Blogs

How can I configure a device with dual Routing Engines or a chassis cluster (for SRX Series Services Gateways) for continued communication during a switchover?

By Erdem posted 02-01-2016 10:48

  

Question

How can I configure a device with dual Routing Engines or a chassis cluster (for SRX Series Services Gateways) for continued communication during a switchover?

Answer

When configuring for continued communication, the SNMP configuration should be identical between the Routing Engines. However, it is best to have separate Routing Engine IDs configured for each Routing Engine, especially when using SNMPv3.

 

The following example shows the configuration of the Routing Engines in a dual Routing Engine device. Notice that the Routing Engine IDs are set to the MAC addresses for each Routing Engine:

 

user@host# show groups

re0 {

  system {

     host-name PE3-re0;

  }

  interfaces {

     fxp0 {

       unit 0 {

         family inet {

           address 116.197.178.14/27;

           address 116.197.178.29/27 {

             master-only;

           }

        }

     }

  }

}

  snmp {

     engine-id {

       use-mac-address;

     }

  }

}

re1 {

  system {

     host-name PE3-re1;

  }

  interfaces {

     fxp0 {

       unit 0 {

         family inet {

           address 116.197.178.11/27;

           address 116.197.178.29/27 {

             master-only;

           }

         }

       }

    }

}

  snmp {

     engine-id {

       use-mac-address;

     }

  }

}

 

The following is an example of an SNMPv3 configuration on a dual Routing Engine device:

 

user@host> show snmp name host1

v3 {

  vacm {

     security-to-group {

       security-model usm {

         security-name test123 {

           group test1;

         }

         security-name juniper {

           group test1;

         }

       }

     }

     access {

       group test1 {

         default-context-prefix {

           security-model any {

             security-level authentication {

               read-view all;

             }

           }

       }

         context-prefix MGMT_10 {

           security-model any {

             security-level authentication {

               read-view all;

             }

           }

         }

       }

     }

  }

  target-address server1 {

     address 116.197.178.20;

     tag-list router1;

     routing-instance MGMT_10;

     target-parameters test;

  }

  target-parameters test {

     parameters {

       message-processing-model v3;

       security-model usm;

       security-level authentication;

       security-name juniper;

     }

     notify-filter filter1;

  }

  notify server {

     type trap;

     tag router1;

  }

  notify-filter filter1 {

     oid .1 include;

  }

  view all {

     oid .1 include;

  }

  community public {

     view all;

  }

  community comm1;

  community comm2;

  community comm3 {

     view all;

     authorization read-only;

     logical-system LDP-VPLS {

       routing-instance vpls-server1;

     }

  }

  trap-group server1 {

     targets {

       116.197.179.22;

     }

  }

  routing-instance-access;

  traceoptions {

     flag all;

  }

}

 

For more information, click: Configuring SNMP on devices running Junos OS


#FAQ