Monitor;
    }
    then {                             
        change-configuration {
            commands {
                "activate routing-options static route 10.1.1.100/32";
                "deactivate event-options policy PING_DOWN";
                "deactivate routing-options static route 10.1.2.100/32";
                "activate event-options policy PING_UP";
            }
        }
    }
}

{master:0}[edit]
root# show services rpm
probe PING {
    test Monitor {
        probe-type icmp-ping;
        target address 10.1.1.254;
        probe-interval 1;
        test-interval 5;
        source-address 10.1.1.1;
    }
}

Example output when the primary route is down

{master:0}[edit]
root# show routing-options  
static {
    inactive: route 10.1.1.100/32 next-hop 10.1.1.254;  < Primary route deactivated 
    route 10.1.2.100/32 next-hop 10.1.2.254;              by event-options
}

{master:0}[edit]
root# show event-options
inactive: policy PING_UP {
    events ping_test_failed;
    attributes-match {
        ping_test_failed.test-owner matches PING;
        ping_test_failed.test-name matches Monitor;
    }
    then {
        change-configuration {
            commands {
                "deactivate routing-options static route 10.1.1.100/32";
                "deactivate event-options policy PING_UP";
                "activate routing-options static route 10.1.2.100/32";
                "activate event-options policy PING_DOWN";
            }
        }
    }
}

policy PING_DOWN {
    events ping_test_completed;
    attributes-match {
        ping_test_completed.test-owner matches PING;
        ping_test_completed.test-name matches Monitor;
    }
    then {                            
        change-configuration {
            commands {
                "activate routing-options static route 10.1.1.100/32";
                "deactivate event-options policy PING_DOWN";
                "deactivate routing-options static route 10.1.2.100/32";
                "activate event-options policy PING_UP";
            }
        }
    }
}

{master:0}[edit]
root# show services rpm
probe PING {
    test Monitor {
        probe-type icmp-ping;
        target address 10.1.1.254;
        probe-interval 1;
        test-interval 5;
        source-address 10.1.1.1;
    }
}

{master:0}[edit]
root# run show services rpm probe-results
    Owner: PING, Test: Monitor
    Target address: 10.1.1.254, Source address: 10.1.1.1, Probe type: icmp-ping,
    Test size: 1 probes
    Probe results:
      Request timed out, Tue Oct 17 13:06:12 2017
    Results over current test:
      Probes sent: 1, Probes received: 0, Loss percentage: 100.00000
    Results over last test:
      Probes sent: 1, Probes received: 0, Loss percentage: 100.00000
    Results over all tests:
      Probes sent: 1754, Probes received: 947, Loss percentage: 46.009121
      Measurement: Round trip time
        Samples: 947, Minimum: 3169 usec, Maximum: 926055 usec,
        Average: 13834 usec, Peak to peak: 922886 usec, Stddev: 43201 usec,
        Sum: 13100638 usec
      Measurement: Positive round trip jitter
        Samples: 467, Minimum: 42 usec, Maximum: 915149 usec,
        Average: 13752 usec, Peak to peak: 915107 usec, Stddev: 60251 usec,
        Sum: 6422106 usec
      Measurement: Negative round trip jitter
        Samples: 479, Minimum: 1 usec, Maximum: 917673 usec,
        Average: 13452 usec, Peak to peak: 917672 usec, Stddev: 59610 usec,
        Sum: 6443417 usec

Example output when the primary route is up again

{master:0}[edit]
root# run show services rpm probe-results   
    Owner: PING, Test: Monitor
    Target address: 10.1.1.254, Source address: 10.1.1.1, Probe type: icmp-ping,
    Test size: 1 probes
    Probe results:
      Response received, Tue Oct 17 13:07:15 2017, No hardware timestamps
      Rtt: 13574 usec, Round trip jitter: 7777 usec,
      Round trip interarrival jitter: 14612 usec
    Results over current test:
      Probes sent: 1, Probes received: 1, Loss percentage: 0.000000
      Measurement: Round trip time
        Samples: 1, Minimum: 13574 usec, Maximum: 13574 usec,
        Average: 13574 usec, Peak to peak: 0 usec, Stddev: 0 usec,
        Sum: 13574 usec
      Measurement: Positive round trip jitter
        Samples: 1, Minimum: 7777 usec, Maximum: 7777 usec, Average: 7777 usec,
        Peak to peak: 0 usec, Stddev: 0 usec, Sum: 7777 usec
    Results over last test:
      Probes sent: 1, Probes received: 1, Loss percentage: 0.000000
      Test completed on Tue Oct 17 13:07:15 2017
      Measurement: Round trip time
        Samples: 1, Minimum: 13574 usec, Maximum: 13574 usec,
        Average: 13574 usec, Peak to peak: 0 usec, Stddev: 0 usec,
        Sum: 13574 usec
      Measurement: Positive round trip jitter
        Samples: 1, Minimum: 7777 usec, Maximum: 7777 usec, Average: 7777 usec,
        Peak to peak: 0 usec, Stddev: 0 usec, Sum: 7777 usec
    Results over all tests:
      Probes sent: 1764, Probes received: 950, Loss percentage: 46.145126
      Measurement: Round trip time
        Samples: 950, Minimum: 3169 usec, Maximum: 926055 usec,
        Average: 13821 usec, Peak to peak: 922886 usec, Stddev: 43134 usec,
        Sum: 13129757 usec
      Measurement: Positive round trip jitter
        Samples: 469, Minimum: 42 usec, Maximum: 915149 usec,
        Average: 13724 usec, Peak to peak: 915107 usec, Stddev: 60123 usec,
        Sum: 6436387 usec
      Measurement: Negative round trip jitter
        Samples: 480, Minimum: 1 usec, Maximum: 917673 usec,
        Average: 13432 usec, Peak to peak: 917672 usec, Stddev: 59549 usec,
        Sum: 6447368 usec

{master:0}[edit]
root# show routing-options
static {
    route 10.1.1.100/32 next-hop 10.1.1.254;              < Primary route activated 
    inactive: route 10.1.2.100/32 next-hop 10.1.2.254;      again by event-options
}

{master:0}[edit]
root# show event-options
policy PING_UP {
    events ping_test_failed;
    attributes-match {
        ping_test_failed.test-owner matches PING;
        ping_test_failed.test-name matches Monitor;
    }
    then {
        change-configuration {
            commands {
                "deactivate routing-options static route 10.1.1.100/32";
                "deactivate event-options policy PING_UP";
                "activate routing-options static route 10.1.2.100/32";
                "activate event-options policy PING_DOWN";
            }
        }
    }
}
inactive: policy PING_DOWN {
    events ping_test_completed;
    attributes-match {
        ping_test_completed.test-owner matches PING;
        ping_test_completed.test-name matches Monitor;
    }
    then {                             
        change-configuration {
            commands {
                "activate routing-options static route 10.1.1.100/32";
                "deactivate event-options policy PING_DOWN";
                "deactivate routing-options static route 10.1.2.100/32";
                "activate event-options policy PING_UP";
            }
        }
    }
}

 

Modification History:
2020-12-28: Added links to related KBs in the summary.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search