SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  SRX220 - Active/Passive HA

    Posted 06-10-2015 14:33

    So I am configuring HA on a couple of SRX220's.

     

    Followed through the directions and toward the very end when setting the interface ge-0/0/0 to reth0, i get the error below when trying to commit.

     

    edit interfaces ge-0/0/0 gigether-options]   'redundant-parent'     Logical unit is not allowed on redundant-ethernet member error: commit failed: (statements constraint check failed).

     

     

    I am totally lost here. Is this supposed to be assigned to the gateway port?

     

    I am reading that i need to clear any config assignerd to ge-0/0/0 for this to commit but it is already assigned as my gateway. 

     

     

     

     

     



  • 2.  RE: SRX220 - Active/Passive HA
    Best Answer

     
    Posted 06-10-2015 21:52

    HI,

     

    you have to remove the "gateway"" config of the ge-0/0/0 interface and move your config towards lets say ge-0/0/4. If you do that the commit will succeed.

    Or you start using ge-0/0/2 and ge-2/0/2 as the first interfaces in you reth0

     

     



  • 3.  RE: SRX220 - Active/Passive HA

     
    Posted 06-10-2015 22:20

    Hello Rick ,

     

    as per the error states , you have unit 0 configed under ge-0/0/0 with gateway IP . So when you enable the cluster , we need to remove the unit from the individual interface and assign the gateway IP  on reth interface . You configuration should look like :

     

    ge-0/0/0 {
        gigether-options {
            redundant-parent reth0;
        }
    }
    reth0 {
        redundant-ether-options {
            redundancy-group 1;
        }
        unit 0 {
            family inet {
                address 1.1.1.1/24;   <<< gateway IP
            }
        }
    }

     

     

     So you need to remove the unit configuration under  [edit interface ge-0/0/0] and add the same under [edit interfaces reth0 ]

    That will solve the proble .

     

    #delete interfaces ge-0/0/0 unit 0

     

    Then apply the following configuration :

     

    set interfaces ge-0/0/0 gigether-options redundant-parent reth0
    set interfaces reth0 unit 0 family inet address 1.1.1.1/24

     

     

    I hope this helps .

     

     



  • 4.  RE: SRX220 - Active/Passive HA

    Posted 06-12-2015 08:47

    Thanks this worked!

     

     

    One last thing i am trying to wrap my head around. I had IPSEC VPN setup on that interface which i had to delete. Would i set vpn on reth0 or back on ge-0/0/0? Trying to figure out how that would work.

     

     

     

     

     

     

     

     

     

     

     

     

     

    Footnote: I was going toaccept both answers but i guess you can't do that. so i couldn't accpet yours (if that matters much)



  • 5.  RE: SRX220 - Active/Passive HA

     
    Posted 06-12-2015 21:05
    Hello

    You can terminate the VPN on reth interface . It's the recommended configuration in cluster so that the VPN works after cluster failover .