[AusNOG] Email on route change (Juniper SRX)

Mark Tees mark.tees at digitalpacific.com.au
Mon Feb 10 12:48:47 EST 2014 

I think options 2 and 3 from your monitoring server would probably be pretty easy. Syslog message matching is another option.

Polling from your monitoring station you could connect directly to the netconf port via SSH and run XML RPCs to get what you need or run commands directly via SSH to get what you need:

home:~ mark$ ssh XXX.XXX "show route 8.8.8.8 | display xml"
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/11.4R5/junos">
    <route-information xmlns="http://xml.juniper.net/junos/11.4R5/junos-routing">
        <route-table>
        </snip>
        </route-table>
    </route-information>
</rpc-reply>

Parsing the via PHP or any other script language should be easy as long as you strip the name spaces. For what you are doing you probably don’t even need to output xml.

I believe you can also run Junos Script directly too.

On 10 Feb 2014, at 12:01 pm, Michael Dale <mdale at dalegroup.net> wrote:

> Hey All,
> 
> I have a number of clients running Juniper SRX firewalls. Many have dual internet connections (ADSL/ADSL, ADSL/3G etc).
> 
> I would like to generate an email when the backup link is in use.
> 
> Due to the way it is setup both links are always active and it is just the route preference that changes.
> 
> Options I’ve thought about include:
> 
> 1) Cacti alert when x amount of traffic goes over backup link (slow and not very accurate).
> 2) Juniper SRX sends an email when the route preference changes (this would be my ideal but cannot see how todo it).
> 3) Some Windows/Linux app that sends an email when the trace route changes (I could write something to track these).
> 
> 2) is what I would love todo, but without purchasing extra hardware/software I don’t believe the SRX can do it :(
> 
> I could probably use the JunoScript script API, I even wrote a basic PHP class for it (some info: http://forums.juniper.net/t5/SRX-Services-Gateway/PHP-example-API/m-p/62975#M17637 ), but again effort.
> 
> Anyone got a simply/quick solution? :D
> 
> Thanks,
> Michael.
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

More information about the AusNOG mailing list