Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    service-set (Aggregated Multiservices)

    Syntax

    service-set service-set-name {interface-service {load-balancing-options {hash-keys {egress-key (destination-ip | source-ip);ingress-key (destination-ip | source-ip);}}service-interface interface-name.unit-number;}}

    Hierarchy Level

    [edit services]

    Release Information

    Statement introduced before Junos OS Release 7.4.

    Support for aggregated multiservices (AMS) interfaces introduced in Junos OS Mobility Release 11.2W.

    Description

    Configure the service set with aggregated multiservices (AMS) for load balancing in service applications. Currently, Network Address Translation (NAT), stateful firewall, application-level gateway (ALG), and mobility are the service applications supported.

    The following ALGs are currently supported:

    • FTP
    • Internet Control Message Protocol (ICMP)
    • Point-to-Point Tunneling Protocol (PPTP)
    • Real-Time Streaming Protocol (RTSP)
    • SQL *Net
    • TCP
    • traceroute
    • Trivial File Transfer Protocol (TFTP)
    • UDP

    AMS for service applications (NAT, stateful firewall, ALG) can be used for load balancing with or without high availability. Many-to-one (N:1) high availability (HA) is supported for service applications (NAT, stateful firewall, ALG). In this case, one multiservices PIC is the backup for one or more (N) active multiservices PICs. If one of the active multiservices PICs goes down, then the backup replaces it as the active multiservices PIC. When the failed PIC comes back online, it becomes the new backup. This is called floating backup mode.

    Note: In high availability for service applications, the configuration state is synchronized to the backup. However, the operational state of the active members is not synchronized to the backup. Therefore, in the case of failure, existing flows meant for the failed member are lost.

    The following conditions are applicable if you use AMS for load balancing in service applications:

    • All the member interfaces of the AMS interface must have the same packages configured for the respective service applications. For example, if mams-5/0/0 is the active member and mams-5/1/0 the backup, then both mams-5/0/0 and mams-5/1/0 must have the same packages.
      • For NAT, the member interfaces must have the jservices-nat package configured.
      • For stateful firewall, the member interfaces must have the jservices-sfw package configured.
      • For ALG, the member interfaces must have the jservices-alg package configured.
    • The size of the object cache (object-cache-size) and the size of the policy database (policy-db-size) must be appropriately configured so that the memory requirements of the services application policy database are met.
    • Currently, AMS member PICs operate only in 64-bit mode. Therefore the boot-os embedded-junos64 configuration, at the [edit chassis fpc slot-number pic pic-number adaptive-services service-package extension-provider] hierarchy level, is mandatory for all member interfaces.

    The remaining statements are explained separately.

    Options

    service-set-name

    Name of the service set.

    Required Privilege Level

    interface—To view this statement in the configuration.

    interface-control—To add this statement to the configuration.

    Published: 2011-11-22