Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

VPN Monitoring and Diagnostics

The VPN Module together with the Online Module provides you with VPN monitoring and diagnostics capabilities for a live router network.

Note:

This feature requires the Online Module.

This feature requires the Online Module. First you would need to perform network data collection using the Task Manager . Upon completion of network configuration collection, the program constructs the network model that includes all the configured VPNs in the network.

For a PE router, you may run “show” commands (accessible via the Run CLI... menu by right-clicking on a node in the topology map). Click the arrow next to the Commands list to select a VPN category to view the available CLI commands for VPNs.

To observe the network traffic condition (e.g. between PE and CE), periodic sampling of interface traffic statistics is performed by the Task Manager. The collected interface data can then be accessed in the form or reports and charts. The following figure shows a PE->CE interface traffic chart for router SFO.

Figure 1: PE->CE Interface Traffic Chart (For PE Router SFO)Network traffic chart showing Interface Traffic for SFO 10.40.0.1 - fe-0/0/2.0 with time on X-axis and traffic in bps on Y-axis. Purple line for Egress bps and green line for Ingress bps.

In the Report Manager, a VPN Interface Traffic report is available under Network Reports > VPN that lets you see the interface traffic for each node of each VPN, as shown in the following figure.

Figure 2: VPN Interface Traffic ReportScreenshot of a network reporting tool showing VPN traffic data with options to explore, sort, and filter reports.

To verify connectivity and to measure delay and loss, you can also perform VPN diagnostics (e.g., CE-CE Ping and Traceroute) as shown in the following figures.

Figure 3: Ping/trace Route Between Routers from the IP VPN WindowNetwork management interface for IP VPNs showing a left panel with network configuration, a top right panel with VPN_B diagnostics, and a bottom panel with Ping/Trace Route tools.

From the right-click menu of the VPNView topology, you can many functions (e.g. path tracing, running CLI commands, and connect to device).

With Java Web Start installed, you may also perform VPN monitoring and diagnostic functions from a web browser, as well as to access VPN-related reports and charts. The following figures are meant illustrate just some of the web features available.

Figure 4: VPN View From the WebVPN information for VPN_B in IP/MPLSView 4.4.0, detailing PE router, VRF, route distinguisher, target export/import, protocol, and IP addresses.
Figure 5: View PE->CE Interface TrafficVPN_B_ network monitoring interface showing Router Name SFO, VRF Name VPN-B-TPE3640, Layer 3, Route Distinguisher 1080:2, Export and Import Route Target 1080:01, Protocol ospf/static, PE Name fe-0/0/0.0, PE IP 10.0.15.2/30, CE Name TPE3640, CE IP 10.0.15.1/30, Bandwidth 100.000M. Traffic graph shows Egress bps red line, Egress bps Ref black line, Ingress bps green line, Ingress bps Ref blue line over time.
Figure 6: Show PE StatusStatus page for Juniper Networks M5 Router showing system description, vendor, startup date, system name SFO, chassis version, ID, CPU usage 1 percent, memory 15 percent, temp 33C.
Figure 7: Access VPN Summary InformationIP/MPLSView interface for managing VPNs and MPLS networks by WANDL. Title bar shows Web IP/MPLSView Main. Navigation tabs for Main, Live Network, Network Reports, Web Client, Admin, Logout, and Help. VPN list shows L2KOMP, TEST1, VPN_A, VPN_B, WANDL_L2KOMP. VPN_B expanded with ATL and SFO. Summary for VPN_B includes PE List, VRF, Ingress and Egress Traffic. No traffic data retrieved. Option for ping test between endpoints TPE3640 10.0.15.1 and LDN2600 10.0.6.1.