SRX

last person joined: 6 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  VLAN tag of redundant interface between different physical interfaces

    Posted 11-20-2013 22:49

    Hi community,

    Is it possible to configure as below in srx5600?

    set interfaces xe-7/0/0 gigether-options redundant-parent reth0.0
    set interfaces xe-7/0/1 gigether-options redundant-parent reth0.1
    set interfaces xe-8/0/0 gigether-options redundant-parent reth0.2
    set interfaces xe-8/0/1 gigether-options redundant-parent reth0.3
    set interfaces xe-7/1/0 gigether-options redundant-parent reth0.4
    set interfaces xe-7/1/1 gigether-options redundant-parent reth0.5
    set interfaces xe-8/1/0 gigether-options redundant-parent reth0.6
    set interfaces xe-8/1/1 gigether-options redundant-parent reth0.7
    set interfaces Xe-6/0/0 gigether-options redundant-parent reth0.8
    set interfaces Xe-6/0/1 gigether-options redundant-parent reth0.9
    set interfaces Xe-6/0/2 gigether-options redundant-parent reth0.10
    set interfaces Xe-6/0/3 gigether-options redundant-parent reth0.11

    I concern it because in this configuration, we use VLAN tag of redundant interface between different physical interface

    Thanks and regards,
    Hieu



  • 2.  RE: VLAN tag of redundant interface between different physical interfaces

    Posted 11-21-2013 10:34

    Bit change is required instead of

     

    set interfaces xe-7/0/0 gigether-options redundant-parent reth0.0
    set interfaces xe-7/0/1 gigether-options redundant-parent reth0.1

     

    use

    set interfaces xe-7/0/0 gigether-options redundant-parent reth0
    set interfaces xe-7/0/1 gigether-options redundant-parent reth0

     

    It will make aggregate link (containg interface ge-7/0/0 and 7/0/1 ) for reth0 in local chassis , please visit link http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-security/topic-43687.html

     

    Now about VLAN tagging you will enable vlan tagging on reth0 logical units  and not on its member interfaces ,

    set interface reth0 vlan-tagging unit 0 vlan-id 10 family inet ----------

     

    For further reference material please visit link http://kb.juniper.net/InfoCenter/index?page=content&id=TN10

     

     

    Please mark this as accepted solution if it works for you

    A kudos is a good way of appreciation

     

    Kashif Nawaz

    JNCIP-Sec , JNCIS-Sec , JNCIS-Ent, JNCIA-Junos

     



  • 3.  RE: VLAN tag of redundant interface between different physical interfaces

    Posted 11-21-2013 23:04

    Hi Kashif,

     

    It is what I want to discuss. Because xe-7/0/0 and xe-7/0/1 connect to different routers so I don't want to make a LAG. Normally, I will put it into different reth such as reth0 for xe-7/0/0 and reth1 for xe-7/0/1. But I want to check if the posted configuration still works in some way. My friend argues that reth0.0 and reth0.1 are different logical interfaces so it is still OK to config like this. 

     

    Thanks and regards,

    Hieu



  • 4.  RE: VLAN tag of redundant interface between different physical interfaces
    Best Answer

    Posted 11-22-2013 09:11

    Redundant Ethernet Interface is a pseudo interface interface which should have at least one physical interface assigned to it from each chassis. You can configure multiple sub interface for a reth (4096 for high end firewall and 1024 for Branch SRX) you can not physical interface to reth logical interface but assign to sudo interface (i.e... rethx) . Your configuration will not work as per requirements you stated in post. For reference material please visit http://www.juniper.net/techpubs/en_US/junos12.1x44/topics/concept/chassis-cluster-redundant-ethernet-interface-understanding.html

     

     

    Please mark this as accepted solution if it works for you

    A Kudos is good way of appreciation

     

     

    Kashif Nawaz

    JNCIP-Sec, JNCIS-Sec, JNCIS-Ent , JNCIA-Junos