Juniper SERVICE AVAILABILITY - CONFIGURATION GUIDE V 11.1.X, JUNOSe 11.1 Configuration Manual

JUNOSe™ Software for E Series™ Broadband Services Routers

Service Availability Configuration Guide

Release 11.1.x

Juniper Networks, Inc.

1194 North Mathilda Avenue

Sunnyvale, California 94089

USA

408-745-2000

www.juniper.net

Published: 2010-04-08

Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc. in
the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or
registered service marks are the property of their respective owners.

Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or
otherwise revise this publication without notice.

Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed
to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347,
6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.

JUNOSe™ Software for E Series™ Broadband Services Routers Service Availability Configuration Guide

Release 11.1.x
Copyright © 2010, Juniper Networks, Inc.
All rights reserved. Printed in USA.

Writing: Krupa Chandrashekar, Sairam Venugopalan
Editing: Benjamin Mann
Illustration: Nathaniel Woodward
Cover Design: Edmonds Design

Revision History
April 2010— FRS JUNOSe 11.1.x

The information in this document is current as of the date listed in the revision history.

YEAR 2000 NOTICE

Juniper Networks hardware and software products are Year 2000 compliant. The JUNOS Software has no known time-related limitations through the year

2038. However, the NTP application is known to have some difficulty in the year 2036.

ii ■

END USER LICENSE AGREEMENT

READ THIS END USER LICENSE AGREEMENT (“AGREEMENT”) BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. BY DOWNLOADING,
INSTALLING, OR USING THE SOFTWARE OR OTHERWISE EXPRESSING YOUR AGREEMENT TO THE TERMS CONTAINED HEREIN, YOU (AS CUSTOMER
OR IF YOU ARE NOT THE CUSTOMER, AS A REPRESENTATIVE/AGENT AUTHORIZED TO BIND THE CUSTOMER) CONSENT TO BE BOUND BY THIS
AGREEMENT. IF YOU DO NOT OR CANNOT AGREE TO THE TERMS CONTAINED HEREIN, THEN (A) DO NOT DOWNLOAD, INSTALL, OR USE THE SOFTWARE,
AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS.

1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks
(Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii)
the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”)
(collectively, the “Parties”).

2. The Software. In this Agreement, “Software” means the program modules and features of the Juniper or Juniper-supplied software, for which Customer
has paid the applicable license or support fees to Juniper or an authorized Juniper reseller, or which was embedded by Juniper in equipment which Customer
purchased from Juniper or an authorized Juniper reseller. “Software” also includes updates, upgrades and new releases of such software. “Embedded
Software” means Software which Juniper has embedded in or loaded onto the Juniper equipment and any updates, upgrades, additions or replacements
which are subsequently embedded in or loaded onto the equipment.

3. License Grant. Subject to payment of the applicable fees and the limitations and restrictions set forth herein, Juniper grants to Customer a non-exclusive
and non-transferable license, without right to sublicense, to use the Software, in executable form only, subject to the following use restrictions:

a. Customer shall use Embedded Software solely as embedded in, and for execution on, Juniper equipment originally purchased by Customer from Juniper
or an authorized Juniper reseller.

b. Customer shall use the Software on a single hardware chassis having a single processing unit, or as many chassis or processing units for which Customer
has paid the applicable license fees; provided, however, with respect to the Steel-Belted Radius or Odyssey Access Client software only, Customer shall use
such Software on a single computer containing a single physical random access memory space and containing any number of processors. Use of the
Steel-Belted Radius or IMS AAA software on multiple computers or virtual machines (e.g., Solaris zones) requires multiple licenses, regardless of whether
such computers or virtualizations are physically contained on a single chassis.

c. Product purchase documents, paper or electronic user documentation, and/or the particular licenses purchased by Customer may specify limits to
Customer’s use of the Software. Such limits may restrict use to a maximum number of seats, registered endpoints, concurrent users, sessions, calls,
connections, subscribers, clusters, nodes, realms, devices, links, ports or transactions, or require the purchase of separate licenses to use particular features,
functionalities, services, applications, operations, or capabilities, or provide throughput, performance, configuration, bandwidth, interface, processing,
temporal, or geographical limits. In addition, such limits may restrict the use of the Software to managing certain kinds of networks or require the Software
to be used only in conjunction with other specific Software. Customer’s use of the Software shall be subject to all such limitations and purchase of all applicable
licenses.

d. For any trial copy of the Software, Customer’s right to use the Software expires 30 days after download, installation or use of the Software. Customer
may operate the Software after the 30-day trial period only if Customer pays for a license to do so. Customer may not extend or create an additional trial
period by re-installing the Software after the 30-day trial period.

e. The Global Enterprise Edition of the Steel-Belted Radius software may be used by Customer only to manage access to Customer’s enterprise network.
Specifically, service provider customers are expressly prohibited from using the Global Enterprise Edition of the Steel-Belted Radius software to support any
commercial network access services.

The foregoing license is not transferable or assignable by Customer. No license is granted herein to any user who did not originally purchase the applicable
license(s) for the Software from Juniper or an authorized Juniper reseller.

4. Use Prohibitions. Notwithstanding the foregoing, the license provided herein does not permit the Customer to, and Customer agrees not to and shall
not: (a) modify, unbundle, reverse engineer, or create derivative works based on the Software; (b) make unauthorized copies of the Software (except as
necessary for backup purposes); (c) rent, sell, transfer, or grant any rights in and to any copy of the Software, in any form, to any third party; (d) remove
any proprietary notices, labels, or marks on or in any copy of the Software or any product in which the Software is embedded; (e) distribute any copy of
the Software to any third party, including as may be embedded in Juniper equipment sold in the secondhand market; (f) use any ‘locked’ or key-restricted
feature, function, service, application, operation, or capability without first purchasing the applicable license(s) and obtaining a valid key from Juniper, even
if such feature, function, service, application, operation, or capability is enabled without a key; (g) distribute any key for the Software provided by Juniper
to any third party; (h) use the Software in any manner that extends or is broader than the uses purchased by Customer from Juniper or an authorized Juniper
reseller; (i) use Embedded Software on non-Juniper equipment; (j) use Embedded Software (or make it available for use) on Juniper equipment that the
Customer did not originally purchase from Juniper or an authorized Juniper reseller; (k) disclose the results of testing or benchmarking of the Software to
any third party without the prior written consent of Juniper; or (l) use the Software in any manner other than as expressly provided herein.

5. Audit. Customer shall maintain accurate records as necessary to verify compliance with this Agreement. Upon request by Juniper, Customer shall furnish
such records to Juniper and certify its compliance with this Agreement.

■ iii

6. Confidentiality. The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper. As such, Customer
shall exercise all reasonable commercial efforts to maintain the Software and associated documentation in confidence, which at a minimum includes
restricting access to the Software to Customer employees and contractors having a need to use the Software for Customer’s internal business purposes.

7. Ownership. Juniper and Juniper’s licensors, respectively, retain ownership of all right, title, and interest (including copyright) in and to the Software,
associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in
the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software.

8. Warranty, Limitation of Liability, Disclaimer of Warranty. The warranty applicable to the Software shall be as set forth in the warranty statement that
accompanies the Software (the “Warranty Statement”). Nothing in this Agreement shall give rise to any obligation to support the Software. Support services
may be purchased separately. Any such support shall be governed by a separate, written support services agreement. TO THE MAXIMUM EXTENT PERMITTED
BY LAW, JUNIPER SHALL NOT BE LIABLE FOR ANY LOST PROFITS, LOSS OF DATA, OR COSTS OR PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES,
OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, THE SOFTWARE, OR ANY JUNIPER OR
JUNIPER-SUPPLIED SOFTWARE. IN NO EVENT SHALL JUNIPER BE LIABLE FOR DAMAGES ARISING FROM UNAUTHORIZED OR IMPROPER USE OF ANY
JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. EXCEPT AS EXPRESSLY PROVIDED IN THE WARRANTY STATEMENT TO THE EXTENT PERMITTED BY LAW,
JUNIPER DISCLAIMS ANY AND ALL WARRANTIES IN AND TO THE SOFTWARE (WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE), INCLUDING
ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT DOES JUNIPER
WARRANT THAT THE SOFTWARE, OR ANY EQUIPMENT OR NETWORK RUNNING THE SOFTWARE, WILL OPERATE WITHOUT ERROR OR INTERRUPTION,
OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK. In no event shall Juniper’s or its suppliers’ or licensors’ liability to Customer, whether
in contract, tort (including negligence), breach of warranty, or otherwise, exceed the price paid by Customer for the Software that gave rise to the claim, or
if the Software is embedded in another Juniper product, the price paid by Customer for such other product. Customer acknowledges and agrees that Juniper
has set its prices and entered into this Agreement in reliance upon the disclaimers of warranty and the limitations of liability set forth herein, that the same
reflect an allocation of risk between the Parties (including the risk that a contract remedy may fail of its essential purpose and cause consequential loss),
and that the same form an essential basis of the bargain between the Parties.

9. Termination. Any breach of this Agreement or failure by Customer to pay any applicable fees due shall result in automatic termination of the license
granted herein. Upon such termination, Customer shall destroy or return to Juniper all copies of the Software and related documentation in Customer’s
possession or control.

10. Taxes. All license fees payable under this agreement are exclusive of tax. Customer shall be responsible for paying Taxes arising from the purchase of
the license, or importation or use of the Software. If applicable, valid exemption documentation for each taxing jurisdiction shall be provided to Juniper prior
to invoicing, and Customer shall promptly notify Juniper if their exemption is revoked or modified. All payments made by Customer shall be net of any
applicable withholding tax. Customer will provide reasonable assistance to Juniper in connection with such withholding taxes by promptly: providing Juniper
with valid tax receipts and other required documentation showing Customer’s payment of any withholding taxes; completing appropriate applications that
would reduce the amount of withholding tax to be paid; and notifying and assisting Juniper in any audit or tax proceeding related to transactions hereunder.
Customer shall comply with all applicable tax laws and regulations, and Customer will promptly pay or reimburse Juniper for all costs and damages related
to any liability incurred by Juniper as a result of Customer’s non-compliance or delay with its responsibilities herein. Customer’s obligations under this
Section shall survive termination or expiration of this Agreement.

11. Export. Customer agrees to comply with all applicable export laws and restrictions and regulations of any United States and any applicable foreign
agency or authority, and not to export or re-export the Software or any direct product thereof in violation of any such restrictions, laws or regulations, or
without all necessary approvals. Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption
or other capabilities restricting Customer’s ability to export the Software without an export license.

12. Commercial Computer Software. The Software is “commercial computer software” and is provided with restricted rights. Use, duplication, or disclosure
by the United States government is subject to restrictions set forth in this Agreement and as provided in DFARS 227.7201 through 227.7202-4, FAR 12.212,
FAR 27.405(b)(2), FAR 52.227-19, or FAR 52.227-14(ALT III) as applicable.

13. Interface Information. To the extent required by applicable law, and at Customer's written request, Juniper shall provide Customer with the interface
information needed to achieve interoperability between the Software and another independently created program, on payment of applicable fee, if any.
Customer shall observe strict obligations of confidentiality with respect to such information and shall use such information in compliance with any applicable
terms and conditions upon which Juniper makes such information available.

14. Third Party Software. Any licensor of Juniper whose software is embedded in the Software and any supplier of Juniper whose products or technology
are embedded in (or services are accessed by) the Software shall be a third party beneficiary with respect to this Agreement, and such licensor or vendor
shall have the right to enforce this Agreement in its own name as if it were Juniper. In addition, certain third party software may be provided with the
Software and is subject to the accompanying license(s), if any, of its respective owner(s). To the extent portions of the Software are distributed under and
subject to open source licenses obligating Juniper to make the source code for such portions publicly available (such as the GNU General Public License
(“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate)
available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194

N. Mathilda Ave., Sunnyvale, CA 94089, ATTN: General Counsel. You may obtain a copy of the GPL at http://www.gnu.org/licenses/gpl.html, and
a copy of the LGPL at http://www.gnu.org/licenses/lgpl.html.

15. Miscellaneous. This Agreement shall be governed by the laws of the State of California without reference to its conflicts of laws principles. The provisions
of the U.N. Convention for the International Sale of Goods shall not apply to this Agreement. For any disputes arising under this Agreement, the Parties
hereby consent to the personal and exclusive jurisdiction of, and venue in, the state and federal courts within Santa Clara County, California. This Agreement
constitutes the entire and sole agreement between Juniper and the Customer with respect to the Software, and supersedes all prior and contemporaneous

iv ■

agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a
separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict
with terms contained herein. No modification to this Agreement nor any waiver of any rights hereunder shall be effective unless expressly assented to in
writing by the party to be charged. If any portion of this Agreement is held invalid, the Parties agree that such invalidity shall not affect the validity of the
remainder of this Agreement. This Agreement and associated documentation has been written in the English language, and the Parties agree that the English
version will govern. (For Canada: Les parties aux présentés confirment leur volonté que cette convention de même que tous les documents y compris tout
avis qui s'y rattaché, soient redigés en langue anglaise. (Translation: The parties confirm that this Agreement and all related documentation is and will be
in the English language)).

■ v

vi ■

Abbreviated Table of Contents

About the Documentation xix

Part 1 Chapters

Chapter 1 Service Availability 3

Chapter 2 Managing Module Redundancy 7

Chapter 3 Managing Stateful SRP Switchover 25

Chapter 4 Configuring a Unified In-Service Software Upgrade 57

Chapter 5 Configuring VRRP 105

Chapter 6 Managing Interchassis Redundancy 127

Part 2 Index

Index 149

Abbreviated Table of Contents ■ vii

JUNOSe 11.1.x Service Availability Configuration Guide

viii ■

Table of Contents

About the Documentation xix

E Series and JUNOSe Documentation and Release Notes ..............................xix

Audience ......................................................................................................xix

E Series and JUNOSe Text and Syntax Conventions .....................................xix

Obtaining Documentation ............................................................................xxi

Documentation Feedback .............................................................................xxi

Requesting Technical Support ......................................................................xxi

Self-Help Online Tools and Resources ...................................................xxii

Opening a Case with JTAC .....................................................................xxii

Part 1 Chapters

Chapter 1 Service Availability 3

Service Availability Overview ..........................................................................3

Service Availability Versus High Availability ..............................................4

Understanding Service Availability Features ....................................................5

Module Redundancy .................................................................................5

Stateful SRP Switchover ............................................................................5

Unified ISSU ..............................................................................................5

VRRP ........................................................................................................6

Interchassis Redundancy ..........................................................................6

Chapter 2 Managing Module Redundancy 7

Line Module Redundancy Overview ................................................................7

Module Requirements ...............................................................................7

ERX7xx Models and ERX14xx Models ................................................7

E120 and E320 Routers ......................................................................8

Automatic Switchover ...............................................................................9

Limitations of Automatic Switchover ..................................................9

Reversion After Switchover .......................................................................9

Configuring Line Module Redundancy ....................................................10

Managing Line Module Redundancy .......................................................10

SRP Module Redundancy ........................................................................11

SRP Module Behavior ..............................................................................11

Specifying the Configuration for Redundant SRP Modules ......................14

Installing a Redundant SRP Module ........................................................15

Table of Contents ■ ix

JUNOSe 11.1.x Service Availability Configuration Guide

Managing SRP Module Redundancy ........................................................16

Switching to the Redundant SRP Module ................................................18

Upgrading Software on a Redundant SRP Module ...................................19

Monitoring the Status LEDs .....................................................................19

Monitoring Line Module and SRP Module Redundancy .................................19

Managing Port Redundancy ..........................................................................23

Chapter 3 Managing Stateful SRP Switchover 25

Stateful SRP Switchover Overview .................................................................25

Stateful SRP Switchover Platform Considerations ..........................................26

Module Requirements .............................................................................26

Stateful SRP Switchover Redundancy Modes .................................................27

File System Synchronization Mode .........................................................27

High Availability Mode ............................................................................27

Stateful SRP Switchover States ......................................................................29

Disabled State .........................................................................................29

Initializing State ......................................................................................30

Active State .............................................................................................30

Pending State ..........................................................................................31

Application Support for Stateful SRP Switchover ...........................................32

Application Support ................................................................................32

Guidelines for Activating High Availability .....................................................41

Activating High Availability ............................................................................42

Guidelines for Deactivating High Availability .................................................42

Deactivating High Availability ........................................................................43

Guidelines for Setting the IP Interface Priority ...............................................43

Setting the IP Interface Priority .....................................................................44

Guidelines for Upgrading Software ................................................................44

Monitoring the Redundancy Status ................................................................45

Monitoring the Redundancy Status of Applications ........................................48

Monitoring the Redundancy History ..............................................................50

Monitoring the Redundancy Status of Line Modules ......................................51

Monitoring the Redundancy Status of SRP Modules ......................................52

Monitoring the Redundancy Switchover History ............................................54

Clearing the Redundancy History ..................................................................55

Chapter 4 Configuring a Unified In-Service Software Upgrade 57

Unified ISSU Overview ..................................................................................58

Unified ISSU Platform Considerations ...........................................................59

Hardware and Software Requirements Before Beginning a Unified ISSU .......60

Hardware Requirements for Unified ISSU ......................................................60

Software Requirements for Unified ISSU .......................................................61

Unified ISSU Terms .......................................................................................62

Unified ISSU References ................................................................................62

Unified ISSU Phases Overview ......................................................................63

x ■ Table of Contents

Router Behavior During a Unified In-Service Software Upgrade ..............59

Table of Contents

Unified ISSU Initialization Phase Overview ....................................................63

Application Data Upgrade on the Standby SRP Module ...........................64

SNMP Traps ............................................................................................65

Unified ISSU Upgrade Phase Overview ..........................................................66

Exceptions During the Upgrade Phase ....................................................67

Verifications of Requirements .................................................................68

Upgrade Setup ........................................................................................68

Line Module Arming .........................................................................69

Line Module Control Plane Upgrade .................................................69

SRP Module Switchover ....................................................................69

Line Module Forwarding Plane Upgrade ...........................................70

Unified ISSU Service Restoration Phase Overview .........................................71

Application Support for Unified ISSU .............................................................71

Unexpected AAA Authentication and Authorization Behavior During Unified

ISSU ........................................................................................................80

Unexpected ATM Behavior During Unified ISSU ............................................80

ILMI Sessions Not Maintained .................................................................80

OAM CC Effects on VCC ..........................................................................80

OAM VC Integrity Verification Cessation .................................................81

Port Data Rate Monitoring Cessation ......................................................81

VC and VP Statistics Monitoring Halts Unified ISSU Progress ..................81

Unexpected DHCP Behavior During Unified ISSU ..........................................81

DHCP Packet Capture Halted on Line Modules .......................................81

Unexpected Denial-of-Service Protection Behavior During Unified ISSU ........81

Unexpected Ethernet Behavior During Unified ISSU ......................................82

ARP Packets Briefly Not Sent or Received ...............................................82

Link Aggregation Interruption .................................................................82

Port Data Rate Monitoring Halted ...........................................................83

VLAN Statistics Monitoring Halts Unified ISSU Progress ..........................83

Unexpected File Transfer Protocol Server Behavior During Unified ISSU .......83

IS-IS Effects on Graceful Restart and Network Stability During Unified

ISSU ........................................................................................................86

Configuring Graceful Restart Before Unified ISSU Begins ........................86

Configuring Graceful Restart When BGP and LDP Are Configured ...........86

Routing Around the Restarting Router to Minimize Network

Instability .........................................................................................87

Unexpected L2TP Failover of Established Tunnels During Unified ISSU .........87

OSPF Effects on Graceful Restart and Network Stability During Unified

ISSU ........................................................................................................88

Configuring Graceful Restart Before Unified ISSU Begins ........................88

Configuring Graceful Restart When BGP and LDP Are Configured ...........89

Configuring a Longer Dead Interval Than Normal ...................................89

Routing Around the Restarting Router to Minimize Network

Instability .........................................................................................89

Unexpected Suspension of PIM During Unified ISSU .....................................90

Unexpected Suspension of Subscriber Login and Logouts During Unified

ISSU ........................................................................................................90

Subscriber Statistics Accumulation or Deletion .......................................90

Unexpected SONET and SDH Behavior During Unified ISSU .........................91

Unexpected T3 Behavior During Unified ISSU ...............................................91

Unavailability of TACACS+ Services During Unified ISSU .............................92

Table of Contents ■ xi

JUNOSe 11.1.x Service Availability Configuration Guide

Interruption in Traffic Forwarding for Layer 3 Routing Protocols During

Unified ISSU ............................................................................................92

Recommended Settings for Routing Protocol Timers During Unified

ISSU ........................................................................................................94

Upgrading Router Software with Unified ISSU ...............................................96

Halt of Unified ISSU During Initialization Phase Overview .............................99

Halting Unified ISSU During Initialization Phase ............................................99

Halt of Unified ISSU During Upgrade Phase Overview .................................100

Halting Unified ISSU During Upgrade Phase ................................................100

Monitoring the Status of the Router During Unified ISSU .............................101

Chapter 5 Configuring VRRP 105

VRRP Overview ...........................................................................................105

VRRP Terms .........................................................................................105

Platform Considerations ..............................................................................106

References ..................................................................................................106

How VRRP Works .......................................................................................107

Configuration Examples ........................................................................107

Basic VRRP Configuration ...............................................................107

Commonly Used VRRP Configuration .............................................108

VRRP Configuration Without the Real Address Owner ...................109

How VRRP Is Implemented in E Series Routers ...........................................110

Router Election Rules ............................................................................111

Configuring VRRP ........................................................................................112

Configuring the IP Interface ..................................................................112

Creating VRIDs .....................................................................................112

Configuration Steps ...............................................................................113

Changing Object Priority .............................................................................117

Monitoring VRRP .........................................................................................117

Chapter 6 Managing Interchassis Redundancy 127

ICR Overview ..............................................................................................127

ICR Platform Considerations .......................................................................129

ICR Terms ...................................................................................................130

ICR References ............................................................................................130

ICR Scaling Considerations ..........................................................................131

Interaction with RADIUS for ICR .................................................................132

Configuring an ICR Partition ........................................................................134

Configuring the Interface on Which the ICR Partition Resides .....................135

Configuring VRRP Instances to Match ICR Requirements ............................135

Naming ICR Partitions .................................................................................136

Grouping ICR Subscribers Based on S-VLAN IDs ..........................................137

Grouping ICR Subscribers Based on VLAN IDs .............................................138

Example: Configuring ICR Partitions That Group Subscribers by S-VLAN

xii ■ Table of Contents

Interface Specifiers ...............................................................................129

1:1 Subscriber Redundancy in a 4–Node ICR Cluster ............................131

ICR Partition Accounting Overview .......................................................133

ID .........................................................................................................139

Using RADIUS to Manage Subscribers Logging In to ICR Partitions ..............141

Monitoring the Configuration of an ICR Partition Attached to an

Interface ...............................................................................................141

Monitoring the Configuration of ICR Partitions ............................................143

Part 2 Index

Index ...........................................................................................................149

Table of Contents

Table of Contents ■ xiii

JUNOSe 11.1.x Service Availability Configuration Guide

xiv ■ Table of Contents

List of Figures

Part 1 Chapters

Chapter 2 Managing Module Redundancy 7

Figure 1: SRP Module on ERX7xx Models and ERX14xx Models ...................13

Figure 2: SRP Module on the E120 and E320 Routers ...................................14

Chapter 3 Managing Stateful SRP Switchover 25

Figure 3: High Availability States ...................................................................29

Chapter 5 Configuring VRRP 105

Figure 4: Basic VRRP Configuration .............................................................108

Figure 5: Commonly Used VRRP Configuration ...........................................109

Figure 6: VRRP Configuration Without the Real Address Owner ..................110

Chapter 6 Managing Interchassis Redundancy 127

Figure 7: ICR Deployment ...........................................................................128

Figure 8: Sample 1:1 Subscriber Redundancy in a 4–Node ICR Cluster .......131

List of Figures ■ xv

JUNOSe 11.1.x Service Availability Configuration Guide

xvi ■ List of Figures

List of Tables

About the Documentation xix

Table 1: Notice Icons .....................................................................................xx

Table 2: Text and Syntax Conventions ..........................................................xx

Part 1 Chapters

Chapter 2 Managing Module Redundancy 7

Table 3: Commands That Can Cause Automatic Switchover ............................9

Table 4: Function of the Online and Redundant LEDs ...................................19

Chapter 3 Managing Stateful SRP Switchover 25

Table 5: Application Support for Stateful SRP Switchover ..............................32

Table 6: show redundancy Output Fields ......................................................47

Table 7: show redundancy clients Output Fields ...........................................50

Table 8: show redundancy history Output Fields ...........................................51

Table 9: show redundancy line-card Output Fields ........................................52

Table 10: show redundancy srp Output Fields ...............................................53

Table 11: show redundancy switchover-history Output Fields .......................55

Chapter 4 Configuring a Unified In-Service Software Upgrade 57

Table 12: Unified ISSU-Related Terms ...........................................................62

Table 13: Router Response to Undesirable Events During the Upgrade

Phase ......................................................................................................67

Table 14: Application Support for Unified In-Service Software Upgrades .......72

Table 15: Behavior of Routing Protocols During a Unified In-Service Software

Upgrade ..................................................................................................93

Table 16: Recommended Routing Protocol Timer Settings ............................95

Table 17: show issu Output Fields ...............................................................103

Chapter 5 Configuring VRRP 105

Table 18: VRRP Definitions .........................................................................106

Chapter 6 Managing Interchassis Redundancy 127

Table 19: ICR Terminology ..........................................................................130

Table 20: show icr-partition Output Fields ...................................................142

Table 21: show icr-partitions Output Fields .................................................144

List of Tables ■ xvii

JUNOSe 11.1.x Service Availability Configuration Guide

xviii ■ List of Tables

About the Documentation

■ E Series and JUNOSe Documentation and Release Notes on page xix

■ Audience on page xix

■ E Series and JUNOSe Text and Syntax Conventions on page xix

■ Obtaining Documentation on page xxi

■ Documentation Feedback on page xxi

■ Requesting Technical Support on page xxi

E Series and JUNOSe Documentation and Release Notes

For a list of related JUNOSe documentation, see

http://www.juniper.net/techpubs/software/index.html .

If the information in the latest release notes differs from the information in the
documentation, follow the JUNOSe Release Notes.

To obtain the most current version of all Juniper Networks® technical documentation,
see the product documentation page on the Juniper Networks website at

http://www.juniper.net/techpubs/.

Audience

This guide is intended for experienced system and network specialists working with
Juniper Networks E Series Broadband Services Routers in an Internet access
environment.

E Series and JUNOSe Text and Syntax Conventions

Table 1 on page xx defines notice icons used in this documentation.

E Series and JUNOSe Documentation and Release Notes ■ xix

JUNOSe 11.1.x Service Availability Configuration Guide

Table 1: Notice Icons

Table 2 on page xx defines text and syntax conventions that we use throughout the
E Series and JUNOSe documentation.

DescriptionMeaningIcon

Indicates important features or instructions.Informational note

Indicates a situation that might result in loss of data or hardware damage.Caution

Alerts you to the risk of personal injury or death.Warning

Alerts you to the risk of personal injury from a laser.Laser warning

Table 2: Text and Syntax Conventions

Represents commands and keywords in text.Bold text like this

Bold text like this

Fixed-width text like this

Represents text that the user must type.

Represents information as displayed on your
terminal’s screen.

Italic text like this

Emphasizes words.

■

Identifies variables.

■

Identifies chapter, appendix, and book

■

names.

Plus sign (+) linking key names

keys simultaneously.

Syntax Conventions in the Command Reference Guide

ExamplesDescriptionConvention

Issue the clock source command.

■

Specify the keyword exp-msg.

■

host1(config)#traffic class low-loss1

host1#show ip ospf 2

Routing Process OSPF 2 with Router
ID 5.5.0.250
Router is an Area Border Router
(ABR)

There are two levels of access: user and

■

privileged.

clusterId, ipAddress.

■

Appendix A, System Specifications

■

Press Ctrl + b.Indicates that you must press two or more

terminal lengthRepresents keywords.Plain text like this

| (pipe symbol)

xx ■ E Series and JUNOSe Text and Syntax Conventions

mask, accessListNameRepresents variables.Italic text like this

diagnostic | lineRepresents a choice to select one keyword
or variable to the left or to the right of this
symbol. (The keyword or variable can be
either optional or required.)

Table 2: Text and Syntax Conventions (continued)

About the Documentation

ExamplesDescriptionConvention

[ internal | external ]Represent optional keywords or variables.[ ] (brackets)

[ ]* (brackets and asterisk)

that can be entered more than once.

Represent required keywords or variables.{ } (braces)

Obtaining Documentation

To obtain the most current version of all Juniper Networks technical documentation,
see the Technical Documentation page on the Juniper Networks Web site at

http://www.juniper.net/.

To download complete sets of technical documentation to create your own
documentation CD-ROMs or DVD-ROMs, see the Offline Documentation page at

http://www.juniper.net/techpubs/resources/cdrom.html

Copies of the Management Information Bases (MIBs) for a particular software release
are available for download in the software image bundle from the Juniper Networks
Web site athttp://www.juniper.net/.

Documentation Feedback

[ level1 | level2 | l1 ]*Represent optional keywords or variables

{ permit | deny } { in | out }

{ clusterId | ipAddress }

We encourage you to provide feedback, comments, and suggestions so that we can
improve the documentation to better meet your needs. Send your comments to

techpubs-comments@juniper.net, or fill out the documentation feedback form at

https://www.juniper.net/cgi-bin/docbugreport/. If you are using e-mail, be sure to include

the following information with your comments:

■ Document or topic name

■ URL or page number

■ Software release version

Requesting Technical Support

Technical product support is available through the Juniper Networks Technical
Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support
contract, or are covered under warranty, and need post-sales technical support, you
can access our tools and resources online or open a case with JTAC.

■ JTAC policies—For a complete understanding of our JTAC procedures and policies,

review the JTAC User Guide located at

http://www.juniper.net/customers/support/downloads/7100059-EN.pdf .

Obtaining Documentation ■ xxi

JUNOSe 11.1.x Service Availability Configuration Guide

■ Product warranties—For product warranty information, visit

http://www.juniper.net/support/warranty/ .

■ JTAC hours of operation—The JTAC centers have resources available 24 hours a

day, 7 days a week, 365 days a year.

Self-Help Online Tools and Resources

For quick and easy problem resolution, Juniper Networks has designed an online
self-service portal called the Customer Support Center (CSC) that provides you with
the following features:

■

Find CSC offerings: http://www.juniper.net/customers/support/

■

Search for known bugs: http://www2.juniper.net/kb/

■

Find product documentation: http://www.juniper.net/techpubs/

■ Find solutions and answer questions using our Knowledge Base:

http://kb.juniper.net/

■ Download the latest versions of software and review release notes:

http://www.juniper.net/customers/csc/software/

■ Search technical bulletins for relevant hardware and software notifications:

https://www.juniper.net/alerts/

■ Join and participate in the Juniper Networks Community Forum:

http://www.juniper.net/company/communities/

■

Open a case online in the CSC Case Management tool: http://www.juniper.net/cm/

To verify service entitlement by product serial number, use our Serial Number
Entitlement (SNE) Tool: https://tools.juniper.net/SerialNumberEntitlementSearch/

Opening a Case with JTAC

You can open a case with JTAC on the Web or by telephone.

■

Use the Case Management tool in the CSC at http://www.juniper.net/cm/ .

■ Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).

For international or direct-dial options in countries without toll-free numbers, see

http://www.juniper.net/support/requesting support.html .

xxii ■ Requesting Technical Support

Part 1

Chapters

■ Service Availability on page 3

■ Managing Module Redundancy on page 7

■ Managing Stateful SRP Switchover on page 25

■ Configuring a Unified In-Service Software Upgrade on page 57

■ Configuring VRRP on page 105

■ Managing Interchassis Redundancy on page 127

Chapters ■ 1

JUNOSe 11.1.x Service Availability Configuration Guide

2 ■ Chapters

Chapter 1

Service Availability

This chapter explains what service availability is and discusses the features of service
availability. It also discusses Juniper Networks multi-layered service availability
approach for uninterrupted delivery of services.

■ Service Availability Overview on page 3

■ Understanding Service Availability Features on page 5

Service Availability Overview

In a conventional network, router outages can occur because of denial of service
(DoS) attacks, line module failure, switch route processor module failure, software
defects, feature upgrades, or complete router failure. These outages result in subscriber
downtime.

To reduce subscriber downtime, a network must have the following capabilities:

■ Reliability—A network that does not crash often and recovers from failure very

rapidly. During recovery, the network maintains user sessions and forwards data
with little or no impact on the delivery of services.

■ Resiliency—A network component or network that responds to failure, resists

failure, and handles failure with little or no impact on the delivery of services.

■ Redundancy—A network whose reliability is enhanced by the addition of a backup

component.

■ High Availability—A network that is both reliable and resilient.

JUNOSe Software uses a multi-layered service availability approach that enables you
to provide uninterrupted delivery of services with the help of reliable, highly available,
and redundant hardware and software components.

Service Availability Overview ■ 3

Security

Protects infrastructure against DoS attacks

Network Resiliency

Protects against port, link (fiber cuts), and network node failures

Software Availability

Protects against software crashes and minimizes downtime from software upgrades

Hardware Redundancy and Design

1:1 or N:1 component-level protection

g016518

99.999%

JUNOSe 11.1.x Service Availability Configuration Guide

Figure 1 illustrates the multiple layers of JUNOSe Software service availability

The security layer protects the network from DoS attacks.

The network resiliency layer protects against port, link, and node failures. You can
configure IEEE 802.3 ad link aggregation for Ethernet, and Virtual Router Redundancy
Protocol (VRRP) to improve network resiliency.

The software availability layer protects against software failures by using hot-fixes
or installing a higher-numbered software release. You can perform a unified in-service
software upgrade (ISSU) instead of the conventional software upgrade to reduce
outage. You can eliminate or reduce single points of failure by configuring stateful
SRP switchover (high availability). Any network component with an uptime of 99.999
percent is considered highly available with a downtime of less than 5 minutes in a
year.

The hardware redundancy and design layer introduces redundancy in the network
in the form of multiple power supplies, cooling devices, line modules, and sometimes
even a router. For instance, you can install a backup line module in your router to
protect against line module failure. You can also configure a router as a backup router
that accepts subscriber login requests when the master router fails.

Service Availability Versus High Availability

High availability is a measure of the uptime of a network or network component. A
network component that has a downtime of 5 minutes is accessible or available 99
percent of the time. If a failure occurs, a backup component is available within 5
minutes. A highly available network is a network that has components that either
have high reliability or have the ability to recover very quickly from a failure, or both.

Service availability refers to the ability to provide uninterrupted delivery of services.
For example, from the time when a component fails to the time when the backup
component is accessible, the delivery of services is interrupted. To provide
uninterrupted delivery of services, highly available components must maintain session
details and other data across failures. Service availability can thus be defined as the
ability to provide uninterrupted delivery of services using a highly available network.

4 ■ Service Availability Overview

Related Topics ■ Understanding Service Availability Features on page 5

Understanding Service Availability Features

Service availability refers to ability of a network or a network component to provide
uninterrupted delivery of services using highly available, redundant, and reliable
components. This topic provides brief overviews of the benefits of using the following
service availability features:

■ Module Redundancy on page 5

■ Stateful SRP Switchover on page 5

■ Unified ISSU on page 5

■ VRRP on page 6

■ Interchassis Redundancy on page 6

Chapter 1: Service Availability

Module Redundancy

For hardware components, Juniper Networks provides redundancy solutions to ensure
that the router continues to operate in the event of a hardware fault. Redundancy
also enables you to hot-swap various components within your E Series router.

Stateful SRP Switchover

Stateful SRP switchover (high availability) enables you to reduce or eliminate single
points of failure in your network. Stateful SRP switchover provides both
hardware-specific and software-specific methods to ensure minimal downtime and
ultimately improve the performance of your network.

Stateful SRP switchover minimizes the impact to the router of a stateful switchover
from the active SRP module to the standby SRP module. Stateful SRP switchover
maintains user sessions and data forwarding through the router during the switchover,
thus improving the overall availability of the router.

Unified ISSU

A conventional software upgrade—one that does not use the unified in-service
software upgrade (ISSU) process—causes a router-wide outage for all users. Only
static configurations (stored on the flash card) are maintained across the upgrade;
all dynamic configurations are lost. A conventional upgrade can take 30-40 minutes
to complete, with additional time required to bring all users back online.

Unified ISSU enables you to upgrade the router to a higher-numbered software release
without disconnecting user sessions or disrupting forwarding through the chassis.

When an application supports unified ISSU, you can configure the application on the
router and proceed with the unified in-service software upgrade with no adverse
effect on the upgrade.

Understanding Service Availability Features ■ 5

JUNOSe 11.1.x Service Availability Configuration Guide

When you perform a unified ISSU on a router that has one or more modules that do
not support unified ISSU, these modules are upgraded by means of the legacy,
conventional upgrade process. The unsupported modules undergo a cold reboot at
the beginning of the unified ISSU process, and are held down until the ISSU process
is completed.

VRRP

Virtual Router Redundancy Protocol (VRRP) prevents loss of network connectivity
to end hosts when the static default IP gateway fails. By implementing VRRP, you
can designate a number of routers as backup routers in the event that the default
master router fails. In case of a failure, VRRP dynamically shifts the packet-forwarding
responsibility to a backup router. VRRP creates a redundancy scheme that enables
hosts to keep a single IP address for the default gateway but maps the IP address to
a well-known virtual MAC address. You can take advantage of the redundancy
provided by VRRP without performing any special configuration on the end host
systems.

Routers running VRRP dynamically elect master and backup routers. You can also
force assignment of master and backup routers using priorities in the range 1–255,
with 255 being the highest priority.

VRRP supports virtual local area networks (VLANs), stacked VLANs (S-VLANs), and
creation of interchassis redundancy (ICR) partitions.

Interchassis Redundancy

ICR enables you to minimize subscriber downtime when the router or access interface
on the edge router fails. ICR accomplishes this by re-creating subscriber sessions on
the backup router that were originally terminated on the failed router. It also enables
you to track the failure of uplink interfaces. In this way, ICR enables you to completely
recover from router failure. ICR uses Virtual Router Redundancy Protocol (VRRP) to
detect failures. ICR also enables you to track the failure of uplink interfaces. ICR
currently supports only PPPoE subscribers.

Related Topics ■ Managing Module Redundancy on page 7

■ Managing Stateful SRP Switchover on page 25

■ Configuring a Unified In-Service Software Upgrade on page 57

■ Configuring VRRP on page 105

■ Managing Interchassis Redundancy on page 127

■ Service Availability Overview on page 3

6 ■ Understanding Service Availability Features

Chapter 2

Managing Module Redundancy

This chapter describes how to manage redundancy in line modules, switch route
processor (SRP) modules, switch fabric modules (SFMs), I/O modules, and I/O adapters
(IOAs) in E Series routers.

This chapter contains the following sections:

■ Line Module Redundancy Overview on page 7

■ Monitoring Line Module and SRP Module Redundancy on page 19

■ Managing Port Redundancy on page 23

Line Module Redundancy Overview

You can install an extra line module in a group of identical line modules to provide
redundancy if one of the modules fails.

The process by which the router switches to the spare line module is called
switchover. During switchover, the line, circuit, and IP interfaces on the I/O module
or one or more IOAs appear to go down temporarily. The duration of the downtime
depends on the number of interfaces and the size of the routing table, because the
router must reload the interface configuration and the routing table from the SRP
module.

If the line module software is not compatible with the running SRP module software
release, a warning message appears on the console.

Module Requirements

The requirements for line module redundancy depend on the type of router that you
have.

NOTE: The information in this section does not apply to the ERX310 Broadband
Services Router, which does not support line module redundancy.

ERX7xx Models and ERX14xx Models

To use this feature on ERX7xx models and ERX14xx models, you must also install
a redundancy midplane and a redundancy I/O module. For a detailed explanation

Line Module Redundancy Overview ■ 7

JUNOSe 11.1.x Service Availability Configuration Guide

of how the router provides redundancy for line modules and procedures for installing
the modules, see the ERX Hardware Guide.

E120 and E320 Routers

To configure line module redundancy on the E120 or E320 Broadband Services
router, you must also install an ES2-S1 Redund IOA in either slot 0 or slot 11. The
ES2-S1 Redund IOA is a full-height IOA. For a detailed explanation of how the router
provides redundancy for line modules and procedures for installing the modules, see
the E120 and E320 Hardware Guide.

On E120 and E320 routers, each side of the chassis is treated as a redundancy group.
The lowest numbered slot for each side acts as the spare line module, providing
backup functionality when an ES2-S1 Redund IOA is located directly behind it. When
the line module does not contain an ES2-S1 Redund IOA, it is considered a primary
line module.

The router accepts the following redundancy groups:

■ ES2 4G LM as backup and ES2 4G LM as primary

■ ES2 10G Uplink LM and ES2 10G Uplink LM as primary

■ ES2 10G LM as backup and ES2 10G LM

■ ES2 10G ADV LM as backup and ES2 10G ADV LM as primary

■ ES2 10G ADV LM as backup and ES2 10G LM as primary

Also, you cannot configure redundancy for the ES2-S1 Service IOA.

IOA Behavior When the Router Reboots

On E120 and E320 routers, switchover is based on the combined states of the line
module and the IOAs that are installed in the affected slot.

When the router reboots and the formerly configured primary line module is not
present, or is present and fails diagnostics, it switches to a spare line module and
takes inventory of the IOAs. If the IOA is present and new, the router reverts back
to the primary line module so that the spare line module can service other active
primary line modules.

When the router reboots and a slot contains a line module and one active and one
inactive IOA, the inactive IOA remains in that state.

Line Module Behavior When Disabling or Enabling IOAs

On E120 and E320 routers, a line module reboots when you issue the adapter
disable or adapter enable commands for an associated IOA.

When you issue the adapter disable or adapter enable commands, the line module
(primary or spare) currently associated with that IOA reboots. If the IOA is protected
by a line module redundancy group, an automatic line module redundancy switchover
or revert can be triggered by the line module reboot. To prevent undesired line

8 ■ Line Module Redundancy Overview