Juniper Contrail Service Orchestration Monitoring Troubleshooting Guide
Contrail Service Orchestration Monitoring
Published
2021-03-27
and Troubleshooting Guide
Release
6.0.0
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, California 94089
USA
408-745-2000
www.juniper.net
Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in
the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks
are the property of their respective owners.
Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right
to change, modify, transfer, or otherwise revise this publication without notice.
Contrail Service Orchestration Monitoring and Troubleshooting Guide
6.0.0
Copyright © 2021 Juniper Networks, Inc. All rights reserved.
The information in this document is current as of the date on the title page.
ii
YEAR 2000 NOTICE
Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related
limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.
END USER LICENSE AGREEMENT
The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with)
Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement
(“EULA”) posted at https://support.juniper.net/support/eula/. By downloading, installing or using such software, you
agree to the terms and conditions of that EULA.
Table of Contents
1
About the Documentation | v
Documentation and Release Notes | v
Documentation Conventions | v
Documentation Feedback | viii
Requesting Technical Support | viii
Self-Help Online Tools and Resources | ix
Creating a Service Request with JTAC | ix
Troubleshooting Contrail Service Orchestration Issues
Identifying Connectivity Issues for Cloud-based Deployments | 2
iii
Identifying Connectivity Issues by Using Ping | 2
Identifying Connectivity Issues by Using Traceroute | 6
Troubleshooting Site Activation Issues for Cloud-based Deployments | 9
Troubleshooting Site Activation Issues | 9
Prerequisites to Activate a Site | 9
Site activation process is stuck in device detected state | 10
Site activation process is stuck in bootstrap state | 10
Site activation process failed in bootstrap state | 10
Site activation process failed during provisioning | 10
Troubleshooting Image, License, and Policy Deployment Issues for Cloud-based
Deployments | 12
Troubleshooting Image, License, and Policy Deployment Issues | 12
Unable to find device image version | 12
Upgrade device image using J-Web | 13
Unable to connect to the device | 13
Device image version is different from the recommended version | 14
Policy deployment failed | 14
No data for next-generation firewall site | 14
No data for SD-WAN site | 15
Traffic from Spoke Sites Are Dropped or Are Not Reaching Internet or Destination | 15
SLA Violation-Original Link Recovered After SLA Violation | 16
All WAN links are Up But Not All Links Are Utilized | 16
Troubleshooting SMTP Issues for Cloud-based Deployments | 17
Troubleshooting SMTP Issues | 17
Basic Configuration for SMTP Server | 17
Troubleshooting Site, Device and Link Issues | 20
Troubleshooting Site, Device, and Link Issues | 20
Secure OAM Activation Failure | 20
Configure SD-WAN Site Failure | 21
Device Activation Failure | 21
Dual-CPE Activation Failure for NFX Series Devices | 22
iv
Dual-CPE Activation Failure for SRX Series Devices | 22
Link Switch Event or Performance Metrics is Not Displayed | 23
WAN Link Performance Parameters are Not Displayed | 23
LTE Interface Issues | 24
About the Documentation
IN THIS SECTION
Documentation and Release Notes | v
Documentation Conventions | v
Documentation Feedback | viii
Requesting Technical Support | viii
Use this guide to monitor CSO infrastructure services and microservices and troubleshoot CSO installation,
login, site activation, license, and deployment-related issues.
v
Documentation and Release Notes
To obtain the most current version of all Juniper Networks®technical documentation, see the product
documentation page on the Juniper Networks website at https://www.juniper.net/documentation/.
If the information in the latest release notes differs from the information in the documentation, follow the
product Release Notes.
Juniper Networks Books publishes books by Juniper Networks engineers and subject matter experts.
These books go beyond the technical documentation to explore the nuances of network architecture,
deployment, and administration. The current list can be viewed at https://www.juniper.net/books.
Documentation Conventions
Table 1 on page vi defines notice icons used in this guide.
Table 1: Notice Icons
vi
DescriptionMeaningIcon
Indicates important features or instructions.Informational note
Caution
Indicates a situation that might result in loss of data or hardware
damage.
Alerts you to the risk of personal injury or death.Warning
Alerts you to the risk of personal injury from a laser.Laser warning
Indicates helpful information.Tip
Alerts you to a recommended use or implementation.Best practice
Table 2 on page vi defines the text and syntax conventions used in this guide.
Table 2: Text and Syntax Conventions
ExamplesDescriptionConvention
Fixed-width text like this
Italic text like this
Represents text that you type.Bold text like this
Represents output that appears on
the terminal screen.
Introduces or emphasizes important
•
new terms.
Identifies guide names.
•
Identifies RFC and Internet draft
•
titles.
To enter configuration mode, type
the configure command:
user@host> configure
user@host> show chassis alarms
No alarms currently active
A policy term is a named structure
•
that defines match conditions and
actions.
Junos OS CLI User Guide
•
RFC 1997, BGP Communities
•
Attribute
Table 2: Text and Syntax Conventions (continued)
vii
ExamplesDescriptionConvention
Italic text like this
Text like this
< > (angle brackets)
| (pipe symbol)
Represents variables (options for
which you substitute a value) in
commands or configuration
statements.
Represents names of configuration
statements, commands, files, and
directories; configuration hierarchy
levels; or labels on routing platform
components.
variables.
Indicates a choice between the
mutually exclusive keywords or
variables on either side of the symbol.
The set of choices is often enclosed
in parentheses for clarity.
Configure the machine’s domain
name:
[edit]
root@# set system domain-name
domain-name
To configure a stub area, include
•
the stub statement at the [edit
protocols ospf area area-id]
hierarchy level.
The console port is labeled
•
CONSOLE.
stub <default-metric metric>;Encloses optional keywords or
broadcast | multicast
(string1 | string2 | string3)
# (pound sign)
[ ] (square brackets)
Indention and braces ( { } )
; (semicolon)
GUI Conventions
Indicates a comment specified on the
same line as the configuration
statement to which it applies.
Encloses a variable for which you can
substitute one or more values.
Identifies a level in the configuration
hierarchy.
Identifies a leaf statement at a
configuration hierarchy level.
rsvp { # Required for dynamic MPLS
only
community name members [
community-ids ]
[edit]
routing-options {
static {
route default {
nexthop address;
retain;
}
}
}
Table 2: Text and Syntax Conventions (continued)
viii
ExamplesDescriptionConvention
Bold text like this
> (bold right angle bracket)
Represents graphical user interface
(GUI) items you click or select.
Separates levels in a hierarchy of
menu selections.
In the Logical Interfaces box, select
•
All Interfaces.
To cancel the configuration, click
•
Cancel.
In the configuration editor hierarchy,
select Protocols>Ospf.
Documentation Feedback
We encourage you to provide feedback so that we can improve our documentation. You can use either
of the following methods:
Online feedback system—Click TechLibrary Feedback, on the lower right of any page on the Juniper
•
Networks TechLibrary site, and do one of the following:
Click the thumbs-up icon if the information on the page was helpful to you.
•
Click the thumbs-down icon if the information on the page was not helpful to you or if you have
•
suggestions for improvement, and use the pop-up form to provide feedback.
E-mail—Send your comments to techpubs-comments@juniper.net. Include the document or topic name,
•
URL or page number, and software version (if applicable).
Requesting Technical Support
Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC).
If you are a customer with an active Juniper Care or Partner Support Services support contract, or are
covered under warranty, and need post-sales technical support, you can access our tools and resources
online or open a case with JTAC.
JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User
•
Guide located at https://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf.
Product warranties—For product warranty information, visit https://www.juniper.net/support/warranty/.
•
JTAC hours of operation—The JTAC centers have resources available 24 hours a day, 7 days a week,
•
365 days a year.
Self-Help Online Tools and Resources
For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called
the Customer Support Center (CSC) that provides you with the following features:
Find CSC offerings: https://www.juniper.net/customers/support/
•
Search for known bugs: https://prsearch.juniper.net/
•
ix
Find product documentation: https://www.juniper.net/documentation/
•
Find solutions and answer questions using our Knowledge Base: https://kb.juniper.net/
•
Download the latest versions of software and review release notes:
•
https://www.juniper.net/customers/csc/software/
Search technical bulletins for relevant hardware and software notifications:
•
https://kb.juniper.net/InfoCenter/
Join and participate in the Juniper Networks Community Forum:
•
https://www.juniper.net/company/communities/
Create a service request online: https://myjuniper.juniper.net
•
To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool:
https://entitlementsearch.juniper.net/entitlementsearch/
Creating a Service Request with JTAC
You can create a service request with JTAC on the Web or by telephone.
Visit https://myjuniper.juniper.net.
•
Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).
•
For international or direct-dial options in countries without toll-free numbers, see
https://support.juniper.net/support/requesting-support/.
1
PART
Troubleshooting Contrail Service
Orchestration Issues
Identifying Connectivity Issues for Cloud-based Deployments | 2
Troubleshooting Site Activation Issues for Cloud-based Deployments | 9
Troubleshooting Image, License, and Policy Deployment Issues for Cloud-based
Deployments | 12
Troubleshooting SMTP Issues for Cloud-based Deployments | 17
Troubleshooting Site, Device and Link Issues | 20
CHAPTER 1
Identifying Connectivity Issues for Cloud-based Deployments
IN THIS CHAPTER
Identifying Connectivity Issues by Using Ping | 2
Identifying Connectivity Issues by Using Traceroute | 6
2
Identifying Connectivity Issues by Using Ping
You can use Contrail Service Orchestration (CSO) to perform a ping operation from a device (provider hub,
tenant device, CPE device, enterprise hubs, or next-generation firewall device) to a remote host for
identifying issues in connectivity with the remote host.
When you ping a remote host from a device, an Internet Control Message Protocol (ICMP) packet is sent
to the remote host. By analyzing the results of the ping operation, you can identify the possible device
connectivity issues between the remote host and the device.
NOTE: In Contrail Service Orchestration (CSO) Release 5.0, the following devices support ping:
NFX Series: NFX150, NFX250
•
SRX Series: SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600
•
vSRX
•
Loading...