[j-nsp] backup RE and default-address-selection question

Michael Hare michael.hare at wisc.edu
Wed Sep 2 21:54:48 EDT 2015


I've observed this behavior on MX104 in both 13.3R4.6 and 14.1R5.5, without or without nonstop routing [rpd running on backup RE].  In general I avoid ISSU and we don't always force failover from RE1 to RE0 after maintenance, so RE1 isn't always our backup RE.  For now I am using "syslog host $host log-prefix" under re0/re1.

If I one day pursue this further with Juniper, I'll report back my findings.

-Michael

> -----Original Message-----
> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
> Of Chris Hellberg
> Sent: Wednesday, September 02, 2015 6:10 PM
> To: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] backup RE and default-address-selection question
> 
> Docs seem to indicate that the source IP of host-initiated traffic is
> the fxp0 interface when you set default-address-selection and the egress
> interface is fxp0. Lo0 is used if traffic goes out a routed interface
> (e.g. when doing inline management).
> 
> http://www.juniper.net/documentation/en_US/junos13.2/topics/reference
> /configuration-statement/default-address-selection-edit-system.html
> 
> If not, may be a bug; what's your code version?
> 
> Another option that springs to mind and that's to put the [edit system
> syslog] source-address value of fxp0 of RE1 under your re1 apply-group.
> That may supersede default-address-selection.
> 
>  /Chris
> 
> On Mon, Aug 31, 2015, at 06:40 PM, Michael Hare wrote:
> > Hello-
> >
> > I know there have been a million threads on this topic, but I don't see
> > this particular variant being discussed.
> >
> > To date we have managed our Juniper devices inline [via lo0, default
> > address selection] instead of via fxp.  However, I would like to collect
> > syslogs from backup RE so I have begun connecting re0 and re1 fxp0
> > interfaces and using backup-router/inet6-backup-router via re0/re1 groups
> > with the master-only flag for basic IP connectivity and monitoring.
> >
> > I have observed that despite lack of RPD, the backup RE still has all of
> > its interfaces connected [including lo0], and we use
> > default-address-selection, so backup RE sources from lo0 meaning that by
> > IP address I cannot tell if the syslog is coming from master RE or backup
> > RE.
> >
> > Other than resorting to commit scripts, I couldn't figure out a way to
> > continue receiving syslogs from lo0 [via default address selection] from
> > master RE but use backup RE's fxp0 address as source for backup RE
> > traffic.
> >
> > I've read about the alternatives [logical systems, everything else in a
> > vrf].  Not going down that path, I'd rather live with suboptimal if
> > that's the only way.
> >
> > -Michael
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp


More information about the juniper-nsp mailing list