Hi Steven, Maybe look at BGP to the customer's own router/firewall? Private AS and they advertise their allocated prefix from your PA and you advertise a default route back. You still need to consider the customer's own upstream next-hop behaviour - BGP is perhaps the most straightforward in this respect. VRRP could get messy, especially as the subinterface/unit remains up on your edge.
Alternatively, if the customer can't speak BGP, you could steer traffic towards their routers using BGP route servers. e.g. inject the customer prefix from a central "intelligence" box based on ICMP/SNMP/etc reachability of their interfaces at the end of the circuit(s). ExaBGP ( https://github.com/Exa-Networks/exabgp) is worth a look for this. The customer will still need to figure out which upstream path is working with their own mechanisms though (perhaps ICMP or ARP reachability). Cheers, Rich. Network Architect Exa Networks Ltd :: AS30740 richard.halfpe...@exa.net.uk On Tue, 28 Mar 2023 at 12:40, Steven Maddox via uknof < uknof@lists.uknof.org.uk> wrote: > Lo, > > We use Juniper MX series routers, and take various NNI services from > operators like TalkTalk, BT Wholesale, etc... Essentially each VLAN they > present on the same particular Juniper interface is a different leased > line. > > But if a leased line goes down, that subinterface (a Juniper 'unit' with > a vlan-id on it) doesn't go down. So a) we don't get any alerts, and b) > if the customer has a backup leased line, our systems don't know to > automatically swap to that. > > After checking with people like BT Wholesale, it would seem they do get > OAM-CFM from Openreach, but then neglect to actually pass that upstream > to us. How common is this likely to be with other suppliers? does > anyone know if there is something stopping BT Wholesale (or others?) > from passing back this information? > > We know we could supply our own hardware to the customer. But that > would mean the customer would have the Openreach ADVA NTU, plus their > own router (of their choosing), *and* a third box from us (sitting in > between the other two) acting as another NTU... just for this one > purpose of generating our own OAM-CFM. > > Although we deal with Openreach directly for exchanges we've opened up > locally (so locally we don't have this issue)... if we're providing > leased lines further afield (e.g. sold via BT Wholesale, TalkTalk, > etc...) then we can't guarantee a timely replacement of such an extra > NTU (that we've supplied) should it fail, as we don't have engineers > that far out. > > One thought was to monitor a thing that the customer was likely to have. > This might be to poll for ICMP or listen for BFD polls from their > router, and then if it stops... to have the Juniper disconnect what that > unit is connected to (e.g. a psuedowire across our MPLS core to where IP > or VPLS services are delivered) but continue to listen on the unit to > see if it comes back. But there doesn't seem to be any elegant > configuration to do this, that we're aware of. > > Just wondering if anyone had encountered this scenario before and what > might be best practice? > > Thanks > > -- > Steven Maddox > Business Systems Engineer > Internet Central Limited > > Registered in England & Wales number 03079542 at Ivy House Foundry, > Stoke-on-Trent, ST1 3NR. VAT registration number GB278923705. Read our > disclaimer at http://ic.uk/legal before acting on this e-mail. > > >
