Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Additional Features and Services

This document describes the additional features and services that you can configure on a Juniper Mist™ Edge appliance.

Autopreemption

An access point (AP) will failover to the next Edge appliance within the Layer 2 (L2) cluster or to its backup Layer 3 (L3) cluster in the following instances:

  • During a temporary network disruption

  • When an AP is unable to reach or exchange hellos successfully with its preferred edge

Autopreemption is a mechanism through which APs are nudged to terminate the tunnels on the preferred peer, assuming that the peer is reachable.

The feature is disabled by default. With the default presets, if an AP tunnel fails over to a nonpreferred Edge appliance, the AP continues forwarding traffic to that appliance. You can move these AP tunnels manually by preempting or disconnecting the tunnels through the API or the Juniper Mist portal.

You can configure preemption at individual Mist tunnels. When you enable this feature, the cloud orchestrates the preemption and slowly moves the AP tunnels to preferred Edge appliances to cause the least traffic disruption. A service running in the cloud monitors for any APs that have failed over from a preferred Edge appliance, given that the appliance is up and healthy.

Based on the options selected from the following list, the cloud nudges the AP to disconnect from the current Edge appliance and move to the preferred peer. Clients on the AP are not deauthenticated.

  • Every 15 minutes—If the connectivity between the APs and the Mist Edge cluster is jittery, AP tunnels may end up failing over to a Mist Edge from a secondary cluster. This failover may cause clients to do get renewed IP addresses from the DHCP server, if the secondary edge is in an L3-separated data center with a different IP schema. In such cases, we recommend that you use the option of Every 15 minutes.

    Note:

    In most cases you do not need this setting of Every 15 minutes. We recommend you to use Time of the day for off hours.

  • Time of the day—You can specify a time of the day during which you want to move APs back to the preferred edge, if the APs have failed over between the specified times. We recommend choosing a day and time of day when your network is least busy.

Autopreemption

Anchor Tunnel

In specific deployments where traffic must be tunneled to a DMZ area deeper in the data centers, you can use anchor tunnels. Anchor tunnels enable you to configure Juniper Mist Edge to carry all traffic to DMZ and to tunnel specific traffic to another Mist Edge. You configure an anchor tunnel from the Mist Tunnel page.

Anchor Tunnel

Critical Resource Monitoring (CRM)

You can configure Juniper Mist Edge to monitor the health of the upstream resources. This configuration helps determine the reachability of those resources from the Juniper Mist Edge data ports. If the health check of the upstream resource fails, the Juniper Mist Edge prompts the APs to failover to the next member and shuts down the tunnel terminator service temporarily. The shutdown continues until the upstream resources are healthy and reachable again.

Critical Resource Monitoring (CRM)

You can configure the upstream resource monitoring on the Mist Cluster page. The option is disabled by default. Protocols to monitor a resource include ARP, PING, and TCP. You can configure multiple resources using different protocols to monitor the health check. Even if one of the health checks fails, the Juniper Mist Edge prompts the APs to failover to another edge. Commonly used health checks are ARPing or PINGing the default gateways.

Alerts

The Alerts Dashboard gives you visibility into issues with Mist Edge devices deployed across your sites. The dashboard provides information about all alerts that you enable on the Alerts Configuration page. You can also enable e-mail notifications for issues that you want to monitor closely or forward the alerts as webhooks. For information about configuring alerts, see Configure Alerts and Email Notifications. For information about webhook alerts, see Webhooks and Alerts.

You can configure alerts to monitor:

  • Resource usage

  • Cloud connection status

  • PSU status

  • Power cable status

  • Service status

For a list of alerts that you can enable for your Mist Edge device, see Juniper Mist Alert Types.

Here is a sample screenshot that shows the alerts for Mist Edges:

QoS

By default, Mist Edge tunnels the packets by preserving the inner packet’s DSCP by copying it onto the outer L2TP packet. Juniper Mist Edge can also run DHCP Proxy and IGMP snooping services that are configured under the specific Juniper Mist Edge page.