Troubleshoot Session Smart Router Deployed as WAN Edge
Discover efficient methods for troubleshooting your WAN edge device in the Juniper Mist™ portal after the initial deployment phase. This topic provides guidance for system administrators and technical support responsible for maintaining enterprise SD-WAN networks.
Troubleshooting Session Smart WAN Edge Alarms
In this section you’ll configure WAN Edge alarms and e-mail alerts to the administrator.
- From the Mist dashboard, select Monitor > Alerts.
- Filter the alarms for our lab Site, Dallas-FullStack.
Set the Time Range for This Week so we can see some Alerts. Next, we’ll select the Alerts Configuration to set up e-mail notifications.
Note:Under Alerts Configuration, it's best practice for Applies to Scope alerts to be set for the Entire Org (as shown in the screenshot below). You can also specify that alerts be sent to organization administrators and site administrators by selecting the relevant check boxes in the Email Recipient Settings section. Enter emails for additional recipients in the To additional email recipients field.
- Use ENABLE button on the Alerts Configuration in the Email
Notification section. It’s important to note that even for an
administrator, e-mails are disabled by default.
You’re directed to the Enable Email Notifications window where you enable e-mail alerts by selecting the toggle for Enable Org Notifications, and selecting specific sites, in the example below you can see we’re getting notifications for our Dallas-FullStack site.
Now enable the gateway alerts and e-mail notifications for Infrastructure as shown in the options below:
We recommend enabling the WAN edge alerts and e-mail notifications as well.
When a device loses connection to the Juniper Mist cloud, your administrator will receive an e-mail about the event after the issue is resolved. The Alert Details section in the e-mail will direct you to the Alerts page, but you can also look directly at it by seeing the Event reported below:
After the connection to the Juniper Mist cloud has been restored, another e-mail will indicate the status change with a link to the Alerts page, with the second event reported.
Session Smart Router Testing Tools for Troubleshooting
The Session Smart Router in WAN Assurance relies on SLE and Marvis insights for all your troubleshooting actions. An administrator's ability to see beneath the surface of the GUI is limited to the utilities we’ll cover in this section. If you are familiar with the Session Smart Router device and its Programmable CLI (PCLI), which runs the Conductor-based deployments, you’ll have a simplified and streamlined experience diagnosing your WAN Edge device using the Mist UI.
First, we’ll dive into the Utilities button on your selected WAN Edge. Navigate to WAN Edges > WAN Edges, and we’re selecting our Dallas-lab WAN Edge in this example.
In the Utilities menu, you’ll see the options Testing Tools, Send WAN Edge Log to Mist, Reboot WAN Edge, and Upgrade Firmware. Sending the WAN edge device logs to the Juniper Mist cloud and rebooting your selected WAN edge device are straightforward activities. For upgrading firmware, you’ll have a few options for scheduling and version, as you can see in the screenshot below:
For troubleshooting, let’s explore the Testing Tools option in the Utilities menu.
The Testing Tools option allows you to issue ICMP-Ping, identify BGP status reviews, sift through Application and Session knowledge, and review Address Resolution Protocol (ARP) tools for your WAN edge. The Mist UI enables quick troubleshooting for device interfaces and connectivity with pings. In this example, we send an ICMP ping to the public DNS 8.8.8.8. After you select Ping from the Utility section, enter an IP address, and specify the port name and the ping count and size, Mist opens an instance of the Session Smart PCLI for you.
When you select any of the WAN Edge Testing tools for BGP, Mist simplifies the Session Smart PCLI and gathers the information for you. In this example, we see a summary of BGP neighbors and their relevant information by quickly selecting Summary under Border Gateway Protocol and then clicking Show Summary.
Remember that Mist is intent-driven, and the Session Smart Secure Vector Routing (SVR) protocol leverages the sources and destinations in Mist, the networks, and applications to create point-to-point SVR paths. You can diagnose those paths between Session Smart devices in the WAN Edge Testing Tools utility. In this example, we’re looking at the Corp Application. In this example, you’ll also notice that the actual BGP advertisements are sent through SVR.
For SVR, Mist applications are called services in the Session Smart paradigm. For more information about the Session Smart platform, refer to the platform considerations, https://www.juniper.net/documentation/us/en/software/mist/mist-wan/topics/concept/mist-wan-platform-consideration.html.
Finally, let’s explore ARP tools in WAN Edge Testing Tools. In our example, we’ve selected a the table format for displaying the ARP information, and again, the Mist dashboard leverages the Session Smart PCLI for you and generates and generates ARP information for interfaces on node.0.
For deeper insights not shown on the output text of the window, select the output from the Utility in your browser and paste it to an ASCII editor for further review.
The combination of Marvis insights, WAN SLEs, WAN edge insights, and the WAN Edge Testing Tools utility make a complete suite for diagnosis at the WAN edge.
See Also
Troubleshoot Session Smart Routers Using Packet Captures
Juniper Session Smart Router (SSR) ports support manual and dynamic packet captures (PCAP). Packet capture is a tool that helps you to analyze network traffic and troubleshoot network problems. It captures real-time data packets traveling over the network for monitoring and logging.
For more information, see Dynamic and Manual Packet Captures.
Initiate a Manual Packet Capture
Manual packet captures are initiated by users from the WAN Edge Packet capture page.
To initiate manual PCAP for an SSR device:
Go to Site > WAN Edge Packet Captures.
On the WAN tab, click Add WAN Edge + and select an SSR device.
Specify the number of packets captured, packet size in bytes, and the duration of the capture session.
You can click Captured Files to access a manual PCAP file and analyze it.
Access Dynamic Packet Captures
Dynamic packet captures are short-term packet captures automatically triggered by a service impacting event. They are saved to the Mist cloud and are available for you to download in the WAN Edge Events section on the WAN Edge Insights page.
Here are the events which can generate a dynamic packet capture for an SSR device:
- Failure of the ARP request to next-hop gateway
- DHCP address resolution failure
- WAN Edge failure to establish BGP peering based on configuration
- WAN Edge failure to establish SVR peering based on configuration
To download and analyze a dynamic packet capture file:
Go to Monitor > Service Levels. By default, you will land on the Insights tab.
Scroll down to WAN Edge Events section. Each event with a dynamic packet capture file available is indicated by a paperclip icon next to the event name.
Click an event dynamic packet capture and then click the Download Packet Capture button available in the Events Details section on the right.