07-24-2012 01:16 PM
I need to assure that the chassis cluster (HA) normally (i.e. when not degraded/failed) works as an active/passive (versus A/A). How can I do that?
Maybe if I could make RG0 to follow other RG’s in a HA cluster? I cannot preempt RG0...
The root cause is that on SRX branch devices, UTM is supported only for active/backup chassis cluster configuration with both RG0 and RG1 active on the same node. It is not supported for active/active chassis cluster configuration. I think that holds true for versions up to 11.2. I guess that on 11.4 UTM is supported in active/active – but still without Sophos AV (and I need Sophos AV – so I have to stick to Active/Passive HA config). The problem is – that I see no way I can configure that – even with node0 having a higher priority is seems to be a game of chance if it gets RG0 with no preemption avail for that RG… (if node1 boots first – it will get RG0)
Solved! Go to Solution.
07-26-2012 05:15 PM
Easiest way is to not enable preemption on RG1+, and set interface tracking on all RGs to track the same interfaces. Since you can't set preempt on RG0, if you want to keep RG1+ on the same chassis then avoid using it on any RG. Tracking interface failures on RG0 isn't officially recommended but it works, and will keep all RGs on the same chassis when under normal operation.