1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. SERVICE AVAILABILITY - CONFIGURATION GUIDE V...
  6. Configuration manual

Juniper SERVICE AVAILABILITY - CONFIGURATION GUIDE V 11.1.X Configuration Manual

Software for e series broadband services routers service availability configuration guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
JUNOSe
Software for E Series
Broadband Services Routers
Service Availability Configuration Guide
Release 11.1.x
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, California 94089
USA
408-745-2000
www.juniper.net
Published: 2010-04-08

Advertisement

Table of Contents
loading

Related Manuals for Juniper SERVICE AVAILABILITY - CONFIGURATION GUIDE V 11.1.X

Summary of Contents for Juniper SERVICE AVAILABILITY - CONFIGURATION GUIDE V 11.1.X

  • Page 1 JUNOSe Software for E Series Broadband Services Routers Service Availability Configuration Guide Release 11.1.x Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 408-745-2000 www.juniper.net Published: 2010-04-08...
  • Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
  • Page 3 AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”)
  • Page 4 (“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 http://www.gnu.org/licenses/gpl.html...
  • Page 5 agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein.

  • Page 7: Table Of Contents

    Abbreviated Table of Contents About the Documentation Part 1 Chapters Chapter 1 Service Availability Chapter 2 Managing Module Redundancy Chapter 3 Managing Stateful SRP Switchover Chapter 4 Configuring a Unified In-Service Software Upgrade Chapter 5 Configuring VRRP Chapter 6 Managing Interchassis Redundancy Part 2 Index Index...
  • Page 8 JUNOSe 11.1.x Service Availability Configuration Guide viii...
  • Page 9 Table of Contents About the Documentation E Series and JUNOSe Documentation and Release Notes ......xix Audience ......................xix E Series and JUNOSe Text and Syntax Conventions ........xix Obtaining Documentation ................xxi Documentation Feedback ................xxi Requesting Technical Support ..............xxi Self-Help Online Tools and Resources ...........xxii Opening a Case with JTAC ..............xxii Part 1 Chapters...
  • Page 10 JUNOSe 11.1.x Service Availability Configuration Guide Managing SRP Module Redundancy ............16 Switching to the Redundant SRP Module ..........18 Upgrading Software on a Redundant SRP Module ........19 Monitoring the Status LEDs ..............19 Monitoring Line Module and SRP Module Redundancy .........19 Managing Port Redundancy ................23 Chapter 3 Managing Stateful SRP Switchover Stateful SRP Switchover Overview ..............25...
  • Page 11 Table of Contents Unified ISSU Initialization Phase Overview ............63 Application Data Upgrade on the Standby SRP Module ......64 SNMP Traps ....................65 Unified ISSU Upgrade Phase Overview ............66 Exceptions During the Upgrade Phase ............67 Verifications of Requirements ..............68 Upgrade Setup ..................68 Line Module Arming .................69 Line Module Control Plane Upgrade ..........69 SRP Module Switchover ..............69...
  • Page 12 JUNOSe 11.1.x Service Availability Configuration Guide Interruption in Traffic Forwarding for Layer 3 Routing Protocols During Unified ISSU ....................92 Recommended Settings for Routing Protocol Timers During Unified ISSU ......................94 Upgrading Router Software with Unified ISSU ..........96 Halt of Unified ISSU During Initialization Phase Overview ......99 Halting Unified ISSU During Initialization Phase ..........99 Halt of Unified ISSU During Upgrade Phase Overview .........100 Halting Unified ISSU During Upgrade Phase ..........100...
  • Page 13 Table of Contents Using RADIUS to Manage Subscribers Logging In to ICR Partitions ....141 Monitoring the Configuration of an ICR Partition Attached to an Interface ....................141 Monitoring the Configuration of ICR Partitions ..........143 Part 2 Index Index ......................149 xiii Table of Contents...
  • Page 14 JUNOSe 11.1.x Service Availability Configuration Guide Table of Contents...
  • Page 15 List of Figures Part 1 Chapters Chapter 2 Managing Module Redundancy Figure 1: SRP Module on ERX7xx Models and ERX14xx Models ....13 Figure 2: SRP Module on the E120 and E320 Routers ........14 Chapter 3 Managing Stateful SRP Switchover Figure 3: High Availability States ..............29 Chapter 5 Configuring VRRP Figure 4: Basic VRRP Configuration .............108...
  • Page 16 JUNOSe 11.1.x Service Availability Configuration Guide List of Figures...

  • Page 17: List Of Tables

    List of Tables About the Documentation Table 1: Notice Icons ..................xx Table 2: Text and Syntax Conventions ............xx Part 1 Chapters Chapter 2 Managing Module Redundancy Table 3: Commands That Can Cause Automatic Switchover ......9 Table 4: Function of the Online and Redundant LEDs ........19 Chapter 3 Managing Stateful SRP Switchover Table 5: Application Support for Stateful SRP Switchover ......32...
  • Page 18 JUNOSe 11.1.x Service Availability Configuration Guide xviii List of Tables...

  • Page 19: About The Documentation

    If the information in the latest release notes differs from the information in the documentation, follow the JUNOSe Release Notes. To obtain the most current version of all Juniper Networks® technical documentation, see the product documentation page on the Juniper Networks website at http://www.juniper.net/techpubs/...

  • Page 20: Table 1: Notice Icons

    JUNOSe 11.1.x Service Availability Configuration Guide Table 1: Notice Icons Icon Meaning Description Informational note Indicates important features or instructions. Caution Indicates a situation that might result in loss of data or hardware damage. Warning Alerts you to the risk of personal injury or death. Laser warning Alerts you to the risk of personal injury from a laser.

  • Page 21: About The Documentation

    CD-ROMs or DVD-ROMs, see the Offline Documentation page at http://www.juniper.net/techpubs/resources/cdrom.html Copies of the Management Information Bases (MIBs) for a particular software release are available for download in the software image bundle from the Juniper Networks Web site at http://www.juniper.net/...

  • Page 22: Self-Help Online Tools And Resources

    7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...

  • Page 23: Chapters

    Part 1 Chapters Service Availability on page 3 Managing Module Redundancy on page 7 Managing Stateful SRP Switchover on page 25 Configuring a Unified In-Service Software Upgrade on page 57 Configuring VRRP on page 105 Managing Interchassis Redundancy on page 127 Chapters...
  • Page 24 JUNOSe 11.1.x Service Availability Configuration Guide Chapters...

  • Page 25: Chapter 1 Service Availability

    Chapter 1 Service Availability This chapter explains what service availability is and discusses the features of service availability. It also discusses Juniper Networks multi-layered service availability approach for uninterrupted delivery of services. Service Availability Overview on page 3 Understanding Service Availability Features on page 5...

  • Page 26: Service Availability Versus High Availability

    JUNOSe 11.1.x Service Availability Configuration Guide Figure 1 illustrates the multiple layers of JUNOSe Software service availability Security Protects infrastructure against DoS attacks Network Resiliency Protects against port, link (fiber cuts), and network node failures 99.999% Software Availability Protects against software crashes and minimizes downtime from software upgrades Hardware Redundancy and Design 1:1 or N:1 component-level protection The security layer protects the network from DoS attacks.

  • Page 27: Understanding Service Availability Features

    Interchassis Redundancy on page 6 Module Redundancy For hardware components, Juniper Networks provides redundancy solutions to ensure that the router continues to operate in the event of a hardware fault. Redundancy also enables you to hot-swap various components within your E Series router.

  • Page 28: Managing Module Redundancy

    JUNOSe 11.1.x Service Availability Configuration Guide When you perform a unified ISSU on a router that has one or more modules that do not support unified ISSU, these modules are upgraded by means of the legacy, conventional upgrade process. The unsupported modules undergo a cold reboot at the beginning of the unified ISSU process, and are held down until the ISSU process is completed.

  • Page 29: Managing Module Redundancy

    Chapter 2 Managing Module Redundancy This chapter describes how to manage redundancy in line modules, switch route processor (SRP) modules, switch fabric modules (SFMs), I/O modules, and I/O adapters (IOAs) in E Series routers. This chapter contains the following sections: Line Module Redundancy Overview on page 7 Monitoring Line Module and SRP Module Redundancy on page 19 Managing Port Redundancy on page 23...

  • Page 30: E120 And E320 Routers

    JUNOSe 11.1.x Service Availability Configuration Guide of how the router provides redundancy for line modules and procedures for installing the modules, see the ERX Hardware Guide. E120 and E320 Routers To configure line module redundancy on the E120 or E320 Broadband Services router, you must also install an ES2-S1 Redund IOA in either slot 0 or slot 11.

  • Page 31: Automatic Switchover

    Chapter 2: Managing Module Redundancy module redundancy actions, issue the redundancy lockout command for the primary line module slot before issuing the adapter disable or adapter enable commands. Automatic Switchover Provided you have not issued the redundancy lockout command for the primary line module, the router switches over to the spare line module automatically if it detects any of the following failures on the primary line module: Power-on self-test (POST) failure...

  • Page 32: Configuring Line Module Redundancy

    JUNOSe 11.1.x Service Availability Configuration Guide Configuring Line Module Redundancy You can modify the default redundancy operations on the router as follows: Disable automatic switchover on a slot. Enable automatic reversion after switchover. redundancy lockout Use to prevent the router from switching automatically to a spare line module if the primary module in the specified slot fails.

  • Page 33: Srp Module Redundancy

    Chapter 2: Managing Module Redundancy Use to force the router to switch from the primary line module in the specified slot or the primary SRP module to the spare line module or SRP module. The command causes a single switchover. When you reboot, the router reverts to the configured setting for this slot.
  • Page 34 JUNOSe 11.1.x Service Availability Configuration Guide After you install two SRP modules, the modules negotiate for the primary role. A number of factors determine which module becomes the primary; however, preference is given to the module in the lower slot. The SRP modules record their latest roles and retain them the next time you switch on the router.

  • Page 35: Figure 1: Srp Module On Erx7Xx Models And Erx14Xx Models

    Chapter 2: Managing Module Redundancy Figure 1: SRP Module on ERX7xx Models and ERX14xx Models Line Module Redundancy Overview...

  • Page 36: Specifying The Configuration For Redundant Srp Modules

    JUNOSe 11.1.x Service Availability Configuration Guide Figure 2: SRP Module on the E120 and E320 Routers Specifying the Configuration for Redundant SRP Modules On a router with redundant SRP modules, you can specify the configuration that both the primary and redundant modules load in the event of a reload or switchover. A switchover can result from an error on the primary SRP module or from an srp switch command.

  • Page 37: Installing A Redundant Srp Module

    Chapter 2: Managing Module Redundancy When a switchover subsequently occurs, the redundant SRP module reloads with the running configuration and takes the primary role. For more information about the boot config command, see Booting the System in the JUNOSe System Basics Configuration Guide.

  • Page 38: Managing Srp Module Redundancy

    JUNOSe 11.1.x Service Availability Configuration Guide Use the srp keyword to reboot the portion of the SC subsystem that resides on a specified SRP module. Use the fabric keyword to reboot the fabric slice that resides on the specified SRP module. Example 1 Reboots the module in slot 7 host1#reload slot 7 Example 2 Reboots the SC on the SRP module in slot 7 (applies only to E120...
  • Page 39 Chapter 2: Managing Module Redundancy NOTE: If you do not configure this option, when troubleshooting an SRP module, disconnect the other SRP module from the router. This action prevents the redundant SRP module from taking over if you push the reset button on the primary SRP module. To configure this option: Issue the disable-switch-on-error command.

  • Page 40: Switching To The Redundant Srp Module

    JUNOSe 11.1.x Service Availability Configuration Guide There is no no version. See synchronize. Switching to the Redundant SRP Module To switch immediately from the primary SRP module to the redundant SRP module, issue the redundancy force-switchover command or the srp switch command. You can configure the router to prompt you if the modules are in a state that could lead to loss of configuration data or NVS corruption.

  • Page 41: Upgrading Software On A Redundant Srp Module

    Chapter 2: Managing Module Redundancy If you issue the disable-switch-on-error command and later issue the srp switch command, the redundant SRP module waits about 30 seconds before it takes over from the primary SRP module. If the router does not contain a redundant SRP module, this command has no effect.
  • Page 42 JUNOSe 11.1.x Service Availability Configuration Guide Use to display information about the hardware installed for redundancy. See Managing the System in the JUNOSe System Basics Configuration Guide for details and examples. See show environment. show hardware Use to display detailed information about the line modules and SRP modules. See Monitoring Modules in the JUNOSe System Basics Configuration Guide for details and examples.
  • Page 43 Chapter 2: Managing Module Redundancy midplane rev Hardware revision number of the redundancy midplane fabric slice redundancy Status of the fabric slice on the SRP modules or SFMs on the E120 and E320 routers slot Slot in which the fabric slice resides state State of the fabric slice (online, not present) type Identifier for the type of hardware (SRP module or SFM) Example 1...
  • Page 44 JUNOSe 11.1.x Service Availability Configuration Guide hardware lockout revert slot role config slot slot ---- -------- --------- ------ ------- ------ spare primary protected midplane midplane slots type ----- -------- -------- 0 - 5 Example 2 Displays the redundancy status on an E320 router host1#show redundancy high-availability state: active...

  • Page 45: Managing Port Redundancy

    Chapter 2: Managing Module Redundancy Managing Port Redundancy For information on port redundancy, see the JUNOSe Physical Layer Configuration Guide. For information on managing port redundancy on Gigabit Ethernet I/O modules, see Managing Port Redundancy on Gigabit Ethernet I/O Modules in the JUNOSe Physical Layer Configuration Guide.
  • Page 46 JUNOSe 11.1.x Service Availability Configuration Guide Managing Port Redundancy...

  • Page 47: Managing Stateful Srp Switchover

    Chapter 3 Managing Stateful SRP Switchover This chapter describes how to manage Juniper Networks Stateful SRP Switchover (also referred to as high availability or HA) software features for the E Series router. Use this chapter with “Managing Module Redundancy” on page 7 to fully manage the SRP features.

  • Page 48: Stateful Srp Switchover Platform Considerations

    JUNOSe 11.1.x Service Availability Configuration Guide For hardware components, Juniper Networks provides redundancy solutions to ensure that the router continues to operate in the event of a hardware fault. This redundancy can exist on various router models in the form of multiple power supplies, cooling fans, switching planes, routing engines and, in some cases, interfaces.

  • Page 49: Stateful Srp Switchover Redundancy Modes

    Redundancy” on page 7. High Availability Mode Currently applicable to the SRP module, Juniper Networks high availability mode uses an initial bulk file transfer and subsequent, transaction-based mirroring to ensure rapid SRP module recovery after a switchover. This process is referred to in this chapter as stateful SRP switchover.
  • Page 50 JUNOSe 11.1.x Service Availability Configuration Guide When stateful SRP switchover is enabled, an SRP switchover keeps line modules up and forwarding data, and the newly active SRP module continues from the point of switchover. By using transaction-based mirroring instead of file synchronization, high availability mode keeps the standby SRP module synchronized with the active SRP module.

  • Page 51: Stateful Srp Switchover States

    Chapter 3: Managing Stateful SRP Switchover Stateful SRP Switchover States The SRP progresses through various high availability states. These states are illustrated in Figure 3 on page 29. Figure 3: High Availability States Disabled State The initial, default state for high availability mode is disabled. While in this state, the router continues to use file system synchronization.

  • Page 52: Initializing State

    JUNOSe 11.1.x Service Availability Configuration Guide During the disabled state: If any one criterion is not met, the system remains in the disabled state, until the criterion is met. If a switchover occurs while the system is in the disabled state, the system cold-restarts.

  • Page 53: Pending State

    Chapter 3: Managing Stateful SRP Switchover The standby SRP module replays the updates (in the order in which they were committed on the active SRP module) and makes the appropriate changes for each changed application. Updates that need to be stored in NVS (that is, for static configurations) are updated in NVS.

  • Page 54: Application Support For Stateful Srp Switchover

    JUNOSe 11.1.x Service Availability Configuration Guide NOTE: You can use the show redundancy srp command to display the name of any unsupported applications that are configured. If a switchover occurs while the system is in the pending state, the system cold-restarts.
  • Page 55 Chapter 3: Managing Stateful SRP Switchover Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes HDLC – – SONET/SDH – – SONET/SDH VT – – Link-Layer Protocols – Static and dynamic interfaces, with the exception of ATM subscribers, are supported.
  • Page 56 JUNOSe 11.1.x Service Availability Configuration Guide Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes – Supported for IPv4 only when the graceful restart extension is enabled. Does not support graceful restart for IPv6 address families. –...
  • Page 57 Chapter 3: Managing Stateful SRP Switchover Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes DVMRP – Static recovery support only. DVMRP gives the restart complete indication to the IP routing table after getting a peer update (60-second timeout).
  • Page 58 JUNOSe 11.1.x Service Availability Configuration Guide Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes – Static recovery support only. For warm start, PIM interfaces are reconfigured from NVS. A Hello message with a new Generation ID is issued as IP interfaces come up.
  • Page 59 Chapter 3: Managing Stateful SRP Switchover Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes – IC MLD deletes its interface and membership state on SRP failover (controller down). As part of SRP warm start, MLD interfaces are reconfigured from NVS and dynamic IMLD interfaces are reconfigured from mirrored storage.
  • Page 60 JUNOSe 11.1.x Service Availability Configuration Guide Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes LDP signaling – To provide uninterrupted service during an SRP switchover in a scaled configuration, such as one with 32,000 Martini circuits, set the LDP graceful restart reconnect time to the maximum 300 seconds and set the LDP graceful restart recovery timer to the maximum...
  • Page 61 Chapter 3: Managing Stateful SRP Switchover Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes DHCP Relay Server – Before HA support, clients identified by the DHCP relay server were maintained on a switchover (their state was stored to NVS);...
  • Page 62 JUNOSe 11.1.x Service Availability Configuration Guide Table 5: Application Support for Stateful SRP Switchover (continued) Application Supported Unsupported Notes RADIUS Initiated – Disconnect RADIUS Relay – – Server RADIUS – – Route-Download Server Service Manager – – SRC Client – –...

  • Page 63: Guidelines For Activating High Availability

    Chapter 3: Managing Stateful SRP Switchover CAUTION: When IP tunnels are configured on an HA-enabled router and the Service Module (SM) carrying these tunnels is reloaded, HA transitions to the pending state. HA remains in the pending state for 5 minutes after the successful reloading of the SM.

  • Page 64: Activating High Availability

    JUNOSe 11.1.x Service Availability Configuration Guide Activating High Availability The switch route processor (SRP) module can operate in one of the two redundancy modes file system synchronization and high availability. When you activate high availability, the router uses mirroring to keep the configuration and state of the standby SRP module coordinated with the configuration and state of the active SRP module.

  • Page 65: Deactivating High Availability

    Chapter 3: Managing Stateful SRP Switchover Deactivating High Availability The switch route processor (SRP) module can operate in one of the two redundancy modes file system synchronization and high availability. When you disable high availability, the router uses file system synchronization mode which is the default behavior mode for E Series routers that use redundant SRPs.

  • Page 66: Setting The Ip Interface Priority

    JUNOSe 11.1.x Service Availability Configuration Guide An IP or IPv6 interface can be designated as high priority by more than one protocol, the CLI command, or both. You can change an IP or IPv6 interface from high priority to low priority only by one of the following methods: Delete the IP or IPv6 interface.

  • Page 67: Monitoring The Redundancy Status

    Chapter 3: Managing Stateful SRP Switchover active SRP module and the active SRP module subsequently synchronizes with the standby SRP module. After reloading, and even though high availability mode is configured, the active SRP module reverts to using the file-system-synchronization operational mode for synchronizing updates.
  • Page 68 JUNOSe 11.1.x Service Availability Configuration Guide --------- automatic reverting is off backed sparing hardware lockout revert slot role config slot slot ---- -------- --------- ------ ------- ------ spare primary protected midplane midplane slots type ------ -------- -------- 8 - 13 To display detailed redundancy status information: host1#show redundancy detail high-availability state:...

  • Page 69: Table 6: Show Redundancy Output Fields

    Chapter 3: Managing Stateful SRP Switchover Table 6: show redundancy Output Fields Field Name Field Description high-availability state State of high availability mode: disabled Initial, default state for high-availability mode. The router continues to use file system synchronization. active Data synchronized from the active SRP module to the standby SRP module during initialization remains synchronized through mirroring updates.

  • Page 70: Monitoring The Redundancy Status Of Applications

    JUNOSe 11.1.x Service Availability Configuration Guide Table 6: show redundancy Output Fields (continued) Field Name Field Description slots Slots in which the line modules reside. hardware role Function of the line module. Possible values: primary or spare. lockout config Status of redundancy on the line module: protected Line module redundancy is enabled locked out Line module redundancy is disabled backed up by slot...
  • Page 71 Chapter 3: Managing Stateful SRP Switchover DHCP Proxy Client safe Global Ipv6 safe IPsec Transport (ITM) safe l2tpDialoutGenerator safe DHCPv6 Local Server safe Radius Relay Server safe You can also display the redundancy status information of all clients. Specifies whether the client supports high availability and also the safety level of configuration.

  • Page 72: Monitoring The Redundancy History

    JUNOSe 11.1.x Service Availability Configuration Guide SonetVT supported safe IPsec Tunnel (ST) supported safe Table 7 on page 50 lists the show redundancy clients command output fields. Meaning Table 7: show redundancy clients Output Fields Field Name Field Description client High availability client.

  • Page 73: Monitoring The Redundancy Status Of Line Modules

    Chapter 3: Managing Stateful SRP Switchover activation statistics: cold starts: switchovers: cold: warm: consecutive warm: system SRP activation time type slot uptime running release ------------------- ---------- ---- ------ ----------------- 2004-09-08 15:10:40 cold-start erx_6-0-0b1-8.rel 2004-09-08 14:39:10 cold-start erx_6-0-0b1-1.rel Table 8 on page 51 lists the show redundancy history command output fields. Meaning Table 8: show redundancy history Output Fields Field Name...

  • Page 74: Monitoring The Redundancy Status Of Srp Modules

    JUNOSe 11.1.x Service Availability Configuration Guide To display the redundancy status of the line modules. Action host1#show redundancy line-card automatic reverting is off backed sparing hardware lockout revert slot role config slot slot ---- -------- --------- ------ ------- ------ spare primary protected midplane...

  • Page 75: Table 10: Show Redundancy Srp Output Fields

    Chapter 3: Managing Stateful SRP Switchover To display the redundancy status of the SRP modules. Action host1#show redundancy srp high-availability state: active current redundancy mode: high-availability last activation type: warm-switch To display the redundancy status of the SRP modules in detail. host1#show redundancy srp detail high-availability state: disabled...

  • Page 76: Monitoring The Redundancy Switchover History

    JUNOSe 11.1.x Service Availability Configuration Guide Table 10: show redundancy srp Output Fields (continued) Field Name Field Description current redundancy mode Redundancy mode currently being used by this router: high-availability Ensures rapid SRP module recovery after a switchover by using initial bulk file transfer and subsequent, transaction-based mirroring.

  • Page 77: Clearing The Redundancy History

    Chapter 3: Managing Stateful SRP Switchover 2004-07-24 23:25:09 warm-switch 0 16:27:03 L-07-24-60b1mrg-b.rel 2004-07-24 23:18:23 cold-switch 0 16:20:17 L-07-24-60b1mrg-b.rel Table 11 on page 55 lists the show redundancy switchover-history command output Meaning fields. Table 11: show redundancy switchover-history Output Fields Field Name Field Description SRP activation time Amount of time the SRP module has been active.
  • Page 78 JUNOSe 11.1.x Service Availability Configuration Guide Clearing the Redundancy History...

  • Page 79: Chapter 4 Configuring A Unified In-Service Software Upgrade

    Chapter 4 Configuring a Unified In-Service Software Upgrade This chapter describes how to prepare for and perform a unified in-service software upgrade (unified ISSU) of JUNOSe Software on E120 and E320 Broadband Services Routers. A unified in-service software upgrade provides a way to upgrade to a higher-numbered release while minimizing the effect of the upgrade on traffic forwarded through the router.

  • Page 80: Unified Issu Overview

    JUNOSe 11.1.x Service Availability Configuration Guide Unexpected Suspension of Subscriber Login and Logouts During Unified ISSU on page 90 Unexpected SONET and SDH Behavior During Unified ISSU on page 91 Unexpected T3 Behavior During Unified ISSU on page 91 Unavailability of TACACS+ Services During Unified ISSU on page 92 Interruption in Traffic Forwarding for Layer 3 Routing Protocols During Unified ISSU on page 92 Recommended Settings for Routing Protocol Timers During Unified...

  • Page 81: Router Behavior During A Unified In-Service Software Upgrade

    Chapter 4: Configuring a Unified In-Service Software Upgrade Applications that do not support unified ISSU applications cannot maintain state and configuration with minimal traffic loss across the upgrade to a higher-numbered release. When you attempt a unified in-service software upgrade on a router on which a unified ISSU-challenged application is configured, the unified in-service software upgrade cannot proceed.

  • Page 82: Hardware And Software Requirements Before Beginning A Unified Issu

    ISSU process. When hardware updates are required for modules that you have installed in an ERX1440 router, contact your Juniper Networks representative to determine whether the update affects unified ISSU. Hardware and Software Requirements Before Beginning a Unified ISSU...

  • Page 83: Software Requirements For Unified Issu

    Chapter 4: Configuring a Unified In-Service Software Upgrade Software Requirements for Unified ISSU The running JUNOSe Software release must support unified ISSU. You can upgrade to a software version that supports unified ISSU from a software version that does not support unified ISSU only by means of a conventional upgrade.

  • Page 84: Unified Issu Terms

    JUNOSe 11.1.x Service Availability Configuration Guide The license issu command is available only on the ERX1440 CLI. Application Support for Unified ISSU on page 71 Related Topics Application Support for Stateful SRP Switchover on page 32 Activating High Availability on page 42 license issu show issu Unified ISSU Terms...

  • Page 85: Unified Issu Phases Overview

    Chapter 4: Configuring a Unified In-Service Software Upgrade For more information about SRP module redundancy, see “Managing Module Redundancy” on page 7. Unified ISSU Phases Overview The JUNOSe Software includes software modules that operate the following hardware components: SRP module Line module control plane Line module forwarding plane A unified in-service software upgrade replaces the currently operating software on...

  • Page 86: Application Data Upgrade On The Standby Srp Module

    JUNOSe 11.1.x Service Availability Configuration Guide release, the SRP modules, the line modules, line module redundancy, and the router configuration. The issu initialize command does not interrupt or disrupt any of the runtime operations of the router. The command has no effect on changes of authorization, forwarding, or subscribers (except perhaps, rate of logins).

  • Page 87: Snmp Traps

    Chapter 4: Configuring a Unified In-Service Software Upgrade NOTE: An SRP switchover from the active SRP module to the standby SRP module at this point in the unified in-service software upgrade causes a cold restart of the router because the SRP modules are running two different releases. The current release is on the active SRP module and the upgrade release is on the standby SRP module.

  • Page 88: Unified Issu Upgrade Phase Overview

    JUNOSe 11.1.x Service Availability Configuration Guide Unified ISSU Upgrade Phase Overview During the upgrade phase, the CLI supports only a reduced set of administrative commands. You cannot interrupt the upgrade phase. The upgrade phase cannot commence if any CLI commands outside of this set are executing when you issue the issu start command.

  • Page 89: Exceptions During The Upgrade Phase

    Chapter 4: Configuring a Unified In-Service Software Upgrade NOTE: While a unified ISSU operation is in progress, do not remove the SRP modules or attempt to reset them. Removing the SRP modules anytime during unified ISSU has an adverse impact. After the unified ISSU operation is completed, issue the show version command.

  • Page 90: Verifications Of Requirements

    JUNOSe 11.1.x Service Availability Configuration Guide Table 13: Router Response to Undesirable Events During the Upgrade Phase (continued) Event Router Action An application that This event can take place only before the issu start command is does not support issued, because that command disables CLI configuration commands. unified ISSU is When you issue the issu start command, after configuring such an configured.

  • Page 91: Line Module Arming

    Chapter 4: Configuring a Unified In-Service Software Upgrade Routing protocols The unified ISSU process prompts you to consider raising the link costs for each routing protocol that is configured on the router. Raising the link cost for routes through the upgrading router enables neighbors to recompute better routes to those destinations.

  • Page 92: Line Module Forwarding Plane Upgrade

    JUNOSe 11.1.x Service Availability Configuration Guide When the primary SRP module has verified that all line modules are up, the redundant SRP module takes over control of the router by becoming the active SRP module. The primary, and formerly active, SRP module reboots to the armed release and serves as the standby SRP module.

  • Page 93: Unified Issu Service Restoration Phase Overview

    Chapter 4: Configuring a Unified In-Service Software Upgrade Unified ISSU Service Restoration Phase Overview This is the final unified ISSU phase. At this point, all three major components of the router the SRP modules, the line module control planes, and the line module forwarding planes have been upgraded and forwarding has resumed through the chassis.

  • Page 94: Table 14: Application Support For Unified In-Service Software Upgrades

    JUNOSe 11.1.x Service Availability Configuration Guide Table 14: Application Support for Unified In-Service Software Upgrades Application Supported Unsupported Notes Physical Layer Protocols – – – (E120 and E320) – – – (ERX1440) – – HDLC – – SONET/SDH – Unified ISSU support is provided only for non-channelized APS IOAs.

  • Page 95: Application Support For Unified Issu

    Chapter 4: Configuring a Unified In-Service Software Upgrade Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes ATM 1483 bulk – – configuration of dynamic interfaces ATM bulk – – configuration of static interfaces Bridged Ethernet –...
  • Page 96 JUNOSe 11.1.x Service Availability Configuration Guide Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes IS-IS – Support only when graceful restart is configured. OSPF – Support only when graceful restart is configured. – – Static Routes –...
  • Page 97 Chapter 4: Configuring a Unified In-Service Software Upgrade Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes – Unified ISSU does not support IPv6. – Unified ISSU does not support IPv6. Multiprotocol Label Switching MPLS –...
  • Page 98 JUNOSe 11.1.x Service Availability Configuration Guide Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes DHCP Packet Capture – Configuration of DHCP packet capture does not prevent unified ISSU from proceeding. However, the capturing of packets on the line modules is halted when the unified ISSU...
  • Page 99 Chapter 4: Configuring a Unified In-Service Software Upgrade Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes L2TP – Unified ISSU forces an L2TP failover for all established tunnels. L2TP failover resynchronization is required for successful recovery of a tunnel and its sessions following the...
  • Page 100 JUNOSe 11.1.x Service Availability Configuration Guide Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes Line Module – You can use the active Redundancy spare line module for unified ISSU operations. You do not have to revert to the primary line module.
  • Page 101 Chapter 4: Configuring a Unified In-Service Software Upgrade Table 14: Application Support for Unified In-Service Software Upgrades (continued) Application Supported Unsupported Notes Network Address – You must remove the Translation (NAT) NAT license configuration as well as the NAT configuration from the router.

  • Page 102: Unexpected Aaa Authentication And Authorization Behavior During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide Unexpected Suspension of Subscriber Login and Logouts During Unified ISSU on page 90 Unavailability of TACACS+ Services During Unified ISSU on page 92 Recommended Settings for Routing Protocol Timers During Unified ISSU on page 94 Unexpected AAA Authentication and Authorization Behavior During Unified ISSU Authentication and command authorization are temporarily disabled on the serial console connection during the upgrade phase.

  • Page 103: Oam Vc Integrity Verification Cessation

    Chapter 4: Configuring a Unified In-Service Software Upgrade OAM VC Integrity Verification Cessation During the unified ISSU operation, verification of OAM VC integrity stops. This verification resumes when the unified ISSU operation is completed. ATM does not respond to incoming OAM loopback cells during the upgrade for a period of less than 30 seconds.

  • Page 104: Unexpected Ethernet Behavior During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide Freezing the DoS protection state prevents any active control flows from interfering with the system while the unified ISSU is in progress. However, no new control flows, protocols, or priorities are monitored for suspicious activity, and no suspicious activity can be detected until the upgrade is completed.

  • Page 105: Port Data Rate Monitoring Halted

    Chapter 4: Configuring a Unified In-Service Software Upgrade Port Data Rate Monitoring Halted The monitoring of Ethernet port data rate is halted during a unified in-service software upgrade. Monitoring resumes immediately after the unified ISSU operation is completed. The data rates reported by the show interface command are inaccurate for the period of one configured load interval after unified ISSU is completed.
  • Page 106 JUNOSe 11.1.x Service Availability Configuration Guide failed hosts: 0 failed users: 0 Statistics since last system reload: attempts: 3 failed hosts: 0 failed users: 0 To display detailed information about unified ISSU status and warnings in addition to criteria required for unified ISSU and whether the router hardware and software meet the required criteria, issue the show issu detail command.
  • Page 107 Chapter 4: Configuring a Unified In-Service Software Upgrade CLI sessions ready? Routing applications ready? Conditional -> Criteria: There are open FTP connections Conditional Impact: Open connections will be disconnected during ISSU process Remedy: Close all FTP sessions Reporting slot: 7 Protocol timers ready? The following example shows when an ongoing file transfer operation is detected during the initialization phase or validation phase.

  • Page 108: Is-Is Effects On Graceful Restart And Network Stability During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide New FTP connections are not allowed and all existing FTP connections are dropped after the unified ISSU process begins. Also, no remote file operations are allowed while unified ISSU is in progress. If unified ISSU is aborted, FTP server is returned to the state in which it was before unified ISSU was started.

  • Page 109: Routing Around The Restarting Router To Minimize Network Instability

    Chapter 4: Configuring a Unified In-Service Software Upgrade Routing Around the Restarting Router to Minimize Network Instability NOTE: The situation described in this section is very uncommon. This rare circumstance arises when you have redundant uplinks to the core and network topology changes cause routes to go through the upgrading router.

  • Page 110: Ospf Effects On Graceful Restart And Network Stability During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide See Specifying the Number of Retransmission Attempts. When the unified ISSU operation attempts to verify the upgrade prerequisites, a warning message is generated if any tunnels are present for which failover resynchronization is disabled. You can use the show l2tp tunnel failover-resync disable command to identify the tunnels referred to by the warning message.

  • Page 111: Configuring Graceful Restart When Bgp And Ldp Are Configured

    Chapter 4: Configuring a Unified In-Service Software Upgrade now unreachable. When the unified in-service software upgrade completes and the routing protocols restart, the IS-IS neighbors can relearn the routes through the router. You must also ensure that the OSPF neighbors have been configured as graceful restart helper routers.

  • Page 112: Unexpected Suspension Of Pim During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide When traffic engineering has been configured, the traffic engineering metrics are also increased. New tunnels are not established through the upgrading router and any tunnels undergoing re-optimization in other routers go around the upgrading router.

  • Page 113: Unexpected Sonet And Sdh Behavior During Unified Issu

    Chapter 4: Configuring a Unified In-Service Software Upgrade The following subscriber statistics are preserved across the upgrade: All policy statistics Accounting statistics reported by IP: in bytes, out bytes, in packets, out packets Accounting statistics reported by L2TP: in octets, out octets, in packets, out packets Accounting statistics reported by PPP: in octets, out octets, in packets, out packets All other statistics are set to zero, including all statistics belonging to the SNMP generic...

  • Page 114: Unavailability Of Tacacs+ Services During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide link only if the defect persists for more than 2.5 seconds, unified ISSU does not cause the links to be brought down. However, the remote T3 devices must also wait 2.5 seconds before declaring an alarm. If the equipment on the far end of the T3 connection generates an alarm immediately rather than waiting, the link goes down, causing the higher layers to also go down for the remote equipment.

  • Page 115: Table 15: Behavior Of Routing Protocols During A Unified In-Service Software

    Chapter 4: Configuring a Unified In-Service Software Upgrade Upgrade of the forwarding plane for each line module After the routing protocols reconverge with their peers and rebuild their routing tables, unified ISSU upgrades the forwarding plane on all line modules simultaneously. This upgrade halts forwarding through the chassis.

  • Page 116: Recommended Settings For Routing Protocol Timers During Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide Table 15: Behavior of Routing Protocols During a Unified In-Service Software Upgrade (continued) Protocol Behavior OSPF OSPF timers are not negotiable between peers. Unified ISSU generates a warning if the hello timers or the keepalive timers are not long enough to survive the forwarding plane upgrade.

  • Page 117: Table 16: Recommended Routing Protocol Timer Settings

    Chapter 4: Configuring a Unified In-Service Software Upgrade Table 16: Recommended Routing Protocol Timer Settings Protocol Timers Use the default timers. Use the default timers, including graceful restart default timers. If the expected forwarding outage for the platform is beyond what the BGP session’s graceful restart mechanism can survive, the unified ISSU initialization process generates a warning message accordingly.

  • Page 118: Upgrading Router Software With Unified Issu

    JUNOSe 11.1.x Service Availability Configuration Guide Table 16: Recommended Routing Protocol Timer Settings (continued) Protocol Timers Use the default timers; graceful restart is not supported. For scaled configurations, such as for 2000 RIP interfaces, use the following values: Flush interval: 600 seconds Holddown time: 260 seconds Invalid interval: 260 seconds Update interval: 60 seconds...
  • Page 119 Chapter 4: Configuring a Unified In-Service Software Upgrade Determine whether the router hardware and the software release meet the criteria required for unified ISSU to operate successfully by using one of the following commands: host1#show issu host1#show issu brief host1#show issu detail Arm the primary SRP module with the upgrade release.
  • Page 120 JUNOSe 11.1.x Service Availability Configuration Guide NOTE: If the results indicate that some requirements are not met, you must correct this situation before proceeding. Ensure that stateful SRP switchover is configured on the router. host1#show redundancy srp If it is not already configured, do so now. host1(config)#redundancy host1(config-redundancy)#mode high-availability For each configured protocol on the router and its neighbors, ensure that graceful...

  • Page 121: Halt Of Unified Issu During Initialization Phase Overview

    Chapter 4: Configuring a Unified In-Service Software Upgrade Halt of Unified ISSU During Initialization Phase Overview The options that are available to halt the unified in-service software upgrade depend on the phase that the upgrade is in when you attempt to halt it. The phase also affects the state of the router after the upgrade is halted.

  • Page 122: Halt Of Unified Issu During Upgrade Phase Overview

    JUNOSe 11.1.x Service Availability Configuration Guide Halt of Unified ISSU During Initialization Phase Overview on page 99 Related Topics disable-autosync boot system synchronize show redundancy Halt of Unified ISSU During Upgrade Phase Overview During the upgrade phase before the line module and control plane software is upgraded the unified ISSU process provides an opportunity to cancel the upgrade.

  • Page 123: Monitoring The Status Of The Router During Unified Issu

    Chapter 4: Configuring a Unified In-Service Software Upgrade host1(config)#boot system erx_x-y-z.rel Synchronize the NVS file system of the redundant module with that of the primary module. host1#synchronize The redundant SRP module automatically reboots because the software release that it is configured to run now differs from the software release it is running. disable-autosync Related Topics boot system...
  • Page 124 JUNOSe 11.1.x Service Availability Configuration Guide To the information displayed by show issu, the show issu detail command adds a detailed table of unified ISSU verification criteria that lists mandatory and conditional criteria that have not been met, the impact of this status, and the remedy as reported by router applications and system components that participate in the in-service software upgrade: host1# show issu detail...

  • Page 125: Table 17: Show Issu Output Fields

    Chapter 4: Configuring a Unified In-Service Software Upgrade Remedy: If not standby, Wait for card to come online before proceeding -> Problem: Card not disabled or not online: Slot 8, CT3-12, 0/ Conditional Reporting Slot: 6 Impact: If you continue, the card will immediately be reset and then cold started when ISSU Upgrade completes Remedy: If not standby, Wait for card to come online before proceeding...
  • Page 126 JUNOSe 11.1.x Service Availability Configuration Guide Table 17: show issu Output Fields (continued) Field Name Field Description Configuration conversion support Criteria required for unified ISSU activation. Possible ready? values: Yes, No, Conditional. NOTE: All criteria must be “yes” for unified ISSU to be active.

  • Page 127: Configuring Vrrp

    Chapter 5 Configuring VRRP This chapter describes how to configure the Virtual Router Redundancy Protocol (VRRP) on your E Series router. VRRP Overview on page 105 Platform Considerations on page 106 References on page 106 How VRRP Works on page 107 How VRRP Is Implemented in E Series Routers on page 110 Configuring VRRP on page 112 Changing Object Priority on page 117...

  • Page 128: Platform Considerations

    JUNOSe 11.1.x Service Availability Configuration Guide Table 18: VRRP Definitions Term Definition VRRP router A router that is running VRRP. It might participate in one or more virtual router IDs (VRIDs). An IP redundancy instance can: Act as a master with associated addresses it owns at an IP interface Act simultaneously as a backup for other routers with additional VRID mappings and priorities for those routers Master router...

  • Page 129: How Vrrp Works

    Chapter 5: Configuring VRRP NOTE: We recommend that you have some background understanding of the Address Resolution Protocol (ARP) before you configure VRRP. See Address Resolution Protocol in the JUNOSe IP, IPv6, and IGP Configuration Guide. RFC 3768 Virtual Router Redundancy Protocol (VRRP) (April 2004) How VRRP Works The advantage of using VRRP is that you gain a higher availability for the default path without requiring configuration of dynamic routing or router discovery protocols...

  • Page 130: Commonly Used Vrrp Configuration

    JUNOSe 11.1.x Service Availability Configuration Guide as the router are then forwarded by R2. Even though R2 assumes R1's forwarding responsibilities, it may or may not process any packet with destination address (DA) 10.0.0.1, depending on the accept-data configuration. When R1 becomes active again, it takes over as the master router and R2 reverts to the backup router.

  • Page 131: Vrrp Configuration Without The Real Address Owner

    Chapter 5: Configuring VRRP Figure 5: Commonly Used VRRP Configuration VRRP Configuration Without the Real Address Owner Figure 6 on page 110 is noticeably similar to Figure 5 on page 109 except that the addresses configured by the VRIDs have no real owner. Consequently, both routers R1 and R2 are configured as backup routers for VRID 1, VRID 2, VRID 3, and VRID How VRRP Works...

  • Page 132: How Vrrp Is Implemented In E Series Routers

    JUNOSe 11.1.x Service Availability Configuration Guide Figure 6: VRRP Configuration Without the Real Address Owner Assuming that preemption is enabled, the router that is configured with the highest priority for each VRID becomes the master router. If priorities are the same, the router that has the highest primary address becomes the master router.

  • Page 133: Router Election Rules

    Chapter 5: Configuring VRRP If the master router stops advertising for a predetermined period of time, the remaining routers using the same VRID enter an election process to determine which router takes over the master router responsibilities. Depending on the configuration, the master router that does not own the IP addresses might do one of the following: Drop all packets that have destination addresses to these IP addresses (default)

  • Page 134: Configuring Vrrp

    JUNOSe 11.1.x Service Availability Configuration Guide Configuring VRRP Configuring VRRP requires that you first configure an IP interface over which you can configure VRRP and any VRID instances in which you want the VRRP routers to participate. The following sections contain information for configuring the IP interface for VRRP, any VRID instances for the VRRP routers, and steps for creating a basic VRRP configuration.

  • Page 135: Configuration Steps

    Chapter 5: Configuring VRRP host1(config-if)#ip vrrp 175 authentication-type none Alternatively, you can create a new VRID when you use any VRRP command, provided that you are using the VRID instance for the first time. For example, if you execute the ip vrrp vrid preempt command and it is the first time that you use the VRID, the command creates a new VRID.
  • Page 136 JUNOSe 11.1.x Service Availability Configuration Guide NOTE: If you configure VRRP on a virtual router and associate the IP address with the VRRP instance ID (VRID) so that the virtual address becomes the interface address of the router, the priority of the router automatically changes to 255 making it the master router.
  • Page 137 Chapter 5: Configuring VRRP NOTE: When using this attribute and also restricting incoming packets to ICMP only, you must use policy filters to accept only ICMP packets with the virtual address as the destination address. Example host1(config-if)#ip vrrp 22 accept-data Use the no version to disable processing of data packets by the backup router while the router is in the master state.
  • Page 138 JUNOSe 11.1.x Service Availability Configuration Guide Use the no version to set the authentication type to its default, none. See ip vrrp authentication-type. ip vrrp enable Use to enable an existing VRID instance. Specify a VRID in the range 1–255. The default is that VRRP is disabled.

  • Page 139: Changing Object Priority

    Chapter 5: Configuring VRRP host1(config-if)#ip vrrp 25 virtual-address 194.2.1.63 Use the no version to remove an IP address association with a VRID. If you use auto addressing, the no version clears the auto flag. See ip vrrp virtual-address. Changing Object Priority You can use the ip vrrp track command (in conjunction with the track command) to track an object by its virtual router ID (VRID).
  • Page 140 JUNOSe 11.1.x Service Availability Configuration Guide See baseline ip vrrp. show ip vrrp Use to display a detailed summary of all configured VRIDs. Use the interface keyword to specify a specific Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet interface. Use the summary keyword to display a summary count on all configured VRIDs Field descriptions Interface Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet interface specifier and VRID...
  • Page 141 Chapter 5: Configuring VRRP entries in init state Number of entries in an initialization state entries in backup state Number of entries in a backup state entries in master state Number of entries in a master state entries performing tracking Number of entries performing tracking functions Example 1 host1#show ip vrrp Interface: FastEthernet3/0 vrrpVrid: 1...
  • Page 142 JUNOSe 11.1.x Service Availability Configuration Guide Pri Priority assigned to this router Admin Administrative state of the VRID: enabled or disabled Example host1#show ip vrrp brief Interface VRID Primary Address State Admin ----------------------- ---- --------------- ------ --- --- -------- fastEthernet12/8.1.1 123.123.123.123 init disabled...
  • Page 143 Chapter 5: Configuring VRRP adv interval (sec): 1 priority: 255 (owner) auth type: none assoc address(es): 11.0.0.1, 110.0.0.1, 111.0.0.1 See show ip vrrp neighbor. show ip vrrp statistics Use to display statistics of configured VRRP routers and each individual VRID. Use the delta keyword with the show ip vrrp statistics command to view the baseline statistics.
  • Page 144 JUNOSe 11.1.x Service Availability Configuration Guide of 0 invalidTypePktsRcvd Total number of VRRP packets received with an invalid value in the Type field addressListErrors Total number of VRRP packets received for which the address list does not match the locally configured list for the VRID invalidAuthType Total number of VRRP packets received with an unknown authentication type authTypeMismatch Total number of VRRP packets received with an...
  • Page 145 Chapter 5: Configuring VRRP becomeMaster: 0 advertiseRcvd: 0 advertiseIntervalErrors: 0 authFailures: 0 ipTtlErrors: 0 priorityZeroPktsRcvd: 0 priorityZeroPktsSent: 0 invalidTypePktsRcvd: 0 addressListErrors: 0 invalidAuthType: 0 authTypeMismatch: 0 packetLengthErrors: 0 See show ip vrrp statistics. show ip vrrp statistics global Use to display the statistics of configured VRRP routers and each individual VRID. Use the delta keyword with the show ip vrrp statistics global command to view the baseline statistics.
  • Page 146 JUNOSe 11.1.x Service Availability Configuration Guide Use to display a summary count on all configured VRIDs. Field descriptions ip interfaces with vrrp Total number of VRIDs configured on IP interfaces entries Total number of entries in all states entries enabled Number of entries that were enabled entries with owner priority Number of entries with owner priority entries in init state Number of entries in the init state entries in backup state Number of entries in the backup state...
  • Page 147 Chapter 5: Configuring VRRP FastEthernet3/0 ERX_Bangalore IP-route FastEthernet3/0 ERX_Bangalore IP-route See show ip vrrp tracked-objects. Monitoring VRRP...
  • Page 148 JUNOSe 11.1.x Service Availability Configuration Guide Monitoring VRRP...

  • Page 149: Managing Interchassis Redundancy

    Chapter 6 Managing Interchassis Redundancy This chapter describes how to configure interchassis redundancy (ICR) on your E Series router. ICR Overview on page 127 ICR Platform Considerations on page 129 ICR Terms on page 130 ICR References on page 130 ICR Scaling Considerations on page 131 Interaction with RADIUS for ICR on page 132 Configuring an ICR Partition on page 134...

  • Page 150: Figure 7: Icr Deployment

    JUNOSe 11.1.x Service Availability Configuration Guide also enables you to track the failure of uplink interfaces. ICR currently supports only PPPoE subscribers. Figure 7 on page 128 illustrates ICR deployment. Figure 7: ICR Deployment Service Provider Region RADIUS server Edge Aggregation Core Uplink...

  • Page 151: Icr Platform Considerations

    Chapter 6: Managing Interchassis Redundancy However, you must keep in mind the hardware scaling limitations when you configure an ICR cluster containing both E320 routers and ERX routers. NOTE: While deploying ICR, service providers must ensure that the aggregation layer between the E Series router and access node (DSLAM) provides a broadcast domain per VLAN or per S-VLAN between active and backup routers.

  • Page 152: Icr Terms

    JUNOSe 11.1.x Service Availability Configuration Guide router). For example, the following command specifies a10-Gigabit Ethernet interface on slot 5, adapter 0, port 0 of an E320 router. host1(config)#interface tenGigabitEthernet 5/0/0 Interface Types and Specifiers Related Topics ICR Terms Table 19 on page 130 defines terms used in this discussion of ICR. Table 19: ICR Terminology Term Description...

  • Page 153: Icr Scaling Considerations

    Chapter 6: Managing Interchassis Redundancy ICR Scaling Considerations When planning an ICR cluster you must ensure that you have provisioned adequate backup capacity in the event of a worst-case failure scenario such as a multiple hardware or multiple router failure. NOTE: Remember to consider parameters such as link bandwidth, QoS, and line module scaling limitations when you plan the deployment of the ICR cluster.

  • Page 154: Interaction With Radius For Icr

    JUNOSe 11.1.x Service Availability Configuration Guide Configuring an ICR Partition on page 134 Related Topics Interaction with RADIUS for ICR Authorization and authentication access messages identify subscribers before the RADIUS server grants or denies those subscribers access to the network or network services.

  • Page 155: Icr Partition Accounting Overview

    Chapter 6: Managing Interchassis Redundancy command. When included in Acct-Stop messages, the attributes are also included in Interim-Acct messages. In addition to including the ICR-Partition-Id VSA in RADIUS Access-Request, Acct-Start, Acct-Stop, and Interim-Acct messages, the router also sends the Partition-Accounting-On and Partition-Accounting-Off messages: Both Partition-Accounting messages include the ICR-Partition-Id VSA.

  • Page 156: Configuring An Icr Partition

    JUNOSe 11.1.x Service Availability Configuration Guide show radius icr-partition-accounting Configuring RADIUS Attributes in the JUNOSe Broadband Access Configuration Guide Configuring an ICR Partition You can use RADIUS servers to authenticate subscribers and collect statistics related to the users logging in to an ICR partition on a virtual router. When you configure an ICR partition, you configure the interface on which the ICR partition resides and create a unique VRRP instance to manage the partition.

  • Page 157: Configuring The Interface On Which The Icr Partition Resides

    Chapter 6: Managing Interchassis Redundancy Configuring the Interface on Which the ICR Partition Resides You can create multiple ICR partitions on an interface. For information on the number of ICR partitions that you can create, see JUNOSe Release Notes, Appendix A, System Maximums.

  • Page 158: Naming Icr Partitions

    JUNOSe 11.1.x Service Availability Configuration Guide Specify the priority of the router. Assign the higher priority to the master ICR partition and a lower priority to the backup ICR partition. host1(config-if)#ip vrrp priority 200 (Optional) Enable the router to learn the VRRP advertisement interval. Use this only when you plan on upgrading your router by means of a unified in-service software upgrade (ISSU).

  • Page 159: Grouping Icr Subscribers Based On S-Vlan Ids

    Chapter 6: Managing Interchassis Redundancy ICR Overview on page 127 Related Topics ip vrrp icr-partition Monitoring the Configuration of ICR Partitions on page 143 Grouping ICR Subscribers Based on S-VLAN IDs You can group ICR subscribers based on S-VLAN IDs. When you configure an S-VLAN list or S-VLAN range or an S-VLAN and VLAN subinterface pair, you can include any or all of the following keywords: Use the control-interface keyword to control the state of the corresponding...

  • Page 160: Grouping Icr Subscribers Based On Vlan Ids

    JUNOSe 11.1.x Service Availability Configuration Guide host1(config-if)#ip vrrp 1 icr-partition svlan-list-explicit 120 1 120 2 control-interface use-default-mac advertise-mac (Optional) Configure additional S-VLAN subinterfaces by completing Steps 2 and 3 using unique numbering. Grouping ICR Subscribers Based on VLAN IDs on page 138 Related Topics ip vrrp icr-partition group ip vrrp icr-partition svlan-list...

  • Page 161: Example: Configuring Icr Partitions That Group Subscribers By S-Vlan Id

    Chapter 6: Managing Interchassis Redundancy Specify the starting ID and ending ID of the range of VLAN subinterfaces. In the following example, you specify the first and the last ID of the range because the IDs are in sequential order. host1(config-if)#ip vrrp 1 icr-partition vlan-range 10 40 control-interface use-default-mac advertise-mac (Optional) Configure additional VLAN subinterfaces by completing Step 2 using...
  • Page 162 JUNOSe 11.1.x Service Availability Configuration Guide host1 (config-if)#ip vrrp 1 icr-partition svlan-list-explicit 120 1 120 2 advertise-mac control-interface use-default-mac host1 (config-if)#exit The following example shows how to configure a backup ICR partition on an E320 router. Configure the interface on which the ICR partition resides and then create a new VRRP instance that manages the backup ICR partition.

  • Page 163: Using Radius To Manage Subscribers Logging In To Icr Partitions

    Chapter 6: Managing Interchassis Redundancy ICR Scaling Considerations on page 131 Using RADIUS to Manage Subscribers Logging In to ICR Partitions To configure RADIUS to manage subscribers logging in to ICR partitions on the router, perform the following tasks: Configure inclusion of the ICR-Partition-ID VSA in RADIUS messages. host1(config)#radius-include icr-partition-id acct-start enable Issuing this command includes the ICR-Partition-ID VSA in Acct-Start messages.

  • Page 164: Table 20: Show Icr-Partition Output Fields

    JUNOSe 11.1.x Service Availability Configuration Guide enabled disabled disabled enabled disabled disabled enabled disabled disabled enabled disabled disabled ----------------------------------------------------------------------- ICR Partition has 10 group members. Table 20 on page 142 lists the show icr-partition command output fields. Meaning Table 20: show icr-partition Output Fields Field Name Field Description ICR Partition ID...

  • Page 165: Monitoring The Configuration Of Icr Partitions

    Chapter 6: Managing Interchassis Redundancy Table 20: show icr-partition Output Fields (continued) Field Name Field Description vrrp-mac Configures the interface to use the default MAC address instead of the VRRP MAC address. Possible states: enabled or disabled. If the status is enabled, the interface uses the VRRP MAC address;...

  • Page 166: Table 21: Show Icr-Partitions Output Fields

    JUNOSe 11.1.x Service Availability Configuration Guide Master ICR Partitions: 1 Total ICR Partitions: 5 You can also display information about configured ICR partitions using a filter as an alternative to specifying the state keyword. For instance, to display information about the backup and dormant ICR partitions only, you can use the exclude Master keywords, as shown in the following example: host1#show icr-partitions | exclude Master Interface-Location Vrrp-Id...
  • Page 167 Chapter 6: Managing Interchassis Redundancy Table 21: show icr-partitions Output Fields (continued) Field Name Field Description Total ICR Partitions Total number of ICR partitions configured on the router. Configuring the Interface on Which the ICR Partition Resides on page 135 Related Topics show icr-partitions Monitoring the Configuration of ICR Partitions...
  • Page 168 JUNOSe 11.1.x Service Availability Configuration Guide Monitoring the Configuration of ICR Partitions...

  • Page 169: Part 2 Index

    Part 2 Index Index on page 149 Index...
  • Page 170 JUNOSe 11.1.x Service Availability Configuration Guide Index...

  • Page 171: Index

    Index Access-Request messages failover. See switchover ICR Partition ID VSA...........132 file system synchronization mode Acct-Start messages redundancy mode..........27 ICR Partition ID VSA...........132 Acct-Stop messages ICR Partition ID VSA...........132 active hardware high availability state..........30 monitoring information........19 application support high availability high availability.............32 activating..............42 assembly numbers, displaying for hardware....19 activating guidelines..........41...
  • Page 172 JUNOSe 11.1.x Service Availability Configuration Guide ICR Partition commands naming ..............136 LEDs ICR partition ID VSA monitoring status..........19 including in access and accounting line module redundancy messages............132 configuring............7, 10 ICR Partition ID VSA E120 and E320 Broadband Services Routers..7 transmitting to the virtual router IOA behavior...........7 where ICR control interface is ERX7xx models and ERX14xx models....7...
  • Page 173 Index Service Availability Features..............5 technical support ICR................6 contacting JTAC............xxi Module redundancy..........5 text and syntax conventions........xx Stateful SRP Switchover..........5 Unified ISSU............5 VRRP..............6 show environment command........20 unified ISSU (in-service software upgrade)....57 show hardware command...........20 AAA support............80 show icr commands application support..........71 show icr-partition..........141 ATM support............80 show icr-partitions..........143 ATM port date rate.........80...
  • Page 174 JUNOSe 11.1.x Service Availability Configuration Guide requirements preemption..........110, 112 hardware............60 router election rules..........110 software............60 router priority.............112 traffic forwarding...........60 VLAN support.............105 verification in upgrade phase......66 VRRP router defined ..........106 restoring original router state......99, 100 vrrp commands router behavior.............58 ip vrrp..............112 service restoration phase........63, 71 ip vrrp accept-data..........112 SONET/SDH support..........91 ip vrrp advertise-interval........112...

This manual is also suitable for:

Junose 11.1

Table of Contents