Security

last person joined: 2 days ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.

  • 1.  Monitoring a route - Generating alert

    Posted 08-31-2016 14:46

    So, I wasn't sure the best place to post this question, since it's not really automation, and not really routing, but I'm trying to generate alert when a route is lost. I'm learning a default route from two BGP peers and tracking BGP state directly is not a suitable solution for this environment. I would like to track the existence of a 0/0 route learned from a particular peer. I'm using solarwinds. I have the 0/0 route from this peer copied to a 2nd routing-instance using a rib-group, so I can't check for the availability of the route in the isolated instance to generate an alert if that's possible. Or generate an alert based on BGP Update messages? 

     

    Is there a good way to go about this someone can fill me in on.



  • 2.  RE: Monitoring a route - Generating alert
    Best Answer

     
    Posted 09-01-2016 02:58

    Hi,

     

    Maybe using snmp polling querying inetCidrRoute entries:

    show snmp mib walk inetCidrRouteEntry | match 0.0.0.0

    Example:
    > show snmp mib walk inetCidrRouteProto.1.4.0.0.0.0.0
    inetCidrRouteProto.1.4.0.0.0.0.0.2.0.0.1.4.172.16.0.2 = 14

    inetCidrRouteProto 14 = BGP

    Next-hop = 172.16.0.2

    https://contentapps.juniper.net/mib-explorer/search.jsp#object=inetCidrRouteEntry&product=Junos%20OS&release=15.1R4

     

    or ipCidrRoute entries:

    > show snmp mib walk ipCidrRouteEntry

> show snmp mib walk ipCidrRouteStatus.0.0.0.0
ipCidrRouteStatus.0.0.0.0.0.0.0.0.0.172.16.0.2 = 1

    Possibly snmp traps can also be generated using event-options.

     

    Hope this helps.

    Cheers,

    Ashvin

     



  • 3.  RE: Monitoring a route - Generating alert

    Posted 09-01-2016 11:08

    Thanks! That sounds like the right track.



  • 4.  RE: Monitoring a route - Generating alert

    Posted 09-01-2016 11:28

    One more question, using the syntax provided I can see the 0/0 route for my default routing-instance, can you show an example choosing a specific table?

     

    Sorry my SNMP is not that great



  • 5.  RE: Monitoring a route - Generating alert

     
    Posted 09-05-2016 01:58

    Hi, 

     

    I am not sure this is possible for other routing-tables with instance-type virtual-router for example:

    "For routing table objects, only those associated with the default routing instance are exposed."

    http://www.juniper.net/techpubs/en_US/junos15.1/topics/concept/understanding-snmp-support-for-routing-instances-junos-nm.html

     

    For MPLS L3VPNs, I believe the OID mplsL3VpnVrfRteEntry can be used:

    https://contentapps.juniper.net/mib-explorer/search.jsp#object=mplsL3VpnVrfRteEntry&product=Junos%20OS&release=16.1R1

     

    Cheers,

    Ashvin