Application Acceleration
Highlighted
Application Acceleration

How to configure off-path deployment on WXC with M-series Juniper router

‎10-01-2009 05:29 AM

Hi guys,

 

I want to do POC for WXC with off-path deployment and HA active/active or active/passive

 

The topology is: HO has one router and also the branch office.

 

Router in HO is M10 juniper router and WXC will connect to this router to do off-path (2 wxc device) with HA active/active or active/passive scenario.

 

I just have off-path guide with cisco router, but i dont have off-path guide with M10 juniper router.

 

could you give me guide for this purpose ASAP??

 

Thanks

 

Andre

 

 

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
12 REPLIES 12
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-01-2009 02:35 PM

Some questions first:

- do you plan to use WXC with External or RIP Packet Redirection methods? WCCP is not available on Juniper routers

- do you plan to put WXC Local interfaces inside VRF?

- what is your WXC failure detection tolerance?

Rgds

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-01-2009 08:15 PM

Hi Alex,

 

answer your question:

 

- I want to use external/PBR method

- usually when install off-path with cisco router, i put WXC local interface to the cisco router and use external/policy-based routing   method. I dont know in juniper router using VRF. is it the same?

- actually i will do POC using 2 scenario: active/active and active passive

  • in active/active mode : The router can redirect the traffic to the two WX Series/WXC Series ( load balancing), but when primary one fails,  router can automatically detec the failure and redirect to the second active WX/WXC. But when primary comes active again, router automatically detect it and forward traffic to primary one.
  • in active/passive mode: router redirect traffic to the second WX Series/WXC Series in the event the primary one fails

 

could you give me guide for doing this POC ASAP....

 

Thanks a lot

 

Regards,

 

Andre

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-02-2009 03:33 AM

I would not recommend using PBR (Juniper equivalent is called FBF) for HA POC. I think you'll find it much easier to use RIP for HA configs - just tweak the RIP import policy and adjust RIP metric to achieve load-balance and auto-failover.

In any case, if you still want to use FBF, here is the rough guide:

- connect WXC local interface to a Juniper router, give WXC and IP address

- make sure WXC IP@ are reachable throughout your network

- create a firewall filter with match on interesting traffic and action "then routing-instance <FBF instance name>"

- apply this FW filter to the interface connected to the LAN where traffic sources/sinks reside

- create a forwarding routing-instance, add 0/0 static route to this routing-instance pointing to WXC IP

- configure a rib-group to add connected routes into forwarding-instance you just created

 

The challenges with FBF and HA are:

- how to properly adjust FBF to achieve seamless failover in case WXC IP becomes unreachable but WXC Local interface stays up. RIP would do this automagically 

- how to load-balance incoming-to-WXC traffic (for active-active HA). WIth RIP you could manipulate routes and metrics to achieve per-subnet load-balance. This is harder to do with FBF and typically requires manual FW filter reconfiguration.

 

Good luck with your POC.

 

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-02-2009 05:04 AM

Hi,

 

Based on your recomendation, i will follow your advice to using RIP instead of FBF, as your said that RIP is easier than FBF configuration in HA deployment. I will try using RIP for WXC HA deployment.

 

 

Thank you for your advice..

 

Regards,

 

Andre

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-06-2009 03:26 AM

Hi aarseniev,

 

I already tried using FBF, but confused in failover WXC active/passive depolyment. If primary WX/WXC fails, WX/WXC backup unit will cover and becomes active. I dont know to make failover mechanism in J-series router. any idea?

 

if using RIP, do you have guide for the configuration in Router Juniper?

 

Need help ASAP.

 

Thank you 

 

Andre

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-12-2009 09:18 AM

Andre,

 

We are currently owrking on getting a document together covering FBF and failover usinging scripting, we can hoepfully share something with you around this soon.

Danny Jump
Technical Marketing Manager - Access and Acceleration Business Unit
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎10-12-2009 10:29 PM

Hi Danny, 

 

Ok, I will wait for a document soon, because  i want to do POC for this scenario soon.

 

 

Thank  you Danny,

 

Andre

 

 

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎08-25-2010 03:15 AM

Hi Danny,

 

 

Do you already have the document that you told me in the last time before?

 

Thanks

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Highlighted
Application Acceleration
Solution
Accepted by topic author andre
‎08-26-2015 01:27 AM

Re: How to configure off-path deployment on WXC with M-series Juniper router

[ Edited ]
‎08-25-2010 11:13 PM

Andre

 

Attached you will find the document Danny was talking about. It features a EX switch as the L3 device using FBF, but same approach would apply to M/MX routers.

 

I'm currently working on a document covering RIP injection which should be done in a couple of weeks.

 

 

Regards,
Johan

Attachments

Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎08-26-2010 08:30 AM

Hi Johan,

 

Thank you for the document using FBF.

 

If you have finishing your document using RIP, please share to mee too.

 

Thanks

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎09-16-2010 09:53 AM

Hi

 

Enjoy!

Regards,
Johan

Attachments

Highlighted
Application Acceleration

Re: How to configure off-path deployment on WXC with M-series Juniper router

‎09-20-2010 01:58 AM

Hi,

 

Thanks

 

Regards,

 

Andre

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Feedback