Cisco-like IPSLA on JunOS

by Chris
on February 6, 2019

One of the more common CPE type things we use is IPSLA, often used when you want to prefer a certain circuit but there are many use cases.

On JunOS, this uses two processes for this, Real Time Performance Monitoring, and IP Monitoring, to provide an ICMP probe, and an action based on probe results.

LAB: 2x vSRX instances connected to the same port-group on vnic1, looking something akin to: [r1] — ge0/0/0.0 —- ge0/0/0.0 [r2]. On R1, we connect another interface (vnic2) as ge0/0/1.0 so we’ve got another up source interface to switch routes.

Basic Router Setup

Very simple setup to bring up R1 and R2:

  • Set a root password
  • Set Hostname
  • Switch to Packet Mode for inet (v4)
  • Set up ge-0/0/0.0 on both routers and ge0/0/0.0
  • We’ll use 192.168.1.1/24 on R1 ge-0/0/0.0, 192.168.1.2/24 on R2 ge-0/0/0.0 and 192.168.1.2 on R1 ge-0/0/1.0
  • We’ll set a static route on R1 for 0/0 via 192.168.1.2 (R2)

R1 Config

configure
set system root-authentication plain-text-password
<password>
set system host-name r1
delete security
set security forwarding-options family mpls mode packet-based
set interfaces ge-0/0/0.0 family inet address 192.168.1.1/24
set interfaces ge-0/0/1.0 family inet address 192.168.2.1/24
set routing-options static route 0.0.0.0/0 next-hop 192.168.1.2
commit

R2 Config

configure
set system root-authentication plain-text-password
<password>
set system host-name r2
delete security
set security forwarding-options family mpls mode packet-based
set interfaces ge-0/0/0.0 family inet address 192.168.1.2/24
commit

Now verify connectivity via ping:

Working ping – good so far

Configuring DG Failover

Configuring RPM (Real Time Performance Monitor) for our probe

Next on R1 we’ll configure the RPM section, using fairly standard values seen in Cisco IPSLA (Thresholds, Timeouts, Counts etc). We’ll be pinging R2 via ge-0/0/0.0 on R1, hence our monitor config is done on R1. In the example, dg-probe is the owner, lab-ping is the probe name

set services rpm probe dg-probe test lab-ping target address 192.168.1.2
set services rpm probe dg-probe test lab-ping probe-count 3
set services rpm probe dg-probe test lab-ping probe-interval 2
set services rpm prove dg-probe test lab-ping probe-type icmp
set services rpm probe dg-probe test lab-ping test-interval 2
set services rpm probe dg-probe test lab-ping thresholds successive-loss 3
set services rpm probe dg-probe test lab-ping thresholds total-loss 3
set services rpm probe dg-probe test lab-ping next-hop 192.168.1.2

Configuring IP Monitoring to Modify the Static Route

set services ip-monitoring policy dg-failover-policy match rpm-probe dg-probe
set services ip-monitoring policy dg-failover-policy then preferred-route 0.0.0.0/0 next-hop 192.168.2.2
commit

Verifying our Config

First, we’ll check ping and the current static route – then we’ll check the RPM probe is showing as active

The Ping test and Static Route we configured
The Active RPM probe showing success

Failing Over

In order to check failover we’ll shut down ge-0/0/0.0 on R2

root@r2# set interfaces ge-0/0/0.0 disable
commit

Now verify ping is failing and we have a new static route inserted:

Failing Back

root@r2# delete set interfaces ge-0/0/0.0 disable
commit

Checking all is ok

PIng Replies and the Original Static in Situ

Categories:

CiscoJunipernetwork

Tags:

#ipsla#junosciscojuniper

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *

Adsense
About This Site

This may be a good place to introduce yourself and your site or include some credits.