Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Configuring TLB

The following topics describe how to configure TLB. To create a complete application, you must also define interfaces and routing information. You can optionally define firewall filters and policy options in order to differentiate TLB traffic.

Loading the TLB Service Package

Load the TLB service package on each service PIC on which you want to run TLB.

Note:

For Next Gen Services and the MX-SPC3 services card, you do not need to load this package.

To load the TLB service package on a service PIC:

  • Load the jservices-traffic-dird package.

    For example:

Configuring a TLB Instance Name

Before configuring TLB, enable the sdk-service process by configuring system processes sdk-service enable at the [edit] hierarchy.

To configure a name for the TLB instance:

  • At the [edit services traffic-load-balance] hierarchy level, identify the TLB instance name.

    For example:

Configuring Interface and Routing Information

To configure interface and routing information:

  1. At the [edit services traffic-load-balance instance instance-name] hierarchy level, identify the service interface associated with this instance.

    For example, on an MS-MPC:

    For example, for Next Gen Services on an MX-SPC3:

  2. Enable the routing of health-check packet responses from real servers to the service interface that you identified in Step 1.

    For example, on an MS-MPC:

    For example, on an MX-SPC3:

  3. Specify the client interface for which an implicit filter is defined to direct traffic in the forward direction. This is required only for translated mode.

    For example:

  4. Specify the virtual routing instance used to route data traffic in the forward direction to servers. This is required for SLT and Layer 3 DSR; it is optional for Layer 2 DSR.

    For example:

  5. Specify the server interface for which implicit filters are defined to direct return traffic to the client.
    Note:

    Implicit filters for return traffic are not used for DSR.

    For example:

  6. (Optional) Specify the filter used to bypass health checking for return traffic.

    For example:

  7. Specify the virtual routing instance in which you want the data in the reverse direction to be routed to the clients.

    For example:

    Note:

    Virtual routing instances for routing data in the reverse direction are not used with DSR.

Configuring Servers

To configure servers for the TLB instance:

Configure a logical name and IP address for each server to be made available for next-hop distribution.

For example:

Configuring Network Monitoring Profiles

A network monitoring profile configures a health check probe, which you assign to a server group to which session traffic is distributed.

To configure a network monitoring profile:

  1. Configure the type of probe to use for health monitoring — icmp, tcp, http, ssl-hello, tls-hello,or custom.
    Note:

    icmp probes are supported only on MS-MPC cards.

    Next Gen Services and the MX-SPC3 do not support ICMP probes in this release.

    • For an ICMP probe:

    • For a TCP probe:

    • For an HTTP probe:

    • For an SSL probe:

    • For a TLS-Hello probe:

    • For a custom probe:

  2. Configure the interval for probe attempts, in seconds (1 through 180).

    For example:

  3. Configure the number of failure retries, after which the real server is tagged as down.

    For example:

  4. Configure the number of recovery retries, which is the number of successful probe attempts after which the server is declared up.

    For example:

Configuring Server Groups

Server groups consist of servers to which traffic is distributed by means of stateless, hash-based session distribution and server health monitoring.

To configure a server group:

  1. Specify the names of one or more configured real servers.

    For example:

  2. Configure the routing instance for the group when you do not want to use the default instance, inet.0.

    For example:

  3. (Optional) Disable the default option that allows a server to rejoin the group automatically when it comes up.
  4. (Optional) Configure the logical unit of the instance’s service interface to use for health checking.

    1. Specify the logical unit.

    2. Enable the routing of health-check packet responses from real servers to the interface.

    For example:

  5. Configure one or two network monitoring profiles to be used to monitor the health of servers in this group.

    For example:

Configuring Virtual Services

A virtual service provides an address that is associated with a the group of servers to which traffic is directed as determined by hash-based or random session distribution and server health monitoring. You may optionally specify filters and routing instances to steer traffic for TLB.

To configure a virtual service:

  1. At the [edit services traffic-load-balance instance instance-name] hierarchy level, specify a non-zero address for the virtual service.

    For example:

  2. Specify the server group used for this virtual service.

    For example:

  3. (Optional) Specify a routing instance for the virtual service. If you do not specify a routing instance, the default routing instance is used.

    For example:

  4. Specify the processing mode for the virtual service.

    For example:

  5. (Optional) For a translated mode virtual service, enable the addition of the IP addresses for all the real servers in the group under the virtual service to the server-side filters. Doing this allows you to configure two virtual services with the same listening port and protocol on the same interface and VRF.
  6. (Optional) Specify a routing metric for the virtual service.

    For example:

  7. Specify the method used for load balancing. You can specify a hash method that provides a hash key based on any combination of the source IP address, destination IP address, and protocol, or you can specify random.

    For example:

    or

    Note:

    If you switch between the hash method and the random method for a virtual service, the statistics for the virtual service are lost.

  8. For a translated mode virtual service, specify a service for translation, including a virtual-port, server-listening-port, and protocol.

    For example:

  9. Commit the configuration.
    Note:

    In the absence of a client-interface configuration under the TLB instance, the implicit client filter (for VIP) is attached to the client-vrf configured under the TLB instance. In this case, the routing-instance under a translate mode virtual service cannot be the same as the client-vrf configured under the TLB instance. if it is, the commit fails.

Configuring Tracing for the Health Check Monitoring Function

To configure tracing options for the health check monitoring function:

  1. Specify that you want to configure tracing options for the health check monitoring function.
  2. (Optional) Configure the name of the file used for the trace output.
  3. (Optional) Disable remote tracing capabilities.
  4. (Optional) Configure flags to filter the operations to be logged.

    Table 1 describes the flags that you can include.

    Table 1: Trace Flags

    Flag

    Support on MS-MPC and MX-SPC3 Cards

    Description

    all

    MS-MPC and MX-SPC3

    Trace all operations.

    all-real-services

    MX-SPC3

    Trace all real services.

    config

    MS-MPC and MX-SPC3

    Trace traffic load balancer configuration events.

    connect

    MS-MPC and MX-SPC3

    Trace traffic load balancer ipc events.

    database

    MS-MPC and MX-SPC3

    Trace database events.

    file-descriptor-queue

    MS-MPC

    Trace file descriptor queue events.

    inter-thread

    MS-MPC

    Trace inter-thread communication events.

    filter

    MS-MPC and MX-SPC3

    Trace traffic load balancer filter programming events.

    health

    MS-MPC and MX-SPC3

    Trace traffic load balancer health events.

    messages

    MS-MPC and MX-SPC3

    Trace normal events.

    normal

    MS-MPC and MX-SPC3

    Trace normal events.

    operational-commands

    MS-MPC and MX-SPC3

    Trace traffic load balancer show events.

    parse

    MS-MPC and MX-SPC3

    Trace traffic load balancer parse events.

    probe

    MS-MPC and MX-SPC3

    Trace probe events.

    probe-infra

    MS-MPC and MX-SPC3

    Trace probe infra events.

    route

    MS-MPC and MX-SPC3

    Trace traffic load balancer route events.

    snmp

    MS-MPC and MX-SPC3

    Trace traffic load balancer SNMP events.

    statistics

    MS-MPC and MX-SPC3

    Trace traffic load balancer statistics events.

    system

    MS-MPC and MX-SPC3

    Trace traffic load balancer system events.

  5. (Optional) Configure the level of tracing.
  6. (Optional) Configure tracing for a particular real server within a particular server group.
  7. (Optional) Starting in Junos OS Release 16.1R6 and 18.2R1, configure tracing for a particular virtual service and instance.
Release History Table
Release
Description
16.1R6
Starting in Junos OS Release 16.1R6 and 18.2R1, configure tracing for a particular virtual service and instance.