Junos
Junos

VRRP MX with Juniper SSG and SRX

[ Edited ]
‎08-23-2019 02:25 AM

Hi All, I plan to deploy as follow topology. As you can see both MX are interconnected with trunk mode to achieve VRRP configuration SRX with A/P cluster configuration, each SRX connected to MX with Reth interface. Please advice if it is applicable

 

Screen Shot 2019-08-23 at 16.10.17.png

2 REPLIES 2
Junos

Re: VRRP MX with Juniper SSG and SRX

‎08-23-2019 02:48 AM

Yes that setup will work for your vrrp gateway on the mx devices.

 

Note that you will want the master device to be the one connected to the normally active SRX/SSG device so the cross link will not have to carry all the traffic unless a failover situation occurs.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
Junos
Solution
Accepted by topic author husni1984
‎08-24-2019 04:15 PM

Re: VRRP MX with Juniper SSG and SRX

‎08-23-2019 10:50 AM

Hi, 

 

As the saying goes 'The devil is in the detail', this might well be the case.

If the inet addresses are being configured under the physical ge interfaces on the MX, vrrp pkts will be sourced from that interface and unless the SRX is bridging/switching the vrrp packets, those will not reach the other MX and vice-versa, and result in split-brain vrrp as the back to back L2 trunk interface between the MXs will not be used for vrrp control traffic.

 

From experience, I believe the MXs can be configured with a bridge-domain and the vrrp configured over an irb. That way vrrp can flow over the L2 trunk. Also to make sure data traffic does not traverse over the L2 trunk, vrrp track and priorities can be used to ensure vrrp mastership is in sync with the active reth on the SRX side.

 

Hope this helps.

Ashvin