SRX

Hello,

• I want to configure the HA on SRX 650, when i enter the command set chasis cluster-id 1 node 0 reboot after reboot the device remains in the hold mode it does'nt comes up in primary,

• I have conencted the both SRX650 with gig0/0/0 and gig0/1/0 interface and on the 2nd chasis i applied the command  set chasis cluster-id 1 node 1 reboot after rebooting  the same applies to this 2nd SRX it also remains in the hold position it does'nt comes up in primary.
• I have seen the juniper docs in which it says to configure the control ports but i did'nt get any option to configure these ports in the CLI after a

 set chasis cluster i get a control-recovery option rather than i shld get the below optionset chassis cluster control-ports fpc 4 port 0 

• Can anybody help me with the configuration example for the HA , which can clearly specifies the command compulsary to get the cluster up.

Thanks

The configuration guide will take you step-by-step through setting up the cluster.

For SRX650, control link is ge-0/0/1 to ge-9/0/1 (0/0/1 on both SRX 650s).  Use an additional connection for your fabric link (ge-0/0/2 to ge-9/0/2, for example).

Depending on which version of software you're using, you may have to disable the switching configurations.

Then, just walk through the steps on the page "SRX Series Chassis Cluster Configuration Overview" page.   When you get to step 7, the sections there go through setting up the fabric, the reth configurations, and other optional stuff like interface monitoring, etc.

Dear s,

To get the cluster up only following commands are necessary,please guide if i m wrong.

Chasis-A

set chasis cluster-id 1 node 0 reboot
set chassis cluster control-ports fpc 4 port 0

Chasis-B

set chasis cluster-id 1 node 1 reboot
set chassis cluster control-ports fpc 4 port .

I have reboot the deives while booting it show me HA interfaces not found.

Thanks

Hi Jenfier,

You can not configure custom control links on the srx 650. This feautre is only limited to SRX 5800's and SRX 5600's.
On all other devices the control links are pre-defined which are enabled when you issue command
> set chasis cluster-id 1 node 0 reboot

For SRX650 the dedicate control port is ge-0/0/1 . Refer kb http://kb.juniper.net/InfoCenter/index?page=content&id=KB15356 for information about dedicated control ports and management interfaces.

Hope this helps.

Regards,

Visitor

-------------------------------------------------------------------------------------------------------

If this post was helpful, please mark this post as an "Accepted Solution".Kudos are always appreciated!

---

@jeniferdcosta wrote:

 

To get the cluster up only following commands are necessary,please guide if i m wrong.

---

That's not entirely correct.  You need to follow the complete steps outlined in the documentation that I linked to to configure the control and fabric links to have a funcioning cluster.

As Visitor noted, the commands you are trying to issue to set the control ports are not applicable on the SRX650.  You need to follow the SRX650 specific steps in the documentation.  You do not specify the control-ports command on the SRX650, simply issue the "set chassis cluster-id 1 node X reboot" commands and let the systems reboot.  Connect ports ge-0/0/1 from both SRX650s together (the port number on the secondary node will then change in the configuration to ge-9/0/1).

From there, follow the documentation to set up the fabric link and configure the reth interfaces and redundancy groups.

Also keep in mind that using a switch for the control link is not supported officially. So if your cluster still doesn't come up after following the other's advise, make sure the boxes can actually see each other. 

You can check by issuing these commands:

show chassic cluster status

show chassis cluster interfaces

If you use a switch, let us know and we will show you how to do it.

Dears,

I have some question please answer.

 set interfaces ge-0/0/0 gigether-options redundant-parent reth1
set interfaces ge-7/0/0 gigether-options redundant-parent reth1 

I want to know which will be my interface for ge-7/0/0, ????

I have 4 interface on my SRX from which i used ge-0/0/1 for control link and ge-0/0/3 for fabric interconnect, now only 2 interface are left for the actual traffic, Can anybody help me to write the redundant interface config, as i m not understanding in the docs from where the ge7/0/0 came.

Thanks

Thanks

When you set up a cluster on SRX, it will actually form a virtual chassis. This is different from most other cluster setups you might know. It means that both machines will acts as a single entity. That also means that interfaces will be renumbered when you create the cluster.

The interfaces of the second node will get a new number assigned to it. The virtual chassis starts counting the interfaces on node 0 and then on node 1. So the first interface on node 1 (ge-0/0/0) will actually become ge-7/0/0, the second interface (ge-1/0/0) will become ge-8/0/0 and so on (this completely depends on how many interfaces you have in total, so numbering might be different). 

Some native english speaker can probably explain this better.

It's all in the documentation by the way. 

---

@cryptochrome wrote:

So the first interface on node 1 (ge-0/0/0) will actually become ge-7/0/0, the second interface (ge-1/0/0) will become ge-8/0/0 and so on 

---

That numbering is not correct for the SRX650.

The SRX650 has 8 FPC slots (I think they're called FPCs, Juniper's naming scheme is TERRIBLE) in addition to the onboard ports.

When you cluster SRX650s, the first number in the interface numbering is the FPC slot number.  Add 9 for the secondary node (0 = onboard, 1-8 = FPC slots in each node).

ge-0/0/0 corresponds to ge-9/0/0 on the secondary node, ge-0/0/1 corresponds to ge-9/0/1 on the secondary node.

Furthermore, ge-0/0/0 (and ge-9/0/0) become dedicated for the fxp0 management interfaces when the devices go into cluster.  That leaves you only ONE open port per SRX650 to use for revenue traffic, and that would be ge-0/0/2 on both SRX devices (known as ge-9/0/2 on the secondary node.)

For any real useful capabilities in moving traffic through an SRX650 cluster, you really do need to add some PIM modules to make some actual revenue ports available.

Reference this KB article.

---

@keithr wrote:

---

@cryptochrome wrote:

So the first interface on node 1 (ge-0/0/0) will actually become ge-7/0/0, the second interface (ge-1/0/0) will become ge-8/0/0 and so on 

---

That numbering is not correct for the SRX650.

 

---

yep, as I said, that numbering is probably off and depends on the actual number of present interfaces.

one of my srx650 clusters starts at ge-9/0 and the first FPC starts at ge-11/0. 

ge-7 is probably if you don't have any FPC slots occupied?

---

@cryptochrome wrote:

yep, as I said, that numbering is probably off and depends on the actual number of present interfaces.

 

one of my srx650 clusters starts at ge-9/0 and the first FPC starts at ge-11/0. 

 

ge-7 is probably if you don't have any FPC slots occupied?

 

---

It does not matter if the slots are occupied or not.  The slots on an SRX650 are numbered 0-8, regardless of whether a module is installed in them.

That keeps it consistent, so that your slot numbers across your cluster don't change and require mass reconfigurations if you add or remove PIM cards to your devices.

ge-0/0/x will always correspond to ge-9/0/x, and ge-2/0/x will always correspond to ge-11/0/x on SRX650 clusters.

Thanks for ur prompt replies dears,

Ur'll r experts.

• Is it any command to enable the PIM slot or it is enable and detected as it is installed in the chasis.We have a PIM module i will install it.

---

@jeniferdcosta wrote:

Thanks for ur prompt reply,

 

I got ur pont what u r trying to explain , just to confirm i have a SRX650 so i hope i cant use ge-0/0/0 in redundant interface because it gives me an error, when i try to put in the redundant interface configuration.

 

 

---

that's because ge-0/0/0 will become dedicated fxp0 (management interface) and can not be used for normal traffic.

---

@jeniferdcosta wrote:

 

• Is it any command to enable the PIM slot or it is enable and detected as it is installed in the chasis.We have a PIM module i will install it.

---

As long as the PIM you're installing is supported by the version of Junos that you're running, you do not need to do anything to have it recognized.