Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

WAN Edge Testing Tools

Juniper Mist™ portal provides testing tools that play crucial roles in maintaining network health and diagnosing issues. You can use the tools to:

  • Identify network bottlenecks, latency, and packet loss.
  • Check connectivity and measuring round-trip time.
  • Identify the path taken by network traffic from source to destination for a specific application.
  • Monitor BGP peering status and troubleshoot connectivity issues.

To use WAN Edge testing tools:

  1. On Juniper Mist portal left navigation bar, select WAN Edges > WAN Edges.
  2. On WAN Edge page, select the site from Site dropdown box. The page displays the WAN edge devices in the site.
  3. Select the required device and click to open the device details page.
  4. Click Utilities menu from the top right menu and select testing tool.
    Figure 1: WAN Edge Testing Tool - Utilities Option WAN Edge Testing Tool - Utilities Option
  5. The WAN Edge testing page opens. In this page, you can run tests using the following tools:
    • Ping
    • Traceroute
    • BGP options (BGP summary, route advertisement details, and so on)
    • Applications
    • Address Resolution Protocol
    • FIB

    Lets learn how to use these tools for testing your WAN edge device connectivity.

Testing Tools for Session Smart Routers

Ping Tests on Session Smart Routers

Use the Ping tool to send Internet Control Message Protocol (ICMP) echo requests to a specified host. You can use this command to check if a particular host is reachable at a particular IP address.

  1. In WAN Edge Testing tools window, click Ping.
  2. Enter the following options:
    • IP Address—Enter the IP address or hostname of the remote system to ping.
    • Port Name—Select the port to initiate the ping request.
    • Count—Enter the number of ping requests to send. The range of values is 1 through 100.
    • Size—Enter the size of ping request packets. The range of values, in bytes, is 64 through 65,535.
  3. Click Ping option.
    Figure 2: Check Connectivity to Host Using Ping Check Connectivity to Host Using Ping

    The output displays the details of hops as IP addresses in the path to a given destination.

Release WAN DHCP

You can release the DHCP lease on a WAN Edge device. This option lets you release client devices from their current DHCP lease.

  1. In WAN Edge Testing tools window, click WAN DHCP Release.
  2. Select the port name from Port Name drop-down and click Release.
    Figure 3: WAN DHCP Release (Session Smart Routers) WAN DHCP Release (Session Smart Routers)

    The output displays the details of response to your request.

Bounce Port

Use the Bounce Port tool to run soft bounce port test on your Session Smart Router.

  1. In WAN Edge Testing tools window, click Bounce Port.
  2. Specify the interface name (example: ge-0/0/0).
    Figure 4: Bounce Port (Session Smart Router) Bounce Port (Session Smart Router)
  3. Click Soft Bounce Port. This test provisionally takes the port down and brings the port up without causing the external physical link to change. The connected devices will not see a link state change.

Traceroute on Session Smart Routers

Traceroute is a network diagnostic tool that traces the path an IP packet takes across networks, revealing the sequence of routers (hops) it takes along the way

To initiate traceroute utility:

  1. In WAN Edge Testing tools window, click Traceroute.
  2. Enter the following options:
    • Network—Select the source network from where you want to trace packet.
    • Host—Enter the IP address for the destination site.
  3. Click Traceroute option.
    Figure 5: Initiate Traceroute (Session Smart Routers) Initiate Traceroute (Session Smart Routers)

    The output displays the details of hops as IP addresses in the path to a given destination.

Border Gateway Protocol Test Tools for Session Smart Routers

You can perform the following testing related to a BGP session:

  • Display BGP routes advertised
  • Display BGP routes received
  • Display BGP summary
  • Display BGP Routes
  • Clear BGP routes

Use the following options to perform tests:

  • Use Clear BGP option to clear sessions with all BGP neighbors or with specific BGP peer.

    Figure 6: Clear BGP Sessions (Session Smart Routers) Clear BGP Sessions (Session Smart Routers)

    You have the following options when clearing BGP routes:

    • Neighbor—Select all to or IP address of a BGP peer. Apply this command only to the specified neighbor.

    • Type—Specify how you want to reset a BGP session.

      • Hard Clear—A hard reset terminates the specified peering sessions. This action drops the TCP connection to the neighbors. This setting is not recommended.

      • Soft Clear In—Inbound soft reset on the connections

      • Soft Clear Out—Outbound soft reset on the outgoing connections

    • VRF—(Optional) Specify virtual routing and forwarding (VRF). The action applies only to neighbors for the specified routing instance.

  • Use Summary option to display summary information about BGP and its neighbors.

    Figure 7: View BGP Summary (Session Smart Routers) View BGP Summary (Session Smart Routers)

  • Use Routes option to display BGP routes details. You can use this option to debug the BGP routing table. It shows how the sent or received prefixes from various neighbors are being handled and processed in the BGP table.

    Figure 8: View BGP Routes (Session Smart Routers) View BGP Routes (Session Smart Routers)

    Enter the route prefix or VRF (optional) and click Show Routes. The output display the routing information as it was received through a particular neighbor using BGP.

  • Use Advertised Routes option to display all routes that have been advertised to the specified neighbor.

    Figure 9: BGP Advertized Routes (Session Smart Routers) BGP Advertized Routes (Session Smart Routers)

    Enter the IP address of neighbor router and click Show BGP Advertised Routes. Output displays the routes that your device has advertised to the peer router during the current BGP session.

  • Use Received Routes option to display all received routes from the specified neighbor.

    Figure 10: BGP Received Routes (Session Smart Routers) BGP Received Routes (Session Smart Routers)

    Enter the IP address of neighbor router and click Show BGP Received Routes. The output display the routing information as it was received through a particular neighbor using BGP.

FIB Testing Tool

Use this information to look up the forwarding information base (FIB) data associated with the selected WAN Edge device. You can also look up the FIB data by application.

  • In WAN Edge Testing tools window, click FIB Lookup.
  • Enter the following options and click Show FIB:
    • Network—Name of the network to perform the FIB lookup.
    • Destination Port—Destination port of the route.
    • Destination IP—Destination IP address of the route.
    • Protocol—Transport protocol of the packet.
    Figure 11: FIB Lookup FIB Lookup
  • If you select FIB By Application, enter the following details to filter by and click Show FIB:
    • Application—Name of the application to perform the FIB lookup for. Applications represent traffic destinations.
    • VRF—Virtual routing and forwarding instance.
    • Prefix—IP address prefix.
    Figure 12: FIB By Applications FIB By Applications

    The table displays entries matching the specified application, VRF, or IP address prefix.

Applications for Session Smart Routers

You can use the Applications section to see the Path information for the selected application. You can also display the sessions for an application, as well as delete them.

  1. In the WAN Edge Testing Tools window, under Applications, select Path.
  2. Select the appropriate Application Name, then select Show Path.
    Figure 13: Show Path Show Path
    The following information about the path will display:
    Table 1: Show Path

    Column

    Definition

    Service

    The selected application name.

    Type

    The type of path.

    Destination

    The destination IP address for packets traveling on the path.

    Next-hop

    The next hop address where the Session Smart Router will route the session.

    Interface

    The name of the network interface that will be used to send the route along the path.

    Vector

    The name of the vector assigned to the path. The vector is associated with a cost that indicates path preference.

    Cost

    Indicates path preference.

    Rate

    A snapshot of the rate at which sessions are created for the service.

    Capacity

    The load balancing capacity that has been set for the path.

    State

    The current state of the path (Up or Down).

    Meet SLA

    Whether the path is meeting the minimum required Service Level Agreement (Yes or No).

The Sessions testing tool has been enhanced with options to view session details. You can also delete sessions if needed. Deleting a session may be useful in situations where a stuck session was created and traffic is not able to be sent in both directions on the path due to upstream problems. These options help in debugging scenarios.

  1. In the WAN Edge Testing tools window, under Applications, select Sessions.
  2. Select an Application Name, then select Show Sessions. The following information about the path will display:

    Column

    Definition

    Session ID

    The session identifier.

    Direction

    The direction the flow is heading (forward or reverse).

    Service

    The selected application name.

    Tenant

    The name of the tenant attempting to access the service.

    Device Interface

    The name of the device interface the flow is arriving on.

    Network Interface

    The name of the network interface the flow is arriving on.

    Protocol

    Which routing protocol the flow is using (TCP, UDP, etc).

    Source IP

    The source IP address for the flow.

    Source Port

    The source port for the flow.

    Destination IP

    		 Represents the destination IP address of the flow.

    Destination Port

    		 Represents the destination port for the flow.
    NAT IP The Network Address Translated destination IP address.
    NAT Port The Network Address Translated destination port.
    Payload Encrypted True or False.

  3. To delete a session, select the checkbox to the left of the session, then click the Delete Selected button.

    Figure 14: Show Sessions and Delete Sessions Show Sessions and Delete Sessions

  4. To delete all sessions, select the Delete All Sessions button. You will be asked to confirm the delete action. Click Delete.

    Figure 15: Delete All Sessions Delete All Sessions

Address Resolution Protocol for Session Smart Routers

The Refresh ARP tool is typically used during troubleshooting scenarios to remove Address Resolution Protocol (ARP) entries from a Session Smart Router or node's ARP cache. The tool has multiple filters, allowing administrators to specify which entry to remove.

  1. In the WAN Edge Testing Tools window, under Address Resolution Protocol, select Refresh ARP.
  2. Enter the following details to filter by and click Refresh ARP::

    • Port Name—If you select a port name and then click Refresh ARP, it refreshes all ARP Entries for that port.

    • VLAN—By specifying a VLAN tag in addition to the Port Name, this enables you to refresh any ARP entries with that port and VLAN tag.

    • IP Address—You can also enter an IP address here and then click Refresh ARP to refresh only that single ARP entry.

      Figure 16: Refresh ARP Refresh ARP

Testing Tools for SRX Series Firewalls

Traceroute on SRX Series Firewalls

Traceroute is a network diagnostic tool that traces the path an IP packet takes across networks, revealing the sequence of routers (hops) it takes along the way

To initiate Traceroute utility on SRX Series Firewalls:

  1. In WAN Edge Testing tools window, click Traceroute and select one of the following options:
    • UDP
    • ICMP
  2. Enter the following details for ICMP:
    Figure 17: ICMP-Based Traceroute ICMP-Based Traceroute
    • Hostname—Enter the IP address or hostname of the remote system to ping.
    • Timeout—Enter the time until which the device waits for a response from the remote host to a packet sent before considering timeout. The range of values is 60 through 3600 seconds. Default value is 60 seconds.
    • VRF—Name of the routing instance present on the device.
  3. Enter the following details for UDP:
    Figure 18: UDP-Based Traceroute UDP-Based Traceroute
    • Hostname—Enter the IP address or hostname of the remote system to ping.
    • Port—Base port number to use in traceroute probes. The range is 1 through 65535. Default value is 33434.
    • Timeout—Enter the time until which the device waits for a response from the remote host to a packet sent before considering timeout. The range of values is 60 through 3600 seconds. Default value is 60 seconds.
    • VRF—Name of the routing instance present on the device.
  4. Click Traceroute.

    The output displays the details of hops as IP addresses in the path to a given destination.

Ping Tests on SRX Series Firewall

Use the Ping tool to send Internet Control Message Protocol (ICMP) echo requests to a specified host. You can use this command to check if a particular host is reachable at a particular IP address.

  1. In WAN Edge Testing tools window, click Ping.
  2. Enter the following options:
    Figure 19: Check Connectivity to Host Using Ping (SRX Series Firewall) Check Connectivity to Host Using Ping (SRX Series Firewall)
    • Hostname—Enter the hostname of the remote system to ping.
    • Count—Enter the number of ping requests to send. The range of values is 1 through 100.
  3. Click Ping. The output displays the details of hops as IP addresses in the path to a given destination.

Bounce Port

Use the Bounce Port tool to restart any unresponsive ports on your firewall.

  1. In WAN Edge Testing tools window, click Bounce Port.
  2. Specify the interface name (example: ge-0/0/0) and then click Bounce Port.
    Figure 20: Bounce Port (SRX Series Firewall) Bounce Port (SRX Series Firewall)

Border Gateway Protocol Test Tools for SRX Series Firewalls

You can perform the following testing related to a BGP session:

  • Display BGP summary
  • Display BGP routes received
  • Display BGP routes advertised
  • Clear BGP routes

Use the following options to perform tests:

  • Use Show BGP Summary option to display summary information about BGP and its neighbors.

    Figure 21: View BGP Summary (SRX Series Firewalls) View BGP Summary (SRX Series Firewalls)

  • Use Advertised Routes option to display all routes that have been advertised to the specified neighbor.

    Figure 22: BGP Advertized Routes (SRX Series Firewalls) BGP Advertized Routes (SRX Series Firewalls)

    Enter the IP address of neighbor router and click Show BGP Advertised Routes. Output displays the routes that your device has advertised to the peer router during the current BGP session.

  • Use Received Routes option to display all received routes from the specified neighbor.

    Figure 23: BGP Received Routes (SRX Series Firewalls) BGP Received Routes (SRX Series Firewalls)

    Enter the IP address of neighbor router and click Show BGP Received Routes. The output display the routing information as it was received through a particular neighbor using BGP.

  • Use Clear BGP option to clear sessions with all BGP neighbors or with specific BGP peer.

    Figure 24: Clear BGP Sessions (SRX Series Firewalls) Clear BGP Sessions (SRX Series Firewalls)

    You have the following options when clearing BGP routes:

    • Neighbor—Select all to or IP address of a BGP peer. Apply this command only to the specified neighbor.

    • Type—Specify how you want to reset a BGP session.

      • Hard Clear—A hard reset terminates the specified peering sessions. This action drops the TCP connection to the neighbors. This setting is not recommended.

      • Soft Clear In—Inbound soft reset on the connections

      • Soft Clear Out—Outbound soft reset on the outgoing connections

    • VRF—(Optional) Specify virtual routing and forwarding (VRF). The action applies only to neighbors for the specified routing instance.

Related Documentation