02-16-2010 11:12 PM
I'm going do deploy a couple of customer connections at two different sites. Each site will have two SRX210 and two leased lines, running BGP for failover functionality.
At site1 the two SRX210 will be sitting in the same rack and my plan was to use JSRP-cluster between them. One reth on the the inside so the customer gets one IP-adress and then one interface against each leased line (no reth).
At site2 the SRX210 will be separated by some distance and what I have read jsrp-cluster don't work if there is a switch between them (fabric, control link). What can I use here to receive some kind of redundancy but still give the customer one address on the inside that they can route via?
Does the suggestion at site1 make sense?
Solved! Go to Solution.
02-17-2010 06:25 AM
You can run VRRP and offer that VIP-address for your clients. You might also find running normal BGP+VRRP a lot more stable than the SRX/J-series cluster function. Also in cluster mode you will lose most of the features available in non-cluster mode.
02-19-2010 03:10 AM
03-19-2010 09:29 AM
Are those SRX in packet or flow-based mode? If the former, I agree in that it's a simple and elegant solution.
However, if in flow-based mode, all established-flow related information is lost whenever traffic is rerouted, is that correct?
Regarding having a cluster over a layer 2 ethernet network, there are some tips to make this work (where's the FAQ on HA for Juniper products?). "SRX Services Gateway Cluster Deployments Across Layer Two Networks"