SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  load sharing default routes vs rpm probe and ip monitor

    Posted 04-05-2016 11:11

    I was kind of baffled by a S2J translation of two seperate default routes that  combined into one.. Having two with seperate preferences was intended to work with track-ip, but now I'm not sure what it will do. 

     

    ScreenOS

    -------------

    set route 0.0.0.0/0 interface ethernet2/6 gateway 2.2.2.2 preference 25
set route 0.0.0.0/0 interface ethernet1/4 gateway 1.1.1.1 preference 15

    JUNOS translation (doesn't care about interfaces now, that I get)

    -----------

    route 0.0.0.0/0 {
next-hop [ 1.1.1.1 2.2.2.2 ];
preference 15;
}

    From what I read this is prefix IP round robin load sharing but ... what does that mean exactly?  http://forums.juniper.net/t5/SRX-Services-Gateway/default-route-with-two-next-hop/td-p/28214

     

    I only want to use next-hop 1.1.1.1 unless if its completely down .. to which I learned I can do with rpm probe and ip monitor .. https://kb.juniper.net/InfoCenter/index?page=content&id=KB22052&actp=search

     

    ... but doesn't it need the default routes to be there as well? Am I thinking too hard about this, or am I completely off the mark here? Thanks for any help!

     

    (addition)

     

    Is it perhaps this?

    route 0.0.0.0/0 {
    qualified-next-hop 1.1.1.1 {
        preference 15;
    }
    qualified-next-hop 2.2.2.2 {
        preference 25;
    }
}

     



  • 2.  RE: load sharing default routes vs rpm probe and ip monitor
    Best Answer

     
    Posted 04-05-2016 19:45

    Hello ,

     

    I see that we have 2 situations and I am not clear about what exactly is your requirment so I will explain them both .

     

    1) If you are looking load balancing , then YES you need 2 default routes with same prefenrence value so that we can have loaad balancing based on "PER SESSION"  and not per packet as seen in the configuration . In Configuration it say per packet , but its actually per session in SRX ( Since SRX is session based )  . For this you can refer :

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB23417&actp=search

     

    2) If you have 2 routes with 2 different priorities , like you have mentioned :

     

    route 0.0.0.0/0 {
    qualified-next-hop 1.1.1.1 {
    preference 15;
    }
    qualified-next-hop 2.2.2.2 {
    preference 25;
    }
    }

     

    By the was this configuration is correct .

     

    In this case you have primary route as 1.1.1.1 always and once this fails , it will switch to 2.2.2.2 . If this is your requirment , then the above configuration is correct  and you can implement  IP monitoring for route failover .

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB25052&actp=search%C2%A0

     

     

    But the following configuration is incorrect as this configuration applies same preference value to both route :

     

    route 0.0.0.0/0 {
    next-hop [ 1.1.1.1 2.2.2.2 ];
    preference 15;
    }

     

    So this will be applied if you need to have loadbalancing as mentioned in point number 1 .  I hope its clear for you .

     



  • 3.  RE: load sharing default routes vs rpm probe and ip monitor

    Posted 04-06-2016 06:18

    sweet! thank you for clearing it up..

     

    I guess in a way I figured it out but I still was not 100% sure I got it correct (I stumbled upon someone elses example that just happened to appy).

     

    S2J conversion assumed I wanted to load balance, but I definately did not want to do that. Now that this piece is done I certainly now have to configure RPM probe and IP Monitor so it fails over under certain conditions. thank you so much for the help!