Hello,
I have the attached design where the SRX cluster is connecting to standalone switches with one uplink. Hence i don't think i need reth interfaces. All the ports of the SRX will be trunk and the IPs will be on the irb.
I'm facing an issue with the failover, it doesn't failover once i disconnect from ge-0/0/3. I found the issue with the cluster interface monitoring and the node priority for RG1 is showing zeros as shown below:
Cluster ID: 1
Node Priority Status Preempt Manual Monitor-failures
Redundancy group: 0 , Failover count: 1
node0 100 primary no no None
node1 1 secondary no no None
Redundancy group: 1 , Failover count: 3
node0 0 primary yes no IF
node1 0 secondary yes no IF
Once I disable cluster interface monitoring the node priorities of RG1 become similar to RG0 which is supposed to be the case normally. I found my problem in this link but they proposed that the issue may be in the reth interface misconfiguration but i don't have reth in my configuration
https://kb.juniper.net/InfoCenter/index?page=content&id=KB19431&actp=METADATA
My questions are:
1- Am i allowed to configure a cluster without reth interfaces
2- Is there any workaround
Below is the configuration:
{primary:node0}[edit]
root@SRX-Active# show chassis cluster
reth-count 4;
redundancy-group 0 {
node 0 priority 100;
node 1 priority 1;
}
redundancy-group 1 {
node 0 priority 100;
node 1 priority 1;
preempt;
interface-monitor {
ge-0/0/3 weight 255;
ge-5/0/3 weight 255;
ge-0/0/4 weight 150;
ge-5/0/4 weight 150;
ge-0/0/5 weight 150;
ge-5/0/5 weight 150;
}
}
{primary:node0}[edit]
root@SRX-Active# show interfaces
ge-0/0/3 {
unit 0 {
description **Link-to-SW1-below**;
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/4 {
unit 0 {
description **Link-to-SW1-upper**;
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/5 {
unit 0 {
description **Link-to-SW2-upper**;
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/15 {
unit 0 {
family inet {
dhcp {
vendor-id Juniper-srx345;
}
}
}
}
cl-1/0/0 {
dialer-options {
pool 1 priority 100;
}
}
ge-5/0/3 {
unit 0 {
description **Link-to-SW4-below**;
}
}
ge-5/0/4 {
unit 0 {
description **Link-to-SW1-upper**;
}
}
ge-5/0/5 {
unit 0 {
description **Link-to-SW2-upper**;
}
}
dl0 {
unit 0 {
family inet {
negotiate-address;
}
family inet6 {
negotiate-address;
}
dialer-options {
pool 1;
dial-string 1234;
always-on;
}
}
}
fab0 {
fabric-options {
member-interfaces {
ge-0/0/2;
}
}
}
fab1 {
fabric-options {
member-interfaces {
ge-5/0/2;
}
}
}
fxp0 {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
}
irb {
unit 0 {
family inet {
address 192.168.2.1/24;
}
}
}
No comments:
Post a Comment