Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 12

Orion and Juniper?

We have a large Cisco environment and are using the Orion Platform for monitoring and management (NPM, NCP, NTA, VNQM, and UDT)

We may be moving area of our environment over to Juniper.

My question is "What is your experience in using the Orion Platform to monitor and manage a Juniper Environment?"

Is the out-of-box monitoring usable, is it equal to the Cisco device support?

What about Configuration Management?

Any help with this be appreciated.

Thank you for your time and input.

Labels (2)
Tags (1)
0 Kudos
6 Replies
Level 16

Hi saw10

Juniper “out of the box” defently works much better cisco nexus

The only extra poller you need to deploy is the red /yellow until we get that in place..

0 Kudos
Level 12

I am very used to UnDP and have seen Red/Yellow in the forums.  Being very new to the Juniper Platform I need to understand what I am "looking at".

Thank You for the info

0 Kudos
Level 14

We utilize Orion extensively with both Cisco and Juniper. The basic datapoints for most Juniper equipment is there, right out of the gate. For example, interface stats, hardware health, CPU, etc. We've been using Orion for more than a decade and I haven't found too much that it can't do without a bit of customization, such as using the Universal Device Poller to get non-default stats like SRX firewall sessions or individual line card hardware statistics. NCM, on the other hand, does not really know how to deal with Juniper in the sense that you cannot view a configuration, then edit it in NCM and upload that configuration change. That said, you can certainly make config changes with it, but you cannot *edit* configs in NCM and just upload the changes because of how Juniper command and config structure is different. It can be done by using NCM to save the 'set' version of the config, but then it's difficult to read.

0 Kudos
Level 12

Good Information - I am used to gathering Non-Cisco Configs so this should not be an issue.  I am not to concerned now about the use of Orion.

Thank You for the insight.

0 Kudos
Level 14

One thing I should mention is the difference between Juniper and Cisco interfaces. In Cisco, there is, for the most part, only one "interface" to monitor. For instance, if you have an interface called 'Gi0/0/0', all you need to do to monitor everything for that interface is to add it to Orion and sit back and watch. With Juniper, there are essentially two interfaces - a physical interface and a logical interface. The physical interface is where the stats for most things come from and in most cases, is the only interface you need to monitor. Example: In a Juniper MX router, you might have an interface ge-0/0/0. Once you configure a protocol family such as 'inet', inet6', or 'bridge', another interface will pop up in your SNMP queries, ge-0/0/0.0. You don't really need to monitor that interfaces in, again, most cases. This is important because if you don't have the SLX license of Orion, this interface adds to your element count, effectively doubling your license usage.

The only time I ever monitor a logical interface on a Juniper is if the interface is VLAN tagged and that logical interface is a different VLAN. Example: ge-0/0/0.5 (VLAN ID 5), ge-0/0/1.899 (VLAN ID 899). In that case, the individual unit number does provide traffic statistics for that VLAN. The only other "useful" stats I ever really needed from logical interfaces was queue statistics for QoS monitoring. But that's a whole different beast and not exactly easy to monitor in Orion.

0 Kudos

Piggybacking on this, SOME juniper hardware you need to monitor the physical port for things like bandwidth etc, but then there are a couple model lines where you have to monitor the logic ports instead.  It's been about a year since I was working with a client who had that issue but it was super confusing for us until we were able to pin it down to that model within their environment.

On the UDT side I recall us also having to poke around quite a bit to be sure we were tracking the correct ports for MAC and User info since they didn't have unlimited licenses.

- Marc Netterfield, Github
0 Kudos