Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Announcement: Try the Ask AI chatbot for answers to your technical questions about Juniper products and solutions.

close
header-navigation

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries
Campus and Branch

Welcome to the NOW Way to Wi-Fi

Take your networking performance to new heights with a modern, cloud-native, AI-Native architecture. Only Juniper can help you unleash the full potential of Wi-Fi 7 with our AI-Native platform for innovation.
Prepare for liftoff
Business intelligence analyst dashboard on virtual screen. Big data Graphs Charts.

AI Data Center Networking

Juniper’s AI data center solution is a quick way to deploy high performing AI training and inference networks that are the most flexible to design and easiest to manage with limited IT resources.
Find out more
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Zero trust security

Ops4AI Lab

Visit our lab in Sunnyvale, CA and see our AI data center solution for yourself. You can try out your own model’s functionality and performance, too.
Visit the lab
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Higher Education

Shaping Student Experiences: The NOW Way to Build Higher Education Networks

Juniper Networks CIO Sharon Mandell and a virtual summit of C-level IT leaders from prestigious institutions discuss ongoing efforts to support digital transformation on campus.
Watch now
Hand on tablet with healthcare overlay of graphics

Security in healthcare

In this IDC Spotlight report, discover how AI networking can automate and strengthen a healthcare ecosystem to defeat criminals and prevent loss. 
Gain insights into ecosystem security
Retail

The Future of In-Store Technologies

Retail experts Kevin McCartan, Senior IT Service Delivery Engineer at Musgrave; Jack Stratten of Insider Trends; and Christian Gilby, Senior Director of Product Marketing at Juniper Networks, discuss customer experiences.
See the future

Products

Wireless access Wired access SD-WAN / SASE Routing and switching Security Mist AI™ Management software Network operating system Blueprint for AI-Native Acceleration Optics
  • Operations
ACX7020 router

Juniper ACX7020 Cloud Metro Access Router

Legacy networks simply cannot meet the demands of today’s rapidly evolving metro landscape. Unlock a new generation of highly scalable architectures and automated operations with the Juniper ACX7020. 
Learn more
EX4000 Ethernet Switch

Next-gen AI-Native EX4000 line of switches

Lack of AI innovation from your current networking vendor slowing you down? Embrace Juniper’s cloud-native, AI-Native access switches that support every level and layer, across nearly every deployment.
Discover how
The Q and AI text with an image of Bob Friday and Kedar Dhuru.

The Q&AI Podcast

Delivering practical solutions and enriching discussions, this podcast series is a vital resource for those seeking an in-depth exploration of AI's transformative potential.
Catch the latest episode

Services

Services
Services AI Care

Juniper AI Care Services Revolutionize Your Service Experience

Our industry-first AI-Native services couple AIOps with our deep expertise across the full network life cycle. You can move from reactive response to proactive insight and action.
Explore AI Care Services
Services AI Data Center

Juniper AI Data Center Deployment Services Optimize Your AI Model Runs

We use our expertise and validated designs to help design, deploy, validate and tune networks, including GPUs and storage, to get the most from your AI infrastructure operation.
Learn about AI Data Center Deployment Services

Partners

Partners

Support and Documentation

Support and Documentation

Learn

About Juniper Training Events The Feed Resources Technology learning topics Thought leadership and insights
Audience raising hands up while businessman is speaking in training at the office.

Juniper certification and training news

See the latest
Ringing of the bell

All global events

See the latest
AI-native-now

AI-Native NOW event series

Explore events
AINN AI Innovation Impact Virtual Event

AI-Native NOW: AI Innovation and Impact

Register NOW
Juniper's Christina Hendrix at the head of a conference table. With the text "The NOW Way to Network" overlayed, with "NOW" emphasizing the "O" in green color.

The NOW Way to Network

Watch the video series
AI Native Now

Executive insights

Dive deep with leading experts and thought leaders on all the topics that matter most to your business, from AI to network security to driving rapid, relevant transformation for your business.
Learn more
A keynote speaker giving a presentation at a conference. There are dozens of people sitting around them. The presentation is displayed via projector on all the walls in the room.

Leadership voices

Juniper Networks’ leaders operate on the front lines of creating the network of the future. Take a look around to see what’s on their minds.
Watch now
Bob Friday and Jessica Garrison speaking

Bob Friday Talks

Join Bob as he ventures into all the knowns -- and -- unknowns -- of AI.
Catch the latest episode
Documentation
Menu
License Guide
Quick Starts
Validated Designs
Explore Pathfinder Apps
CLI Explorer
Feature Explorer
Hardware Compatibility Tool
Port Checker
Browse All
Collapse

Pathfinder Apps

All

By Software

By Hardware

Learn More
Pathfinder HomeCLI ExplorerCompliance AdvisorFeature ExplorerHardware Compatibility ToolJunos XML API ExplorerJunos YANG Data Model ExplorerPort CheckerPower CalculatorSNMP MIB ExplorerSystem Log Explorer
CLI ExplorerFeature ExplorerJunos XML API ExplorerJunos YANG Data Model ExplorerSNMP MIB ExplorerSystem Log Explorer
Compliance AdvisorFeature ExplorerHardware Compatibility ToolPort CheckerPower Calculator
Home Documentation Junos OS Adaptive Services Interfaces User Guide for Routing Devices Inter-Chassis Redundancy for NAT and Stateful Firewall Flows Configuring Inter-Chassis MS-MPC and MS-MIC for NAT and Stateful Firewall (Release 16.1 and later)

Adaptive Services Interfaces User Guide for Routing Devices

keyboard_arrow_up
close
keyboard_arrow_left
Adaptive Services Interfaces User Guide for Routing Devices
Table of Contents Expand all
list Table of Contents
file_download PDF
{ "lLangCode": "en", "lName": "English", "lCountryCode": "us", "transcode": "en_US" }
English
ON THIS PAGE
keyboard_arrow_right

Service Redundancy Daemon

date_range 07-Mar-25
arrow_backward
arrow_forward

Service Redundancy Daemon Overview

Introduction to the Service Redundancy Daemon

  • The service redundancy daemon (srd) provides configurable events that can decide when redundancy occurs across multiple gateways on MX Series routers with MS-MPCs and MS-MICs. This enables you to manage primary-role switchovers based on a monitored event. You can configure redundancy based on monitored events, including:

    • Link down events.

    • FPC and PIC reboots.

    • Routing protocol daemon (rpd) terminates and restarts.

    • Peer gateway events, including requests to acquire or release primary role, or to broadcast warnings.

Service Redundancy Daemon Components

The following configurable components control srd processing:

  • Redundancy Event—A monitored critical event that triggers the srd to acquire or release primary role for redundancy peers, or to trigger warning-only events, and to add or delete signal routes. Monitored events include interface or link down events, rpd events, and acquire or release primary role events from peers.

  • Redundancy Policy—A policy that defines the set of actions taken when a redundancy event occurs. Available actions include acquisition or release of primary role, and addition or deletion of signal routes.

  • Redundancy Set—A collection of one or more service sets with a common redundancy policy or policies. A redundancy set applies to two or more system gateways. Only one of the gateways is primary and the peer or peers are standby at any time. Redundancy policies define the actions to be taken for a redundancy set when the srd detects a triggering event.

  • Redundancy Group—A one-to-one relationship exists between a redundancy set and a redundancy group. One redundancy set can be part of only one redundancy group.

  • Signal routes—Static routes that are added or deleted by the srd based on primary role state changes.

  • Routing Policies—Policies that are configured to advertise routes based on the existence or non-existence of signal routes using the if-route-exists condition.

  • VRRP (Virtual Router Redundancy Protocol) route tracking—TA standard Junos OS VRRP feature, but optional srd component, that tracks whether a reachable route exists in the routing table of the routing instance included in the configuration and dynamically changes the priority of the VRRP group based on the reachability of the tracked route, triggering a new primary router election. The route to be tracked is a signal route.

Service Redundancy Daemon Constraints

The following constraints apply to srd processing configurations:

  • A one-to-one relationship exists between a redundancy set and a redundancy group. One redundancy set can be part of only one redundancy group.

  • One redundancy policy can be part of only one redundancy set, but one redundancy set can have multiple redundancy policies. For example, redundancy set RS1 can include redundancy policies RP1 and RP2. Redundancy policies RP1 and RP2 cannot be included in redundancy sets other than RS1.

  • One redundancy event can be part of only one redundancy policy, but one redundancy policy can have multiple redundancy events. For example, redundancy policy RP1 can include redundancy events RE1 and RE2. Redundancy events RE1 and RE2 cannot be included in redundancy policies other than RP1.

  • One monitored interface or link can be part of only one redundancy event, but one redundancy event can have multiple monitored interfaces.

  • One service set can be part of only one redundancy set, but one redundancy set may have multiple service sets.

  • If gateway 1, the chassis that is configured with the lower IP address, is the primary chassis and you deactivate SRD on it, a switchover to gateway 2 occurs. If gateway 2, the chassis that is configured with the higher IP address, is the primary chassis and you deactivate SRD on it, a switchover does not occur.

  • A particular redundancy-set can be active on only one gateway, but not all redundancy sets have to be active on the same gateway. For example, redundancy set A can be active on gateway 1 while redundancy set B is active on gateway 2.

Service Redundancy Daemon Operation

The srd operates as follows:

  1. The srd runs on the Routing Engine. It continuously monitors configured redundancy events.

  2. When a redundancy event is detected, the srd:

    1. Adds or removes signal routes specified in the redundancy policy.

    2. Switches services to the next preferred standby gateway.

    3. Updates stateful sync roles as needed.

  3. Resulting route changes cause:

    1. The routing policy connected to this route to advertise routes differently.

    2. VRRP to change advertised priorities.

To summarize the switchover process:

  1. A critical event occurs.

  2. srd adds or removes a signal route.

  3. A routing policy advertises routes differently. VRRP changes advertised priorities.

  4. Services switch over to the next preferred standby gateway.

  5. Stateful synchronization is updated accordingly.

Note:

The order of routing priorities must match the order of services primary role.

Platform-Specific Service Redundancy Daemon Behavior

Platform

Difference

MX Series

Service Redundancy Daemon is not enabled by default. You can enable Service Redundancy Daemon by using the statement system processes srd enable at the [edit] hierarchy.

In Junos OS Release 21.2R1, you can enable Service Redundancy Daemon by using the statement services redundancy bring-up-on-any at the [edit] hierarchy.

Configuring the Service Redundancy Daemon

Before you configure srd processing, we recommend that you be familiar with Configuring ICCP for MC-LAG, which explains peer relationships between gateways that are enabled to exchange primary and standby roles.

You use the following configuration statements:

  • redundancy-policy at the [edit policy-options] hierarchy level

  • redundancy-event at the [edit event-options] hierarchy level

  • redundancy-set at the [edit services] hierarchy level

The actions to be performed when configured redundancy events occur are defined in redundancy policies. Redundancy polices are associated with redundancy sets; they are analogous to rules associated with service sets. Redundancy sets are associated to redundancy groups by redundancy group IDs. Redundancy group details are defined by the underlying Inter-Chassis Communication Protocol daemon (iccpd) configuration. Service sets and redundancy sets are associated through the redundancy-sets statement in service sets configuration.

In the procedures that follow, redundancy events that are configured and associated with a redundancy policy. The redundancy policy is associated with a redundancy set to take appropriate action of primary-role release or primary-role acquire. If an event is associated with a policy that takes the primary-role release action, srd checks whether the redundancy peer’s state is ready or warned. If the standby is in a warned state, then the primary-role release action fails. You can restore the health check and manually execute the release primary role action.

To release primary role in any case, you can either configure the policy action as release-mastership-force or use the request services redundancy-set redundancy-set redundancy-event redundancy-event trigger force command in the operational CLI. Even if your configuration specifies the release-mastership-force option, using the request services redundancy-set redundancy-set redundancy-event redundancy-event trigger force CLI command takes precedence and primary role is released. Similarly, if a redundancy event is configured with a policy with an acquire primary-role action, then srd checks the local redundancy set state. In the case of a wait state, the action fails unless you use the request services redundancy-set redundancy-set redundancy-event redundancy-event trigger force CLI command. We recommend that you determine why health checks fail and take action to correct the failure. After that, when the redundancy set state returns to STANDBY, then this primary-role change action succeeds.

A particular redundancy-set can be active on only one gateway, but not all redundancy sets have to be active on the same gateway. For example, redundancy set A can be active on gateway 1 while redundancy set B is active on gateway 2.

To configure srd, perform the following configuration tasks in the recommended sequence. Configurations are shown for two gateways for which primary role may change.

Configuring Redundancy Events

To configure redundancy events:

  1. Configure any link-down redundancy events for the primary gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway1# set event-options redundancy-event event-name monitor link-down interface-name

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway1# set event-options redundancy-event RELS_MSHIP_CRIT_EV monitor link-down ms-2/3/0.0
user@gateway1# set event-options redundancy-event RELS_MSHIP_CRIT_EV monitor link-down xe-3/0/0.0
  2. Configure any process redundancy events for the primary gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway1# set event-options redundancy-event event-name monitor process routing restart

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway1# set event-options redundancy-event RELS_MSHIP_CRIT_EV monitor process routing restart
  3. Configure any link-down redundancy events for the standby gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway2# set event-options redundancy-event event-name monitor link-down interface-name

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway2# set event-options redundancy-event WARN_EV monitor link-down ms-2/3/0.0
user@gateway2# set event-options redundancy-event WARN_EV monitor link-down xe-3/0/0.0
  4. Configure any process redundancy events for the standby gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway2# set event-options redundancy-event event-name monitor process routing restart

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway2# set event-options redundancy-event WARN_EV monitor process routing restart
  5. Configure any peer redundancy events for the standby gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway2# set event-options redundancy-event event-name monitor peer (mastership-acquire | mastership-release)

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway2# set event-options redundancy-event PEER_MSHIP_ACQU_EV monitor peer mastership-acquire
user@gateway2# set event-options redundancy-event PEER_MSHIP_RELS_EV monitor peer mastership-release

Configuring Redundancy Policies

Service redundancy policies specify actions triggered by monitored redundancy events.

To configure redundancy policies:

  1. Specify a redundancy policy and redundancy event for the primary gateway. Follow the same steps for the standby gateway.
    content_copy zoom_out_map
    user@gateway1# edit policy-options redundancy-policy policy-name redundancy-events [event-list] then
  2. Specify an action of acquiring or releasing primary role.
    content_copy zoom_out_map
    [edit policy-options redundancy-policy policy-name redundancy-events [event-list then]
user@gateway1# set acquire-mastership

    or

    content_copy zoom_out_map
    [edit policy-options redundancy-policy policy-name redundancy-events [event-list then]
user@gateway1# set (release-mastership | release-mastership-force)

  3. (Optional) Specify an action of adding a static route.
    content_copy zoom_out_map
    [edit policy-options redundancy-policy policy-name redundancy-events [event-list then]
user@gateway1# set add-static-route destination (receive | next-hop next-hop) routing-instance routing-instance
    Best Practice:

    We recommend using the receive option.

  4. (Optional) Specify an action of deleting a static route.
    content_copy zoom_out_map
    [edit policy-options redundancy-policy policy-name redundancy-events [event-list then]
user@gateway1# set delete-static-route destination routing-instance routing-instance

The following example demonstrates configuring redundancy policies for two peer gateways:

content_copy zoom_out_map
user@gateway1# edit policy-options redundancy-policy ACQU_MSHIP_POL redundancy-events ACQU_MSHIP_MANUAL_EV then

[edit policy-options redundancy-policy ACQU_MSHIP_POL redundancy-event ACQU_MSHIP_MANUAL_EV then]
user@gateway1# set acquire-mastership add-static-route 10.45.45.0/24 receive routing-instance SGI-PRIVATE

user@gateway1# top
user@gateway1# edit policy-options redundancy-policy RELS_MSHIP_POL redundancy-events PEER_MSHIP_ACQU_EV then

[edit policy-options redundancy-policy RELS_MSHIP_POL redundancy-events PEER_MSHIP_ACQU_EV then]
user@gateway1# set release-mastership-force delete-static-route 10.45.45.0/24 receive routing-instance SGI-PRIVATE
content_copy zoom_out_map
user@gateway2# edit policy-options redundancy-policy RELS_MSHIP_POL redundancy-events PEER_MSHIP_ACQU_EV then

[edit policy-options redundancy-policy ACQU_MSHIP_POL redundancy-events ACQU_MSHIP_MANUAL_EV then]
user@gateway2# set release-mastership-force add-static-route 10.45.45.0/24 receive routing-instance SGI-PRIVATE
user@gateway2# top
user@gateway2# edit policy-options redundancy-policy ACQU_MSHIP_POL redundancy-events PEER_MSHIP_RELS_EV then

[edit policy-options redundancy-policy ACQU_MSHIP_POL redundancy-events PEER_MSHIP_RELS_EV then]
user@gateway2# set acquire-mastership delete-static-route 10.45.45.0/24 receive routing-instance SGI-PRIVATE
user@gateway2# top
user@gateway2# edit policy-options redundancy-policy WARN_POL redundancy-events WARN_EV then

[edit policy-options redundancy-policy WARN_POL redundancy-events WARN_EV then]
user@gateway2# set broadcast-warning

Configuring Redundancy Set and Group

The redundancy group IDs that srd uses are associated with those configured for the ICCP daemon (iccpd) through the existing ICCP configuration hierarchy by using the same redundancy group ID in the configuration of the services redundancy group.

content_copy zoom_out_map
iccp { 
	local-ip-addr 10.1.1.1; 
	peer 10.2.2.2 { 
		redundancy-group-id-list 1; 
		liveness-detection { 
			minimum-interval 1000; 
		} 
	} 
}

To configure redundancy sets:

  1. Specify redundancy set and group for the primary gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway1# set redundancy-set redundancy-set redundancy-group redundancy-group

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway1# set redundancy-set 1 redundancy-group 1
  2. Specify redundancy policies for the redundancy set.
    content_copy zoom_out_map
    [edit services]
user@gateway1# set redundancy-set redundancy-set redundancy-policy [redundancy-policy-list]

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway1# set redundancy-set 1 redundancy-policy ACQU_MSHIP_POL RELS_MSHIP_POL WARN_POL
  3. Specify redundancy set and group for the peer gateway.
    content_copy zoom_out_map
    [edit services]
user@gateway2# set redundancy-set redundancy-set redundancy-group redundancy-group

    For example:

    content_copy zoom_out_map
    user@gateway2# set redundancy-set 1 redundancy-group 1
  4. Specify redundancy policies for the redundancy set.
    content_copy zoom_out_map
    [edit services]
user@gateway2# set redundancy-set redundancy-set redundancy-policy [redundancy-policy-list]

    For example:

    content_copy zoom_out_map
    [edit services]
user@gateway1# set redundancy-set 1 redundancy-policy [ACQU_MSHIP_POL RELS_MSHIP_POL WARN_POL]

Configuring Routing Policies Supporting Redundancy

To configure routing policies that support redundancy:

  1. At the [edit policy-options condition] hierarchy level, use the if-route-exists configuration statement to set a condition based on the existence of signal routes that requires redundancy-related routing changes. Specify the routing table that is used.
    content_copy zoom_out_map
    [edit policy-options condition condition-name}
user@gateway# set if-route-exists signal-route table routing-table

    For example:

    content_copy zoom_out_map
    [edit policy-options condition switchover-route-exists]
user@gateway# set if-route-exists 10.45.45.0/24 table bgp1_table
  2. At the [edit policy-options policy-statement statement-name] hierarchy level, specify routing changes based on the condition indicating the existence of the signal route. For BGP, routing changes typically include change to local-preference and as-path-prepend values.

    1. To change local-preference, specify local-preference in the then clause of the policy statement.

      content_copy zoom_out_map
      [edit policy-options policy-statement policy-name]
user@gateway# set term term from protocol [protocol variables] prefix-list prefix-list condition condition-name then local-preference preference-value accept

      For example:

      content_copy zoom_out_map
      [edit policy-options policy-statement ha-export-v6-policy]
user@gateway# set term update-local-pref from protocol static bgp prefix-list ipv4-default-route condition switchover-route-exists then local-preference 350 accept

    2. To change as-path-prepend values, specify as-path-prepend in the then clause of the policy statement.

      content_copy zoom_out_map
      [edit policy-options policy-statement policy-name]
user@gateway# set term term from prefix-list prefix-list condition condition-name then as-path-prepend [as-prepend-values] next-hop self accept

      For example:

      content_copy zoom_out_map
      [edit policy-options policy-statement ha-export-v6-policy
user@gateway# set term update-as-prepend prefix-list ipv6-default-route condition switchover-route-exists then as-path-prepend "64674 64674 64674 64674" next-hop self accept

Configuring Service Sets

Specify stateful synchronization of services for a service set.

Specify the service set and redundancy set.
content_copy zoom_out_map
[edit]
user@gateway1# set services service-set service-set-name redundancy-set-id redundancy-set

For example:

content_copy zoom_out_map
[edit]
user@gateway1# set services service-set CGN4_SP-7-0-0 redundancy-set-id 1

Using Service Redundancy Daemon Scripts to View and Change the Status of a Gateway

You can determine the status of a gateway, disable or enable all the interfaces on the gateway, or pull services-related MIB information from the gateway by running service redundancy daemon (srd) scripts.

Before you can use these scripts, you must enable them:

  • Enable the srd scripts.

    content_copy zoom_out_map
    [edit]
user@host# set system scripts op file sdg-inservice.slax
user@host# set system scripts op file sdg-oos.slax
user@host# set system scripts op file services-oids.slax
user@host# set system scripts op file srd-status.slax
user@host# set system scripts op max-datasize 512m

Use the srd scripts as the root user:

  • Disable all the interfaces on the MX series router and power off the MS-MPC cards.
    1. Ensure that all local redundancy sets are in standby mode.
      content_copy zoom_out_map
      root@host> show services redundancy-group
    2. Run the sdg-oos script.
      content_copy zoom_out_map
      root@host> op sdg-oos
  • Enable all the interfaces on the MX series router and power on the MS-MPC cards.
    content_copy zoom_out_map
    root@host> op sdg-inservice
  • Check the service state of a gateway.
    content_copy zoom_out_map
    root@host> op srd-status
  • Pull services-related MIB information from the gateway.
    content_copy zoom_out_map
    root@host> op services-oids
arrow_backward PREVIOUS Inter-Chassis Stateful Synchronization for Long Lived NAT and Stateful Firewall Flows (MS-MPC, MS-MIC) (Release 16.1 and later)
NEXT arrow_forward Inter-Chassis High Availability for MS-MIC and MS-MPC (Release 15.1 and earlier)
footer-navigation

© 1999 - 2025 Juniper Networks, Inc. All rights reserved.

Scroll to top