Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

IP Monitoring Overview

IP monitoring is a technique that checks the reachability of an IP address or a set of IP addresses and takes an action when the IP address is not reachable. The action that IP monitoring takes can be one of the following:

  • Add a new route that has a higher priority (lower preference) value than a route configured through the CLI.

  • Enable a backup interface.

  • Add a weight to a redundancy group.

After one of these actions is taken, reachability probes are executed. When the probes begin to succeed, the action taken by IP monitoring is reversed.

IP monitoring is supported on all branch SRX Series devices from the SRX100 to the SRX650 running the following software release:

  • IP monitoring with route failover is supported in Juniper Networks Junos® operating system (Junos OS) Release 11.2 R2 and later.

  • IP monitoring with interface failover is supported for high availability on Junos OS Release 11.4 R2 and later.

For information about IP monitoring for high availability, see: https://www.juniper.net/documentation/en_US/junos12.1x45/topics/example/chassis-cluster-redundancy-group-ip-address-monitoring-configuring-cli.html. IP monitoring for high availability is not discussed in this document.

IP monitoring is a very handy tool for automatic backup scenarios. It enhances backup WAN connectivity. It can be used:

  • If you have an expensive or pay-per-bit backup link such as 3G/4G LTE and want to enable it only when reachability through the primary WAN link fails.

  • If performance parameters including latency and jitter are affecting the primary WAN connection, and you want to automatically select a backup WAN connection to avoid possible performance degradation.

  • If you have two routes to a destination but want to use a specific route only if the path to the destination through the other route is not available.

Note:

There are circumstances in which two routes are present, but the destination is not reachable if you pick a particular route.

The following limitations exist with IP monitoring:

  • With IP monitoring with route failover, you do not have the ability to specify the preference value for a route.

  • Also, you do not have the ability to stop the fail-back of a backup interface or an injected route back to the primary interface or route. If the reachability of the monitored IP address flaps, you might get into a scenario where the system keeps flapping between the primary and backup route or interface. Currently IP monitoring with route failover does not have the ability to stop this.

  • The backup interface for IP monitoring with interface failover cannot be a secure tunnel interface. However, the IPsec VPN feature has a feature called VPN monitoring which accomplishes the same thing.