Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08 Configuration Manual
  1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE...
  6. Configuration manual
Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08 Configuration Manual

Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08 Configuration Manual

Software for e series broadband services routers service availability configuration guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
JunosE™ Software for
E Series™ Broadband
Services Routers
Service Availability Configuration Guide
Release
11.3.x
Published: 2010-10-08
Copyright © 2010, Juniper Networks, Inc.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08 and is the answer not in the manual?

Questions and answers

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08

Summary of Contents for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08

  • Page 1 JunosE™ Software for E Series™ Broadband Services Routers Service Availability Configuration Guide Release 11.3.x Published: 2010-10-08 Copyright © 2010, Juniper Networks, Inc.
  • Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
  • Page 3 REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable...
  • Page 4 Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customer’s ability to export the Software without an export license. Copyright © 2010, Juniper Networks, Inc.
  • Page 5 (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA http://www.gnu.org/licenses/gpl.html...
  • Page 6 Copyright © 2010, Juniper Networks, Inc.

  • Page 7: Table Of Contents

    Index ............189 Copyright © 2010, Juniper Networks, Inc.
  • Page 8 JunosE 11.3.x Service Availability Configuration Guide viii Copyright © 2010, Juniper Networks, Inc.
  • Page 9 Installing a Redundant SRP Module ........20 Copyright © 2010, Juniper Networks, Inc.
  • Page 10 Disabled ........... 76 Copyright © 2010, Juniper Networks, Inc.
  • Page 11 When HA Is Disabled ......... 93 Copyright © 2010, Juniper Networks, Inc.
  • Page 12 VLAN Statistics Monitoring Halts Unified ISSU Progress ....126 Unexpected File Transfer Protocol Server Behavior During Unified ISSU ..127 Copyright © 2010, Juniper Networks, Inc.
  • Page 13 ICR Terms ............172 Copyright © 2010, Juniper Networks, Inc.
  • Page 14 Index ............189 Copyright © 2010, Juniper Networks, Inc.
  • Page 15 Figure 9: ICR Deployment ..........170 Figure 10: Sample 1:1 Subscriber Redundancy in a 4–Node ICR Cluster ..173 Copyright © 2010, Juniper Networks, Inc.
  • Page 16 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.
  • Page 17 Table 27: show ip vrrp statistics Output Fields ......165 Copyright © 2010, Juniper Networks, Inc.
  • Page 18 Table 31: show icr-partitions Output Fields ......185 xviii Copyright © 2010, Juniper Networks, Inc.

  • Page 19: About The Documentation

    Audience This guide is intended for experienced system and network specialists working with Juniper Networks E Series Broadband Services Routers in an Internet access environment. E Series and JunosE Text and Syntax Conventions Table 1 on page xx defines notice icons used in this documentation.

  • Page 20: Table 1: Notice Icons

    Indicates that you must press two or more Press Ctrl + b. keys simultaneously. Syntax Conventions in the Command Reference Guide Plain text like this Represents keywords. terminal length Italic text like this Represents variables. mask, accessListName Copyright © 2010, Juniper Networks, Inc.

  • Page 21: Obtaining Documentation

    CD-ROMs or DVD-ROMs, see the Portable Libraries page at http://www.juniper.net/techpubs/resources/index.html Copies of the Management Information Bases (MIBs) for a particular software release are available for download in the software image bundle from the Juniper Networks Web site at http://www.juniper.net/...

  • Page 22: Self-Help Online Tools And Resources

    7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...

  • Page 23: Chapters

    Managing Stateful SRP Switchover on page 35 Managing Stateful Line Module Switchover on page 67 Configuring a Unified In-Service Software Upgrade on page 101 Configuring VRRP on page 149 Managing Interchassis Redundancy on page 169 Copyright © 2010, Juniper Networks, Inc.
  • Page 24 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 25: Service Availability

    CHAPTER 1 Service Availability This chapter explains what service availability is and discusses the features of service availability. It also discusses Juniper Networks multi-layered service availability approach for uninterrupted delivery of services. Service Availability Overview on page 3 Understanding Service Availability Features on page 5...

  • Page 26: Service Availability Versus High Availability

    Service availability can thus be defined as the ability to provide uninterrupted delivery of services using a highly available network. Related Understanding Service Availability Features on page 5 Documentation Copyright © 2010, Juniper Networks, Inc.

  • Page 27: Understanding Service Availability Features

    Interchassis Redundancy on page 6 Module Redundancy For hardware components, Juniper Networks provides redundancy solutions to ensure that the router continues to operate in the event of a hardware fault. Redundancy also enables you to hot-swap various components within your E Series router.

  • Page 28: Unified Issu

    In this way, ICR enables you to completely recover from router failure. ICR uses Virtual Router Redundancy Protocol (VRRP) to detect failures. ICR also enables you to track the failure of uplink interfaces. ICR currently supports only PPPoE subscribers. Copyright © 2010, Juniper Networks, Inc.
  • Page 29 Documentation Managing Stateful SRP Switchover on page 35 Configuring a Unified In-Service Software Upgrade on page 101 Configuring VRRP on page 149 Managing Interchassis Redundancy on page 169 Service Availability Overview on page 3 Copyright © 2010, Juniper Networks, Inc.
  • Page 30 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 31: Managing Module Redundancy

    Monitoring Redundancy Status on E320 Router on page 30 Line Module Redundancy Overview You can install an extra line module in a group of identical line modules to provide redundancy if one of the modules fails. Copyright © 2010, Juniper Networks, Inc.

  • Page 32: Line Module Redundancy Requirements

    E120 and E320 Hardware Guide. On E120 and E320 routers, each side of the chassis is treated as a redundancy group. The lowest numbered slot for each side acts as the spare line module, providing backup Copyright © 2010, Juniper Networks, Inc.

  • Page 33: Ioa Behavior When The Router Reboots

    Line Module Redundancy Overview on page 9 Documentation Configuring Line Module Redundancy on page 13 Managing Line Module Redundancy on page 13 Stateful Line Module Switchover Overview on page 68 Stateful Line Module Switchover Platform Considerations on page 70 Copyright © 2010, Juniper Networks, Inc.

  • Page 34: Understanding Automatic Switchover

    If the router is using the spare line module, no redundancy is available. Reverting to the primary module as soon as possible is desirable. By default, the router does not automatically revert to the primary module after switchover; however, Copyright © 2010, Juniper Networks, Inc.

  • Page 35: Configuring Line Module Redundancy

    Line Module Redundancy Overview on page 9 Documentation Line Module Redundancy Requirements on page 10 Configuring Line Module Redundancy on page 13 Stateful Line Module Switchover Overview on page 68 Stateful Line Module Switchover Modes on page 83 Copyright © 2010, Juniper Networks, Inc.

  • Page 36: Module

    ------ ------- ------ spare primary protected midplane midplane slots type ----- -------- -------- 0 - 5 Force the router to switch from the primary line module to the spare line module. host1#redundancy force-switchover 2 Copyright © 2010, Juniper Networks, Inc.

  • Page 37: Interoperation Of Redundancy And Stateful Switchover For Line Modules

    High availability configuration for a line module takes precedence over its redundancy group setting. Related Stateful Line Module Switchover Overview on page 68 Documentation mode line-card switch show redundancy line-card show redundancy history Copyright © 2010, Juniper Networks, Inc.

  • Page 38: Understanding Srp Module Redundancy

    The redundant SRP module restarts and takes the primary role without reloading new code. (When upgrading software, you must reload the software on the redundant SRP module. See Installing JunosE Software in the JunosE System Basics Configuration Guide.) All line modules reboot. Copyright © 2010, Juniper Networks, Inc.
  • Page 39 Failure of the primary SRP module (hardware or software) Pushing the recessed reset button on the primary SRP module. (See Figure 2 on page 18 and Figure 3 on page 19.) Issuing the srp switch command Issuing the redundancy force-switchover command Copyright © 2010, Juniper Networks, Inc.

  • Page 40: Figure 2: Srp Module On Erx7Xx Models And Erx14Xx Models

    JunosE 11.3.x Service Availability Configuration Guide Figure 2: SRP Module on ERX7xx Models and ERX14xx Models Copyright © 2010, Juniper Networks, Inc.

  • Page 41: Understanding Configuration Of Srp Modules For Redundancy

    SRP switchover causes the redundant SRP module to take the role of primary SRP module with the configuration specified by the .cnf file. The new primary SRP module does not use the running configuration. Copyright © 2010, Juniper Networks, Inc.

  • Page 42: Installing A Redundant Srp Module

    When the module is in standby state, the REDUNDANT LED is on and the ONLINE LED is off. If you issue the show version command, the state field for the slot that contains the redundant SRP module is standby. Copyright © 2010, Juniper Networks, Inc.

  • Page 43: Managing Srp Module Redundancy

    Synchronize the NVS file system of the redundant SRP module to that of the primary SRP module. host1#synchronize low-level-check all Related Understanding SRP Module Redundancy on page 16 Documentation Installing a Redundant SRP Module on page 20 disable-switch-on-error synchronize Copyright © 2010, Juniper Networks, Inc.

  • Page 44: Switching To The Redundant Srp Module

    Module is active, but no redundant module is available. Module is in standby state. Module is active, and a redundant module is available. Related Line Module Redundancy Overview on page 9 Documentation Understanding SRP Module Redundancy on page 16 Copyright © 2010, Juniper Networks, Inc.

  • Page 45: Monitoring Redundancy In Installed Hardware

    17 slot (id 0x3, rev. 0x0) fabric: 100 Gbps (rev. 1) fans: fanSubsystemOk nvs: ok (977MB flash disk, 29% full), matches running config power: A ok, B not present srp redundancy: mode is file-system-synchronization auto-sync Copyright © 2010, Juniper Networks, Inc.
  • Page 46 IOA temperature ranges below -5C is too cold above 79C is too hot low temperature warning below 10C high temperature warning above 70C Meaning Table 5 on page 25 lists the show environment command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 47: Table 5: Show Environment Output Fields

    Status of redundancy on the switch fabric on the E120 and E320 routers. Possible values: ok and none. temperature Status of the system temperature Copyright © 2010, Juniper Networks, Inc.
  • Page 48 -5 C processor temperature ranges Temperature ranges for the line modules and SRP modules. Copyright © 2010, Juniper Networks, Inc.

  • Page 49: Monitoring Redundancy In Line Module And Srp Modules

    ---- ------------- ---------- ---------- -------- --------- SRP-10Ge I/O 4605250426 3500003302 CT3/T3-12 I/O 4305316605 3500010801 OC3(8)-MM I/O 4304443600 4500001501 GE-SFP I/O 4605310064 4500002001 base slot MAC address ---- -------------- 0090.1aa0.577a Copyright © 2010, Juniper Networks, Inc.
  • Page 50 4500006701 1.104 SFM-100 4304206737 4500006701 1.104 Adapters -------- number serial assembly assembly slot type number number rev. addresses ---- -------- ---------- ---------- -------- --------- GE-4 IOA 4304020462 4500006800 SRP IOA 4303470366 4500006500 11/0 11/1 Copyright © 2010, Juniper Networks, Inc.

  • Page 51: Table 6: Show Hardware Output Fields

    Kind of module or chassis and fan tray in the E120 and E320 routers; an “e” at the end of an SRP module type (for example, SRP-5Ge) indicates that the module includes error-checking code (ECC) memory. Copyright © 2010, Juniper Networks, Inc.

  • Page 52: Monitoring Redundancy Status On E320 Router

    Criteria Preventing High Availability from being Active ------------------------------------------------------- criterion ----------------------------------------------- Standby SRP is online and capable of mirroring? Line Card --------- automatic reverting is off backed sparing hardware lockout revert slot role config slot slot Copyright © 2010, Juniper Networks, Inc.

  • Page 53: Table 7: Show Redundancy Output Fields

    Copyright © 2010, Juniper Networks, Inc.
  • Page 54 Slot in which the fabric slice resides. slice state State of the fabric slice. Possible values: online or not present. type Identifier for the type of hardware. Possible values: SRP modules or SFM modules. Copyright © 2010, Juniper Networks, Inc.
  • Page 55 Chapter 2: Managing Module Redundancy Related show redundancy Documentation show redundancy line-card show redundancy srp Copyright © 2010, Juniper Networks, Inc.
  • Page 56 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 57: Managing Stateful Srp Switchover

    CHAPTER 3 Managing Stateful SRP Switchover This chapter describes how to manage Juniper Networks Stateful SRP Switchover (also referred to as high availability or HA) software features for E Series routers. Use this chapter with “Managing Module Redundancy” on page 9 to fully manage the SRP features.

  • Page 58: Stateful Srp Switchover Platform Considerations

    For hardware components, Juniper Networks provides redundancy solutions to ensure that the router continues to operate in the event of a hardware fault. This redundancy can exist on various router models in the form of multiple power supplies, cooling fans, switching planes, routing engines and, in some cases, interfaces.

  • Page 59: Stateful Srp Switchover Redundancy Modes

    Redundancy” on page 9. High Availability Mode Currently applicable to the SRP module, Juniper Networks high availability mode uses an initial bulk file transfer and subsequent, transaction-based mirroring to ensure rapid SRP module recovery after a switchover. This process is referred to in this chapter as stateful SRP switchover.

  • Page 60: Stateful Srp Switchover States

    Related Stateful SRP Switchover States on page 38 Documentation disable-autosync redundancy mode Stateful SRP Switchover States The SRP progresses through various high availability states. These states are illustrated in Figure 4 on page 39. Copyright © 2010, Juniper Networks, Inc.

  • Page 61: Disabled State

    If any one criterion is not met, the system remains in the disabled state, until the criterion is met. If a switchover occurs while the system is in the disabled state, the system cold-restarts. Copyright © 2010, Juniper Networks, Inc.

  • Page 62: Initializing State

    The standby SRP module replays the updates (in the order in which they were committed on the active SRP module) and makes the appropriate changes for each changed application. Updates that need to be stored in NVS (that is, for static configurations) are updated in NVS. Copyright © 2010, Juniper Networks, Inc.

  • Page 63: Managing Stateful Srp Switchover

    If a switchover occurs while the system is in the pending state, the system cold-restarts. Related Monitoring the Redundancy Status on page 56 Documentation Monitoring the Redundancy Status of SRP Modules on page 63 Copyright © 2010, Juniper Networks, Inc.

  • Page 64: Application Support For Stateful Srp Switchover

    Application Support Table 8: Application Support for Stateful SRP Switchover Application Supported Unsupported Notes Physical Layer Protocols – – – – HDLC – – SONET/SDH – – SONET/SDH VT – – Link-Layer Protocols Copyright © 2010, Juniper Networks, Inc.
  • Page 65 (the maximum duration for graceful restart completion). – Supported for IPv4 only when the graceful restart extension is enabled. Does not support graceful restart for IPv6 address families. – Static recovery support only. Copyright © 2010, Juniper Networks, Inc.
  • Page 66 NVS and mirrored storage. This behavior enables static routes that are dependent on high-priority interfaces to be resolved quickly and installed in the IP routing table. Telnet – Static recovery support only. IPv4 Multicast Routing Copyright © 2010, Juniper Networks, Inc.
  • Page 67 SC IGMP state is created. After the maximum query response time (across all interfaces) expires to allow hosts to re-establish join state, IGMP notifies MGTM that graceful restart is complete. Copyright © 2010, Juniper Networks, Inc.
  • Page 68 The multicast queues are also preserved during the switchover and graceful restart period to ensure that multicast data continues to be forwarded using the previously learned multicast forwarding state. Copyright © 2010, Juniper Networks, Inc.
  • Page 69 A VR-global configurable graceful restart timer is required for PIM to time out the re-establishment of the join state for sparse-mode interfaces. After this timer expires, PIM notifies MGTM that graceful restart is complete. Copyright © 2010, Juniper Networks, Inc.
  • Page 70 LDP signaling does not support HA for IPv6. RSVP signaling – — Local – – cross-connects between layer 2 interfaces using MPLS Policies and QoS Policies – – – Static recovery support only. Copyright © 2010, Juniper Networks, Inc.
  • Page 71 (high availability). After SRP warm switchover, the router restores the client bindings from the mirrored DHCPv6 information as it does for other applications that support stateful SRP switchover. L2TP – — L2TP Dialout – – Copyright © 2010, Juniper Networks, Inc.
  • Page 72 Static recovery support only. Miscellaneous – — DNSv6 – If DNSv6 is configured, no warning or error is displayed during a warm start. DNSv6 is subsequently configured from NVS as it is after a cold reboot. Copyright © 2010, Juniper Networks, Inc.

  • Page 73: Guidelines For Activating High Availability

    Before you activate high availability on the SRP modules, you must be aware of any high availability–related changes to SRP management commands. For information on high availability-related changes to SRP, see “Managing Stateful SRP Switchover” on page 35. Copyright © 2010, Juniper Networks, Inc.

  • Page 74: Activating High Availability

    In Redundancy Configuration mode, specify high availability as the redundancy mode. host1(config-redundancy)#mode high-availability Related Stateful SRP Switchover Redundancy Modes on page 37 Documentation Guidelines for Activating High Availability on page 51 redundancy mode Copyright © 2010, Juniper Networks, Inc.

  • Page 75: Guidelines For Deactivating High Availability

    Specify file system synchronization mode as the redundancy mode. host1(config-redundancy)#mode file-system-synchronization Specify the no version to disable high availability. host1(config-redundancy)#no mode Related Stateful SRP Switchover Redundancy Modes on page 37 Documentation Guidelines for Deactivating High Availability on page 53 redundancy mode Copyright © 2010, Juniper Networks, Inc.

  • Page 76: Guidelines For Setting The Ip Interface Priority

    To set the priority for the IPv4 or IPv6 interface, you can do one of the following: From Subinterface Configuration mode, explicitly configure the IPv4 interface as high-priority: host1(config-subif)#ip initial-sequence-preference 1 From Subinterface Configuration mode, explicitly configure the IPv6 interface as low-priority: host1(config-subif)#ipv6 initial-sequence-preference 0 Copyright © 2010, Juniper Networks, Inc.

  • Page 77: Guidelines For Upgrading Software

    (that is, until the active and standby SRP modules are again running the same release). Related Stateful SRP Switchover Redundancy Modes on page 37 Documentation Stateful SRP Switchover States on page 38 srp switch Copyright © 2010, Juniper Networks, Inc.

  • Page 78: Monitoring The Redundancy Status

    Active SRP hardware supports High Availability? High Availability mode configured? Mirroring Subsystem present? Mirroring activity levels within limits? Network Core Dumps disabled? Running configuration is safe for High Availability? Standby SRP hardware supports High Availability? Copyright © 2010, Juniper Networks, Inc.

  • Page 79: Table 9: Show Redundancy Output Fields

    SRP module recovery after a switchover by using initial bulk file transfer and subsequent, transaction-based mirroring. file-system-synchronization—Default redundancy mode of the router. SRP modules reload all line modules and restart form saved configuration files. Copyright © 2010, Juniper Networks, Inc.
  • Page 80 Time at which you want the line module to revert. midplane type Identifier for the type of midplane. midplane rev Hardware revision number of the redundancy midplane. Copyright © 2010, Juniper Networks, Inc.

  • Page 81: Monitoring The Redundancy Status Of Applications

    ------------------------------------ client mode configuration --------------------- ----------- ------------- atm1483DataService supported safe AA83 supported safe aaaServer supported safe atmAal5 supported safe AAQS supported safe supported safe Bridged Ethernet supported safe Transparent Bridging supported safe supported safe Copyright © 2010, Juniper Networks, Inc.

  • Page 82: Table 10: Show Redundancy Clients Output Fields

    For example, if an unsupported client has been configured on a router with high availability enabled, the configuration reads “unsafe”. Copyright © 2010, Juniper Networks, Inc.

  • Page 83: Monitoring The Redundancy History

    Amount of time elapsed since the last cold boot. last cold start Date and time the router experienced the last cold start. last cold switchover Date and time the router experienced the last cold switchover. Copyright © 2010, Juniper Networks, Inc.

  • Page 84: Monitoring The Redundancy Status Of Line Modules

    ---- -------- --------- ------ ------- ------ spare primary protected midplane midplane slots type ------ -------- -------- 8 - 13 Meaning Table 12 on page 63 lists the show redundancy line-card command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 85: Monitoring The Redundancy Status Of Srp Modules

    To display the redundancy status of the SRP modules in detail. host1#show redundancy srp detail high-availability state: disabled current redundancy mode: file-system-synchronization last activation type: cold-start Criteria Required for High Availability to be Active ---------------------------------------------------- criterion ---------------------------------------------------- Active SRP hardware supports High Availability? Copyright © 2010, Juniper Networks, Inc.

  • Page 86: Table 13: Show Redundancy Srp Output Fields

    Criteria Required for High Criteria required for high availability to be active. Availability to be Active NOTE: All criteria must be “yes” for high availability to be active. Related show redundancy srp Documentation Copyright © 2010, Juniper Networks, Inc.

  • Page 87: Monitoring The Redundancy Switchover History

    Related show redundancy switchover-history Documentation Clearing the Redundancy History To clear the stateful SRP switchover history for the router: Issue the clear redundancy history command: host1#clear redundancy history There is no no version. Copyright © 2010, Juniper Networks, Inc.
  • Page 88 JunosE 11.3.x Service Availability Configuration Guide Related Monitoring the Redundancy History on page 61 Documentation Monitoring the Redundancy Switchover History on page 65 clear redundancy history show redundancy history show redundancy switchover-history Copyright © 2010, Juniper Networks, Inc.

  • Page 89: Managing Stateful Line Module Switchover

    Use of Status LEDs to Monitor the High Availability States of Line Modules on page 95 Monitoring the Redundancy Status of Line Modules in a Specific Slot on page 95 Monitoring the Redundancy History of Line Modules in a Specific Slot on page 97 Copyright © 2010, Juniper Networks, Inc.

  • Page 90: Stateful Line Module Switchover Overview

    For example, the following log message is displayed when a line module event causes high availability to be disabled. Copyright © 2010, Juniper Networks, Inc.

  • Page 91: Managing Stateful Line Module Switchover

    Related Stateful Line Module Switchover Overview on page 68 Documentation Stateful Line Module Switchover Platform Considerations on page 70 System Operations When Stateful Line Module Switchover Is Enabled on page 74 Copyright © 2010, Juniper Networks, Inc.

  • Page 92: Stateful Line Module Switchover Platform Considerations

    Replacement of Line Modules When Stateful Line Module Switchover Is Enabled on page 77 Application Support for Stateful Line Module Switchover on page 79 Guidelines for Configuring Stateful Line Module Switchover Keep the following points in mind when you configure stateful switchover for line modules: Copyright © 2010, Juniper Networks, Inc.
  • Page 93 LM and Service IOA are HA-protected. Also, subscriber sessions are not retained if the line module that connects to the LAC device reloads, when the LM and Service IOA are part of a redundancy group. Copyright © 2010, Juniper Networks, Inc.
  • Page 94 During stateful line module switchover, the forwarding controller (FC) in the access module on the router functioning as the LNS device prevents timeouts of PPP sessions Copyright © 2010, Juniper Networks, Inc.
  • Page 95 PPP-based stacks (L2TP, PPP, and IP applications) for both IPv4 and IPv6 interfaces support stateful line module switchover. You can manually switch between the primary and secondary modules. While the secondary module attempts to take over as the primary module during a switchover, Copyright © 2010, Juniper Networks, Inc.

  • Page 96: System Operations When Stateful Line Module Switchover Is Enabled

    (services) of the primary line module, the switchover of subscriber traffic occurs on the secondary line module. The secondary line module begins to operate normally, although certain users might experience some subscriber data outage. Copyright © 2010, Juniper Networks, Inc.

  • Page 97: Stateful Line Module Configuration Scenarios

    After the switchover, the secondary module starts operating as the new primary module. The previously configured primary module, after it becomes operational, takes over the role of the secondary module. Copyright © 2010, Juniper Networks, Inc.

  • Page 98: High Availability Configured And Disabled On The Line Module

    (ICC) sessions to be reestablished. The system infrastructure ensures this task of relearning of details is transparent to the applications. Any notification sent by the applications on the IC-IC communication is either buffered until the Copyright © 2010, Juniper Networks, Inc.

  • Page 99: Line Module Redundancy

    Reloading the Primary Line Module in Response to Failures When a software fault occurs on the primary line module or if you enter the slot disable or reload slot commands for the slot in which the primary line module is installed, the Copyright © 2010, Juniper Networks, Inc.

  • Page 100: Reloading The Secondary Line Module In Response To Failures

    With both these features, all the existing subscriber sessions are lost during the switchover. When a warm switchover of the line module in a high availability pair occurs, subscriber sessions are not lost during the switchover. Copyright © 2010, Juniper Networks, Inc.

  • Page 101: Application Support For Stateful Line Module Switchover

    The policy application sends multiple policy attachment requests from the SRP module to the line module in a single notify operation and in a bulk manner, instead of one policy attachment request in each notify event. This method of transferring Copyright © 2010, Juniper Networks, Inc.

  • Page 102: Qos

    This behavior of not preserving sessions that are not established is similar to the characteristic followed during unified ISSU, where sessions that are not completely created retry after the newly configured primary line module is available. Copyright © 2010, Juniper Networks, Inc.

  • Page 103: L2Tp

    All possible next hop attributes, which signify the IP address of the node that is closer to the advertised prefix (such as MPLS and ATM sessions), at the LNS are supported. PPP keepalive messages are not considered for the session statistics calculated during stateful switchover. Copyright © 2010, Juniper Networks, Inc.

  • Page 104: Mirroring Subsystem

    A unified ISSU operation proceeds properly if the configured secondary line module had taken over as the newly active primary line module. When you enter the issu start command to begin the upgrade phase of the unified ISSU process, the secondary line Copyright © 2010, Juniper Networks, Inc.

  • Page 105: Iccp

    High Availability Mode The high availability mode uses an initial bulk file transfer and subsequent, transaction-based mirroring to ensure rapid line module recovery after a switchover. This process is referred to as stateful line module switchover. Copyright © 2010, Juniper Networks, Inc.

  • Page 106: Stateful Line Module Switchover States

    Documentation mode line-card switch show redundancy history show redundancy line-card Stateful Line Module Switchover States The line module progresses through various high availability states. These states are illustrated in Figure 5 on page 85. Copyright © 2010, Juniper Networks, Inc.

  • Page 107: Disabled State

    If any one criterion is not met, the system remains in the disabled state, until the criterion is met. If a switchover occurs while the system is in the disabled state, the system undergoes a cold-switchover. Copyright © 2010, Juniper Networks, Inc.

  • Page 108: Initializing State

    When making changes or updates, applications create individual transactions, perform the updates on the active line module, and post the transactions. Following the updates, the active line module sends the changes to the standby line module. Copyright © 2010, Juniper Networks, Inc.

  • Page 109: Guidelines For Activating High Availability

    If high availability mode cannot become active because of unsafe configuration on the active and standby line modules, the system reverts to its default mode (redundancy configuration). When active, the router configuration files are mirrored from the active line module to the standby line module. Copyright © 2010, Juniper Networks, Inc.

  • Page 110: Activating High Availability

    Related Guidelines for Activating High Availability on page 87 Documentation Stateful Line Module Switchover Modes on page 83 Application Support for Stateful Line Module Switchover on page 79 mode Copyright © 2010, Juniper Networks, Inc.

  • Page 111: Guidelines For Deactivating High Availability

    To disable high availability support: From Global Configuration mode, launch Redundancy Configuration mode. host1(config)#redundancy In Redundancy Configuration mode, disable high availability on the line module pair previously configured for stateful switchover host1(config-redundancy)#no mode high availability slot 11 16 Copyright © 2010, Juniper Networks, Inc.

  • Page 112: Switching Over From A Primary Line Module To Secondary Line Module

    ES2-ES1 Service IOA on E120 and E320 routers. After you enter this command, the line module configured as the secondary starts functioning as the primary module. The previously configured primary module, after it becomes operational again, takes overs the role of the secondary module. Copyright © 2010, Juniper Networks, Inc.

  • Page 113: Log Messages Generated For Stateful Lm Switchover

    Log Messages Displayed During the Transition from Active State to Pending or Disabled State When an unsupported application is configured after HA is active on the line module, the application is regarded as unsafe for HA. The state machine on the line module transitions Copyright © 2010, Juniper Networks, Inc.

  • Page 114: Log Messages Displayed During The Transition From Pending Or Disabled State To Active State

    ERROR 12/15/2003 23:34:23 os (): Standby SRP has assumed the role of Active SRP (warm restart) ERROR 12/15/2003 23:34:23 os (): Secondary line card in slot X has assumed the role of Primary line card in slot Y (warm restart) Copyright © 2010, Juniper Networks, Inc.

  • Page 115: Log Messages Displayed For Stateful Srp And Line Module Switchover When Ha Is Disabled

    Number of IPv4 packets received from the interface (Acct-Input-Packets, RADIUS attribute 47) Number of IPv4 packets transmitted to the interface (Acct-Output-Packets, RADIUS attribute 48) Number of IPv6 octets received from the interface (Ipv6-Acct-Input-Octets, RADIUS attribute 26-151) Copyright © 2010, Juniper Networks, Inc.

  • Page 116: Policy Statistics

    Although the applications that support stateful line module switchover are enhanced in their infrastructure and design capabilities, performance of the line modules is not Copyright © 2010, Juniper Networks, Inc.

  • Page 117: Use Of Status Leds To Monitor The High Availability States Of Line Modules

    State type role config slot slot ---- -------- --------- ------- ------ ------ ------- ------ disabled cold Criteria Preventing High Availability from being Active ------------------------------------------------------- slot criterion ---------------------------------------------------- Running configuration is safe for High Availability? Copyright © 2010, Juniper Networks, Inc.

  • Page 118: Table 16: Show Redundancy Line-Card Slot Slotnum Output Fields

    During the active state, the mirroring subsystem synchronizes the secondary line module with the primary line module by mirroring updates to mirrored volatile storage slot Slot number in which the line module resides Copyright © 2010, Juniper Networks, Inc.

  • Page 119: Monitoring The Redundancy History Of Line Modules In A Specific Slot

    ---- -------- --------- ------- ------ ------- 00:32:09 2009-06-10 17:56:15 2009-06-01 17:56:15 To display additional redundancy history information: host1#show redundancy history line-card slot 3 detail Copyright © 2010, Juniper Networks, Inc.

  • Page 120: Table 17: Show Redundancy History Line-Card Slot Slotnum Output Fields

    Slot in which the line module resides uptime Amount of time the line module has been operational Copyright © 2010, Juniper Networks, Inc.
  • Page 121 Chapter 4: Managing Stateful Line Module Switchover Related Activating High Availability on page 88 Documentation Deactivating High Availability on page 89 mode line-card switch show redundancy history show redundancy line-card Copyright © 2010, Juniper Networks, Inc.
  • Page 122 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 123: Configuring A Unified In-Service Software Upgrade

    Unexpected Suspension of PIM During Unified ISSU on page 133 Unexpected Suspension of Subscriber Login and Logouts During Unified ISSU on page 134 Unexpected SONET and SDH Behavior During Unified ISSU on page 134 Copyright © 2010, Juniper Networks, Inc.

  • Page 124: Unified Issu Overview

    When you attempt a unified in-service software upgrade on a router on which a unified ISSU-challenged application is configured, the unified in-service software upgrade cannot proceed. You must unconfigure the unified ISSU-challenged application to successfully perform the unified ISSU. Copyright © 2010, Juniper Networks, Inc.

  • Page 125: Router Behavior During A Unified In-Service Software Upgrade

    Unified ISSU Phases Overview on page 107 Documentation Application Support for Unified ISSU on page 115 Hardware and Software Requirements Before Beginning a Unified ISSU on page 104 Upgrading Router Software with Unified ISSU on page 139 Copyright © 2010, Juniper Networks, Inc.

  • Page 126: Unified Issu Platform Considerations

    Hardware and Software Requirements Before Beginning a Unified ISSU The following hardware and software prerequisites must be met for the successful completion of unified ISSU. You can issue the show issu command to determine whether the routers meets these requirements. Copyright © 2010, Juniper Networks, Inc.

  • Page 127: Hardware Requirements For Unified Issu

    ISSU process. When hardware updates are required for modules that you have installed in an ERX1440 router, contact your Juniper Networks representative to determine whether the update affects unified ISSU. Software Requirements for Unified ISSU The running JunosE Software release must support unified ISSU.

  • Page 128: Unified Issu Terms

    The SRP module or line module is initialized from the loaded operational image. The line modules are reloaded and the configuration is read from flash memory. When the line modules are operational, their configuration data is bulk downloaded and their interfaces become operational. Copyright © 2010, Juniper Networks, Inc.

  • Page 129: Unified Issu References

    The router is prepared for the upgrade. The configuration that has been mirrored to the standby SRP module is upgraded according to the upgrade release. This phase can last from a few minutes Copyright © 2010, Juniper Networks, Inc.

  • Page 130: Unified Issu Initialization Phase Overview

    CLI warns you of the issue and prompts you to proceed or quit the upgrade process. More serious failures cause the CLI to exit the command and provide a message describing the issue. Copyright © 2010, Juniper Networks, Inc.

  • Page 131: Application Data Upgrade On The Standby Srp Module

    Performance of the active SRP module might be affected during the SRP module upgrade. When the upgrade release has been synchronized to the standby SRP module, stateful SRP switchover is disabled until the unified in-service software upgrade is completed. Copyright © 2010, Juniper Networks, Inc.

  • Page 132: Snmp Traps

    SRP module. During the initialization phase, this configuration data was mirrored from NVS on the active SRP module and upgraded as required by the armed release. Upgrades the control plane on each line module at the same time. Copyright © 2010, Juniper Networks, Inc.

  • Page 133: Exceptions During The Upgrade Phase

    SRP module. The line modules reboot. The standby SRP The unified ISSU operation halts. module reloads. The router undergoes a cold restart. The router boots with the armed upgrade release. The line modules reboot. Copyright © 2010, Juniper Networks, Inc.

  • Page 134: Verifications Of Requirements

    External events—Externally created events from sources other than the CLI are ignored. These events typically come from user connections, RADIUS servers, SRC software and SDX software, and SNMP, and include login requests, COA requests, multicast Copyright © 2010, Juniper Networks, Inc.

  • Page 135: Line Module Arming

    At this stage the primary SRP module is running the current release, the redundant SRP module is running the armed release, and the control plane on each supported line module is running the armed release. Copyright © 2010, Juniper Networks, Inc.

  • Page 136: Line Module Forwarding Plane Upgrade

    Unified ISSU Phases Overview on page 107 Documentation Halt of Unified ISSU During Upgrade Phase Overview on page 143 Halting Unified ISSU During Upgrade Phase on page 143 issu start show issu halt reload Copyright © 2010, Juniper Networks, Inc.

  • Page 137: Unified Issu Service Restoration Phase Overview

    An application that does not support high availability cannot support unified ISSU. Table 20 on page 116 indicates which applications support or do not support a unified in-service software upgrade, as well as limitations on their behavior. Copyright © 2010, Juniper Networks, Inc.

  • Page 138: Table 20: Application Support For Unified In-Service Software Upgrades

    ARP cache do not time out because no ARP aging occurs during unified ISSU. When the unified ISSU is completed, the ARP cache contains the same entries as it had before the unified ISSU began. Copyright © 2010, Juniper Networks, Inc.
  • Page 139 ISSU. – – IPv6 – Unified ISSU does not support IPv6. IPSec Transport – E120 and E320 routers (E120 and E320) do not support IPSec. IPSec Transport – – – (ERX1440) Copyright © 2010, Juniper Networks, Inc.
  • Page 140 Consequently, all ANCP sessions are brought down and then restored when the upgrade is completed. DVMRP – – (E120 and E320) DVMRP – – – (ERX1440) Copyright © 2010, Juniper Networks, Inc.
  • Page 141 The following configuration is not supported: The subscriber username and password are on an ATM circuit in Bridged Ethernet over ATM or IP over ATM configurations. DHCP External Server – – and Packet Trigger Copyright © 2010, Juniper Networks, Inc.
  • Page 142 DHCP local server address pools with a minimum lease time of 120 minutes to ensure that leases do not expire during the upgrade. DHCPv6 Local Server – Unified ISSU does not support IPv6. Copyright © 2010, Juniper Networks, Inc.
  • Page 143 – Route-Download Server SRC Client – – Service Manager – – Subscriber Manager – – TACACS+ – – Miscellaneous Bulk statistics – – Denial of Service – – (DoS) protection HTTP server – – Copyright © 2010, Juniper Networks, Inc.
  • Page 144 ES2-S3 GE-20 ES2-S1 10GE IOA ES2-S2 10GE PR ES2-S1 OC3-8 STM1 ATM IOA ES2-S1 OC12-2 STM4 ATM IOA ES2-S1 OC12-2 STM4 POS IOA ES2-S1 OC48 STM16 POS IOA Mobile IP Home Agent – – Copyright © 2010, Juniper Networks, Inc.
  • Page 145 OSPF Effects on Graceful Restart and Network Stability During Unified ISSU on page 132 Unexpected Suspension of PIM During Unified ISSU on page 133 Unexpected SONET and SDH Behavior During Unified ISSU on page 134 Copyright © 2010, Juniper Networks, Inc.

  • Page 146: Issu

    OAM CC cell generation resumes when the unified ISSU operation is completed. OAM VC Integrity Verification Cessation During the unified ISSU operation, verification of OAM VC integrity stops. This verification resumes when the unified ISSU operation is completed. Copyright © 2010, Juniper Networks, Inc.

  • Page 147: Port Data Rate Monitoring Cessation

    NOTE: Because of this limitation on DoS functionality, we recommend that you do not initiate unified ISSU until all suspicious control flows, protocols, and priorities have been resolved. Copyright © 2010, Juniper Networks, Inc.

  • Page 148: Unexpected Ethernet Behavior During Unified Issu

    ISSU is completed. VLAN Statistics Monitoring Halts Unified ISSU Progress A unified in-service software upgrade cannot proceed if VLAN statistics monitoring is in progress. Related Application Support for Unified ISSU on page 115 Documentation Copyright © 2010, Juniper Networks, Inc.

  • Page 149: Unexpected File Transfer Protocol Server Behavior During Unified Issu

    ISSU and whether the router hardware and software meet the required criteria, issue the show issu detail command. host1#show issu detail ISSU state: idle ISSU description: ISSU is currently idle criteria met: No, upgrade error(s) found running release: dtnguyen.rel armed release: dtnguyen.rel Copyright © 2010, Juniper Networks, Inc.
  • Page 150 ISSU performs fails. Unified ISSU does not proceed until the active file transfer operations are terminated. Issue the ftp-server flush command to forcibly terminate all FTP sessions. host1#show ftp-server FTP Server state: enabled, 1 open connections Statistics since server was last started: attempts: 3 Copyright © 2010, Juniper Networks, Inc.

  • Page 151: Is-Is Effects On Graceful Restart And Network Stability During Unified Issu

    Configuring Graceful Restart Before Unified ISSU Begins You must configure IS-IS graceful restart on the router and on all IS-IS neighbors before you begin the unified in-service software upgrade. When the unified ISSU process verifies Copyright © 2010, Juniper Networks, Inc.

  • Page 152: Configuring Graceful Restart When Bgp And Ldp Are Configured

    When traffic engineering has been configured, the traffic engineering metrics are also increased. New tunnels are not established through the upgrading router and any tunnels undergoing re-optimization in other routers go around the upgrading router. Copyright © 2010, Juniper Networks, Inc.

  • Page 153: Unexpected L2Tp Failover Of Established Tunnels During Unified Issu

    In the absence of this configuration, the connection at the LAC and LNS is left as logged in for an extended period of time following the upgrade. Related Application Support for Unified ISSU on page 115 Documentation Copyright © 2010, Juniper Networks, Inc.

  • Page 154: Ospf Effects On Graceful Restart And Network Stability During Unified Issu

    ISSU displays the recommended dead interval in a warning message. For information about the expected forwarding outage, see “Interruption in Traffic Forwarding for Layer 3 Routing Protocols During Unified ISSU” on page 135 Copyright © 2010, Juniper Networks, Inc.

  • Page 155: Routing Around The Restarting Router To Minimize Network Instability

    PIM network if an interface on another router in that network has a higher priority. Related Application Support for Unified ISSU on page 115 Documentation ip pim dr-priority Copyright © 2010, Juniper Networks, Inc.

  • Page 156: Issu

    (OC3/OC12) do not get rebooted. NOTE: The unified ISSU process for the channelized APS IOAs has not been modified. The channelized APS IOAs are rebooted during a unified in-service software upgrade. Copyright © 2010, Juniper Networks, Inc.

  • Page 157: Unexpected T3 Behavior During Unified Issu

    Interruption in Traffic Forwarding for Layer 3 Routing Protocols During Unified ISSU The routing protocols are affected by two interruptions in traffic forwarding caused by the unified in-service software upgrade during the upgrade phase. Copyright © 2010, Juniper Networks, Inc.

  • Page 158: Table 21: Behavior Of Routing Protocols During A Unified In-Service Software

    BGP sends out keepalive messages immediately before and immediately after both the SRP module switchover and the forwarding plane restart, independent of the interval since it last sent them. IS-IS If necessary, temporarily lengthens the hello timers. Copyright © 2010, Juniper Networks, Inc.
  • Page 159 PIM, you can set the priority for the router interface to zero to ensure that the upgrading router is not selected as a designated router. Related Application Support for Unified ISSU on page 115 Documentation Copyright © 2010, Juniper Networks, Inc.

  • Page 160: Interruption In Traffic Forwarding For Layer 3 Routing Protocols During Unified

    In this event, adjust the timer interval as advised by the message. For information about the expected forwarding outage, see “Interruption in Traffic Forwarding for Layer 3 Routing Protocols During Unified ISSU” on page 135. Copyright © 2010, Juniper Networks, Inc.

  • Page 161: Upgrading Router Software With Unified Issu

    Application Support for Unified ISSU on page 115 Documentation Upgrading Router Software with Unified ISSU To upgrade your router software by means of unified ISSU, perform the following steps. Disable autosynchronization. host1(config)#disable-autosync Copy the new release to the router. Copyright © 2010, Juniper Networks, Inc.
  • Page 162 The NVS file systems of the two SRP modules are unsynchronized because the redundant SRP module rebooted. host1#synchronize Reenable autosynchronization. host1(config)#no disable-autosync (ERX1440 only) Configure the ERX1440 license key. host(config)#license issu xyz123abc License for ISSU configured. Copyright © 2010, Juniper Networks, Inc.
  • Page 163 You can also verify the status of the SRP modules and line modules, as well as the running and armed releases. host1#show version Related issu initialize Documentation issu start issu stop license issu Copyright © 2010, Juniper Networks, Inc.

  • Page 164: Halt Of Unified Issu During Initialization Phase Overview

    (the upgrade release). Verify that stateful SRP switchover is enabled. host1#show redundancy Related Halt of Unified ISSU During Initialization Phase Overview on page 142 Documentation Copyright © 2010, Juniper Networks, Inc.

  • Page 165: Halt Of Unified Issu During Upgrade Phase Overview

    SRP module running the original release, you must perform the following steps to arm the redundant SRP module with the running release: Turn off auto synchronization. host1(config)#disable-autosync Specify that the router use the running release when it reboots. host1(config)#boot system erx_x-y-z.rel Copyright © 2010, Juniper Networks, Inc.

  • Page 166: Monitoring The Status Of The Router During Unified Issu

    ISSU verification criteria that lists mandatory and conditional criteria that have not been met, the impact of this status, and the remedy as reported by router applications and system components that participate in the in-service software upgrade: Copyright © 2010, Juniper Networks, Inc.
  • Page 167 Remedy: If not standby, Wait for card to come online before proceeding -> Problem: Card not disabled or not online: Slot 8, CT3-12, 0/ Conditional Reporting Slot: 6 Impact: If you continue, the card will immediately be reset Copyright © 2010, Juniper Networks, Inc.

  • Page 168: Table 23: Show Issu Output Fields

    NOTE: All criteria must be “yes” for unified ISSU to be active. Configuration conversion support Criteria required for unified ISSU activation. Possible ready? values: Yes, No, Conditional. NOTE: All criteria must be “yes” for unified ISSU to be active. Copyright © 2010, Juniper Networks, Inc.
  • Page 169 The reason why the criteria for unified ISSU activation is not met. Reporting Slot Slot where the issue occurred. Impact What happens if you continue with the upgrade. Remedy What you can do to fix the Problem. Related show issu Documentation Copyright © 2010, Juniper Networks, Inc.
  • Page 170 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 171: Configuring Vrrp

    JunosE System Basics Configuration Guide, is different from what is implied by VRRP. In this chapter, the term virtual router always refers to a VRRP router; that is, a router that has enabled VRRP. Copyright © 2010, Juniper Networks, Inc.

  • Page 172: Vrrp Platform Considerations

    See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications. See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support VRRP. Copyright © 2010, Juniper Networks, Inc.

  • Page 173: Vrrp Terms

    NOTE: We recommend that you have some background understanding of the Address Resolution Protocol (ARP) before you configure VRRP. See Address Resolution Protocol in the JunosE IP, IPv6, and IGP Configuration Guide. RFC 3768—Virtual Router Redundancy Protocol (VRRP) (April 2004) Copyright © 2010, Juniper Networks, Inc.

  • Page 174: Vrrp Implementation In E Series Routers

    VRRP Router Election Rules If the master router becomes unavailable, the following rules govern election of the master router: The backup router assigned the highest priority for each VRID becomes the master router. Copyright © 2010, Juniper Networks, Inc.

  • Page 175: Example: Basic Vrrp Configuration

    10.0.0.1, depending on the accept-data configuration. When R1 becomes active again, it takes over as the master router and R2 reverts to the backup router. The VRRP MAC address is always 00-00-5e-00-01-vrid. The valid VRID range is 0x01–0xFF. Copyright © 2010, Juniper Networks, Inc.

  • Page 176: Example: Commonly Used Vrrp Configuration

    Figure 7 on page 155 shows two physical routers backing up each other through VRRP. Routers R1 and R2 are both configured with VRID 1 and VRID 2. In this configuration, under normal circumstances the routing load is distributed between the two routers. Copyright © 2010, Juniper Networks, Inc.

  • Page 177: Example: Vrrp Configuration Without The Real Address Owner

    Figure 8 on page 156 is noticeably similar to Figure 7 on page 155 except that the addresses configured by the VRIDs have no real owner. Consequently, both routers R1 and R2 are configured as backup routers for VRID 1, VRID 2, VRID 3, and VRID 4. Copyright © 2010, Juniper Networks, Inc.

  • Page 178: Before You Configure Vrrp

    When the IP address belongs to the owner of the VRID, you must associate the IP address with the VRID that you create. To configure the IP interface for VRRP: Configure an IP interface. Copyright © 2010, Juniper Networks, Inc.

  • Page 179: Configuring Vrrp

    (Optional) Enable the backup router to learn the VRRP advertisement interval. host1(config-if)#ip vrrp 22 timers-learn (Optional) Specify that the backup router can process packets with an IP destination address of the virtual address. host1(config-if)#ip vrrp 22 accept-data Copyright © 2010, Juniper Networks, Inc.
  • Page 180 VRRP Overview on page 149 VRRP Implementation in E Series Routers on page 152 ip vrrp ip vrrp accept-data ip vrrp advertise-interval ip vrrp authentication-key ip vrrp authentication-type ip vrrp enable ip vrrp preempt ip vrrp priority Copyright © 2010, Juniper Networks, Inc.

  • Page 181: Changing The Object Priority

    N/A interval: 1 second Learning timer mode: disabled last error status: no error priority: 100 ( admin priority: 100 ) auth type: none preemption: enabled accept data: disabled Copyright © 2010, Juniper Networks, Inc.

  • Page 182: Table 25: Show Ip Vrrp And Show Ip Vrrp Summary Output Fields

    Administrative status: enabled or disabled. up time Number of seconds that the VRID has been enabled in non-init state interval VRRP advertisement interval in seconds or milliseconds Copyright © 2010, Juniper Networks, Inc.
  • Page 183 Number of IP interfaces using VRRP entries Total number of entries entries enabled Number of enabled entries entries with owner priority Number of entries with an owner priority entries in init state Number of entries in an initialization state Copyright © 2010, Juniper Networks, Inc.

  • Page 184: Monitoring The Configuration Of Vrrp Neighbors

    Action To display information about all known neighbors to the VRRP routers: host1#show ip vrrp neighbor Interface: fastEthernet5/0.0 vrrpVrid: 1 time discovered: 08/09/2001 07:44 primary address: 10.0.0.1 adv interval (sec): 1 Copyright © 2010, Juniper Networks, Inc.

  • Page 185: Monitoring The Statistics Of Vrrp Routers

    Display global statistics, interface statistics, or statistics per interface and VRID of configured VRRP routers. Action To display the statistics per interface: host1#show ip vrrp statistics interface fastEthernet 4/0 Globals: checksumErrors: 0 versionErrors: 0 vrIdErrors: 1 iccErrors: 0 Copyright © 2010, Juniper Networks, Inc.
  • Page 186 To display the global statistics of a VRRP router: host1#show ip vrrp statistics global Globals: checksumErrors: 0 versionErrors: 0 vrIdErrors: 0 iccErrors: 0 txErrors: 0 rxErrors: 0 Meaning Table 27 on page 165 lists the show ip vrrp statistics command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 187: Table 27: Show Ip Vrrp Statistics Output Fields

    Total number of VRRP packets received with an invalid value in the Type field addressListErrors Total number of VRRP packets received for which the address list does not match the locally configured list for the VRID Copyright © 2010, Juniper Networks, Inc.

  • Page 188: Monitoring The Configuration Of Vrrp Tracked Objects

    VRRP router instance configured on the interface Priority Priority of the VRRP router. If the priority value is 255, then the VRRP router is the master. Object Name of the object being tracked Type Type of object being tracked Copyright © 2010, Juniper Networks, Inc.
  • Page 189 Table 28: show ip vrrp tracked-objects Output Fields (continued) Field Name Field Description State State of the object Decrement Value by which the priority is decremented or restored following an object state change Related Changing the Object Priority on page 159 Documentation Copyright © 2010, Juniper Networks, Inc.
  • Page 190 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 191: Managing Interchassis Redundancy

    ICR accomplishes this by re-creating subscriber sessions on the backup router that were originally terminated on the failed router. In this way, ICR enables you to completely recover from router failure. ICR uses Copyright © 2010, Juniper Networks, Inc.

  • Page 192: Figure 9: Icr Deployment

    ERX1440 router, or use an ERX1440 router with a GE-HDE LM as a backup for subscribers on an E120 or E320 router. However, you must keep in mind the hardware scaling limitations when you configure an ICR cluster containing both E320 routers and ERX routers. Copyright © 2010, Juniper Networks, Inc.

  • Page 193: Icr Platform Considerations

    IOA bay (E120 router) and the upper IOA bay (E320 router); adapter 1 identifies the left IOA bay (E120 router) and the lower IOA bay (E320 router). For example, the following command specifies a10-Gigabit Ethernet interface on slot 5, adapter 0, port 0 of an E320 router. Copyright © 2010, Juniper Networks, Inc.

  • Page 194: Icr Terms

    ICR Scaling Considerations When planning an ICR cluster you must ensure that you have provisioned adequate backup capacity in the event of a worst-case failure scenario such as a multiple hardware or multiple router failure. Copyright © 2010, Juniper Networks, Inc.

  • Page 195: Managing Interchassis Redundancy

    This information is sent in the authentication request via the RADIUS protocol to the RADIUS server. In response, the RADIUS server grants or denies the request. Copyright © 2010, Juniper Networks, Inc.
  • Page 196 ICR partition is configured or the virtual router on which the corresponding ICR interface is configured. You can optionally configure duplicate or broadcast AAA accounting on a virtual router, which sends the accounting information to additional virtual router simultaneously, so Copyright © 2010, Juniper Networks, Inc.

  • Page 197: Icr Partition Accounting Overview

    ICR partition on a virtual router. When you configure an ICR partition, you configure the interface on which the ICR partition resides and create a unique VRRP instance to manage the partition. To configure an ICR partition: Copyright © 2010, Juniper Networks, Inc.

  • Page 198: Configuring The Interface On Which The Icr Partition Resides

    3/5/0 host1(config-if)# Specify VLAN as the encapsulation method to create the VLAN major interface. host1(config-if)#encapsulation vlan Create a VLAN subinterface by adding a subinterface number to the interface identification number. host1(config-if)#interface gigabitEthernet 3/5/0.10 Copyright © 2010, Juniper Networks, Inc.

  • Page 199: Configuring Vrrp Instances To Match Icr Requirements

    (Optional) Configure additional VRRP instances by completing Steps 1 through 4, using unique numbering. Related VRRP Overview on page 149 Documentation ip vrrp ip vrrp enable ip vrrp priority ip vrrp timers-learn ip vrrp virtual-address Copyright © 2010, Juniper Networks, Inc.

  • Page 200: Naming Icr Partitions

    ARP (GARP) advertisements when the ICR partition moves from the backup state to the master state. To group ICR subscribers based on S-VLAN IDs: Specify svlan as the grouping type. host1(config-if)#ip vrrp 1 icr-partition group svlan Copyright © 2010, Juniper Networks, Inc.

  • Page 201: Grouping Icr Subscribers Based On Vlan Ids

    Use the control-interface keyword to control the state of the corresponding subinterfaces (up/AdminDown) based on the state of the partition (master or backup). If the subinterfaces are part of the backup partition, the router changes the state of all the subinterfaces to AdminDown. Copyright © 2010, Juniper Networks, Inc.

  • Page 202: Example: Configuring Icr Partitions That Group Subscribers By S-Vlan Id

    You can then create a new VRRP instance to manage the ICR partition. The value you assign to the priority keyword determines the state of the ICR partition. Configure the interface on which the ICR partition resides. host1 (config)#interface gigabitEthernet 3/5 Copyright © 2010, Juniper Networks, Inc.
  • Page 203 (config-if)#ip vrrp 1 priority 100 host2 (config-if)#ip vrrp 1 timers-learn host2 (config-if)#ip vrrp 1 enable Create and identify the ICR partition. host2 (config-if)#ip vrrp 1 icr-partition part1Backup Group subscribers based on S-VLAN IDs. Copyright © 2010, Juniper Networks, Inc.

  • Page 204: Using Radius To Manage Subscribers Logging In To Icr Partitions

    For more information on enabling or disabling sending of partition accounting messages to RADIUS servers configured on a virtual router, see the Configuring RADIUS Attributes chapter in the JunosE Broadband Access Configuration Guide. Copyright © 2010, Juniper Networks, Inc.

  • Page 205: Monitoring The Configuration Of An Icr Partition Attached To An Interface

    ICR partition moves to the Dormant state. The dormant ICR partition does not accept subscriber login requests. NOTE: The state of the ICR partition depends on the associated VRRP instance. Copyright © 2010, Juniper Networks, Inc.

  • Page 206: Monitoring The Configuration Of Icr Partitions

    Monitoring the Configuration of ICR Partitions Purpose Display information about ICR partitions and their status. Action To display information about all ICR partitions: host1#show icr-partitions Interface-Location Vrrp-Id State Partition-ID ----------------------------------------------------------------------- 3/5/0.2 *Backup part20A Copyright © 2010, Juniper Networks, Inc.

  • Page 207: Table 31: Show Icr-Partitions Output Fields

    Table 31 on page 185 lists the show icr-partitions command output fields. Table 31: show icr-partitions Output Fields Field Name Field Description Interface-Location Interface Identifier or location identifier of the ICR partition. Vrrp-Id VRRP identifier of the VRRP instance associated with the ICR partition. Copyright © 2010, Juniper Networks, Inc.
  • Page 208 Number of master ICR partitions configured on the router. Total ICR Partitions Total number of ICR partitions configured on the router. Related Configuring the Interface on Which the ICR Partition Resides on page 176 Documentation show icr-partitions Copyright © 2010, Juniper Networks, Inc.

  • Page 209: Index

    PART 2 Index Index on page 189 Copyright © 2010, Juniper Networks, Inc.
  • Page 210 JunosE 11.3.x Service Availability Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 211: Index

    JTAC..............xxi when a switchover occurs warm restart of standby module....87 Copyright © 2010, Juniper Networks, Inc.
  • Page 212 LNS device, stateful switchover....72 slot.................80 drop events forwarding controller database on egress queues mapping of the slot ID, stream ID, and traffic not preserving across stateful switchover class................80 of LMs..............72 Copyright © 2010, Juniper Networks, Inc.
  • Page 213 ICR Partition Options activating advertise-mac............179, 180 launching Redundancy Configuration control-interface ..........179, 180 mode..............88 group option............178, 180 specifying slots of primary and secondary use-default-mac ..........179, 180 modules...............88 activating guidelines.............87 deactivating..............89 deactivating guidelines..........89 Copyright © 2010, Juniper Networks, Inc.
  • Page 214 See stateful line Interim-Acct messages module switchover ICR Partition ID VSA.............174 line module high availability states IOA slots active..................84 and SRP module combination disabled................84 compatible with stateful line module initializing................84 switchover............70 Copyright © 2010, Juniper Networks, Inc.
  • Page 215 LNS devices....70 policy definitions not stored in......79 supported module and IOA transmission of policy attachments from SRP combinations.............70 to LM in a bulk manner............79 Copyright © 2010, Juniper Networks, Inc.
  • Page 216 ES2 4G LM stateful switchover to secondary handled by access module.......80 module..............69 echo requests for sessions on failed module subscriber disconnection for two redirection to a different hardware....80 minutes..............69 Copyright © 2010, Juniper Networks, Inc.
  • Page 217 See line module redundancy preservation of active sessions SRP module. See SRP module redundancy after a stateful switchover........69 Copyright © 2010, Juniper Networks, Inc.
  • Page 218 28 connection manager..........79 show redundancy............56 forwarding controller...........79 show redundancy clients..........59 interchassis control protocol......79 Copyright © 2010, Juniper Networks, Inc.
  • Page 219 LMs in an L2TP insertion of new secondary module....72 tunnel..............70 maximum PPP sessions on primary L2TP tunnels and sessions supported..70 module..............72 with the router as an LNS in an L2TP tunnel..............70 Copyright © 2010, Juniper Networks, Inc.
  • Page 220 ONLINE LED............95 sessions...............68 REDUNDANT LED..........95 reestablishment of client status LEDs, monitoring............22 connections............68 subscriber sessions restart of line modules........68 preservation of active during stateful line module switchover............68 support, technical See technical support Copyright © 2010, Juniper Networks, Inc.
  • Page 221 TACACS+ support............135 VLAN statistics.............126 terms.................106 FTP support..............127 timer settings for routing protocol timers...138 halting during initialization........142 upgrade phase............107, 110 halting during upgrade..........143 exceptions...............110 line module control plane.........110 line module forwarding plane upgrade..............110 process steps............110 Copyright © 2010, Juniper Networks, Inc.
  • Page 222 157 router election rules.............152 router priority..............157 VLAN support..............149 VRRP router defined ............151 vrrp commands ip vrrp.................157 ip vrrp accept-data............157 ip vrrp advertise-interval..........157 ip vrrp authentication-key.........157 ip vrrp authentication-type........157 ip vrrp enable..............157 ip vrrp preempt..............157 Copyright © 2010, Juniper Networks, Inc.

This manual is also suitable for:

Junose 11.3

Table of Contents