SRX

Hi all,

I'm already check on juniper pathfinder and it said the RPM not support on SRX5k series. So any other alternative that i can do RPM for failover scenario same like SRX1500?

https://kb.juniper.net/InfoCenter/index?page=content&id=KB22052&actp=search&viewlocale=en_US&searchid=1350650857447

Thanks and appreciate your feedback

Hi Kronicklez,

Please be informed that RPM probes are supported with SRX Highend series devices but IP-monitoring with Route failover is not supported.

As an alternative, you can use event-options to push the routes into the routing table when the probe fails - https://kb.juniper.net/InfoCenter/index?page=content&id=KB35533&actp=METADATA

Hi Noobmaster,

Is it anything i need to fine tune if i'm use FBF method based on url that u given? Also i'm use both default route? If i look config below it look like show to RPM?

services {
rpm {
probe Failover-ISP1 {
test probe-failover {
probe-type icmp-ping;
target address 30.30.86.1;
probe-count 5;
probe-interval 1;
test-interval 5;
thresholds {
successive-loss 10;
total-loss 3;
}
destination-interface reth2.10;
##
## Warning: statement ignored: unsupported platform (srx5400)
##
next-hop 30.30.86.1;
}
}
probe Failover-ISP2 {
test probe-failover {
probe-type icmp-ping;
target address 20.20.86.1;
probe-count 5;
probe-interval 1;
test-interval 5;
thresholds {
successive-loss 10;
total-loss 3;
}
destination-interface reth2.20;
##
## Warning: statement ignored: unsupported platform (srx5400)
##
next-hop 20.20.86.1;
}
}
}
}

Thanks and appreciate your feedback

Hi Kronicklez,

I think implementing FBF which includes Routing-Instance with event-options is a long shot. I never tried but think it should work.

1. Configuring Routing-Instance and separate default routes.

2. Performing route import/export between the instances.

3. Configuring RPM with probe targets.

4. Using event-options to deactivate ISP-1 route when it is down and activating when its back.

I may missed few steps in between because I never tried with this combination.

Hi Noobmaster/all,

I check all the example using RPM and it look like the "next-hop" is mandatory. But on SRX5400 not support "next-hop", so any workaround of this?

rpm {

    probe Failover-ISP1 {

        test probe-failover {

            probe-type icmp-ping;

            target address 20.20.86.1;

            probe-count 5;

            probe-interval 1;

            test-interval 5;

            thresholds {

                successive-loss 10;

                total-loss 3;

            }

            destination-interface reth2.10;

            ##

            ## Warning: statement ignored: unsupported platform (srx5400)

            ##

            next-hop 20.20.86.1;

        }

    }

Thanks and appreciate any feedback

Hello Kronicklez,

The next-hop statement is optional; since you specified the destination-interface, the probes will exit through that interface. For more information, please check this KB article - https://kb.juniper.net/InfoCenter/index?page=content&id=KB25052

So, please remove the next-hop statement and continue to implement the rest of the configuration. Also, I stumbled upon one of the old posts, maybe it might be helpful for you - https://forums.juniper.net/t5/Configuration-Library/SRX-Default-Route-Failover-RPM-Script/td-p/64023

Hi Noobmaster,

Thanks for  the URL. I'm reading the URL given but still not sure how to make it integrate with my setup FBF + Event-Option + ISP dual failover just using event-option due to SRX5400 not support "ip-monitoring". Most of the example is using RPM + IP-Monitoring + FBF.

https://rtodto.net/dual-isp-failover-with-rpm-ip-monitoring/

Thanks