Cluster Failover, sort of working

Markw78 · ‎01-11-2011

I have 2 SRX 240, and 2 switches in a stack.

SRX1 and SRX2 are connected via Cross-Over cable for Data and Control links.

SRX1 has LAN, DMZ, WAN interfaces all going to Switch1

SRX2 has LAN, DMZ, WAN interfaces all going to Switch2

Switch1 and Switch2 are a stack, so logically 1 switch with the redundancy of having 2.

If I remove power from a SRX, failover occurs.

If SRX2 is active, and I remove power from Switch2, no failover occurs even though SRX2 lost link.

What am I missing? I thought it would failover because it lost link on other reths... They are all part of the same redundancy group.

chassis {
    cluster {
        reth-count 3;
        redundancy-group 0 {
            node 0 priority 100;
            node 1 priority 1;
        }
        redundancy-group 1 {
            node 0 priority 100;
            node 1 priority 1;
        }
    }
}
interfaces {
    ge-0/0/4 {
        gigether-options {
            redundant-parent reth0;
        }
    }
    ge-0/0/5 {
        gigether-options {
            redundant-parent reth1;
        }
    }
    ge-0/0/6 {
        gigether-options {
            redundant-parent reth2;
        }
    }
    ge-5/0/4 {
        gigether-options {
            redundant-parent reth0;
        }
    }
    ge-5/0/5 {
        gigether-options {
            redundant-parent reth1;
        }
    }
    ge-5/0/6 {
        gigether-options {
            redundant-parent reth2;
        }
    }
    fab0 {
        fabric-options {
            member-interfaces {
                ge-0/0/2;
            }
        }
    }
    fab1 {
        fabric-options {
            member-interfaces {
                ge-5/0/2;
            }
        }
    }
    reth0 {
        redundant-ether-options {
            redundancy-group 1;
        }
        unit 0 {
            description "Public Untrust";
            family inet {
                address 1.1.1.1/30
            }
        }
    }
    reth1 {
        redundant-ether-options {
            redundancy-group 1;
        }
        unit 0 {
            description "Private Trust";
            family inet {
                address 3.3.3.3/24;
            }
        }
    }
    reth2 {
        redundant-ether-options {
            redundancy-group 1;
        }
        unit 0 {
            description "Public DMZ";
            family inet {
                address 2.2.2.2/24;
            }
        }
    }

Thanks!

Mark

dfex · ‎04-17-2008

Hi Mark,

There are a number of ways you can do this - you need to decide on what conditions you want interfaces to fail-over.

In your current setup, you have all interfaces in redundancy group 1. If you add the following lines to your config:

set chassis cluster redundancy-group 1 interface-monitor ge-0/0/4 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/5 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/6 weight 255

it will mean that when any of the three interfaces go down, all interfaces will fail over to node 1.

You could also configure 3 individual redundancy groups (1,2 & 3) and place one reth in each:

set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth1 redundant-ether-options redundancy-group 2
set interfaces reth2 redundant-ether-options redundancy-group 3

then with interface monitoring configured like:

set chassis cluster redundancy-group 1 interface-monitor ge-0/0/4 weight 255
set chassis cluster redundancy-group 2 interface-monitor ge-0/0/5 weight 255
set chassis cluster redundancy-group 3 interface-monitor ge-0/0/6 weight 255

only the reth that lost an interface would fail over to node 1.

I also like to turn on pre-empt, so that after any failure conditions have been rectified, the whole system goes back to a known topology:

set chassis cluster redundancy-group 1 preempt
set chassis cluster redundancy-group 2 preempt
set chassis cluster redundancy-group 3 preempt

Hope this helps!

Ben Dale
JNCIP-ENT, JNCIP-SP, JNCIE-SEC #64
Juniper Ambassador
Follow me @labelswitcher

Markw78 · ‎01-11-2011

Thanks!

I went with

set chassis cluster redundancy-group 1 interface-monitor ge-0/0/4 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/5 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/6 weight 255

set chassis cluster redundancy-group 1 preempt

I assume I don't do anything for redundancy-group 0? When I unplug a NIC that groups does not move, thats OK though right?

Cluster ID: 1
Node                  Priority          Status    Preempt Manual failover

Redundancy group: 0 , Failover count: 1
    node0                   100         primary        no       no
    node1                   1           secondary      no       no

Redundancy group: 1 , Failover count: 3
    node0                   100         primary        yes      no
    node1                   1           secondary      yes      no

AdamLin · ‎08-02-2010

That's correct, redundancy-group 0 is for the RE, if you'd kill your routing-engine it would fail over.

You can test failovers (including RG0) with this command:
request chassis cluster failover node <node-number> redundancy-group <group-number>

just remember to reset the manual failover:
request chassis cluster failover reset redundancy-group <group-number>

Regards,
Adam

(if my post helped solve your problem, mark it as accepted solution)

Cluster Failover, sort of working

Re: Cluster Failover, sort of working

Re: Cluster Failover, sort of working

Re: Cluster Failover, sort of working