SRX Services Gateway
Highlighted
SRX Services Gateway

Can ping only 1 SRX in cluster at any given time

‎04-24-2014 02:31 PM

I have connected 2 SRX 240 in cluster, the cluster configuration looks to be good however i can only ping or SSH to 1 SRX the other SRX is up i can SSH to it from the second device but not directly. Also i cannot ping the cluster IP. I failed the chassis cluster to different redundancy group and it worked for a while and started exhibiting same issue again. Below is what i see on my chassis cluster.

root@FWSRX01> show chassis cluster status
Cluster ID: 1
Node Priority Status Preempt Manual failover

Redundancy group: 0 , Failover count: 1
node0 200 primary no no
node1 100 secondary no no

Redundancy group: 1 , Failover count: 1
node0 200 primary no no
node1 100 secondary no no

 

 

Here's my chassis configuration

 

set groups node0 system host-name FWSRX01

set groups node0 system backup-router 172.16.220.254
set groups node0 system backup-router destination 192.168.3.0/24
set groups node0 system backup-router destination 172.16.64.0/21
set groups node0 interfaces fxp0 unit 0 family inet address 172.16.220.58/22

set groups node1 system host-name FWSRX02
set groups node1 system backup-router 172.16.220.254
set groups node1 system backup-router destination 192.168.3.0/24
set groups node1 system backup-router destination 172.16.64.0/21
set groups node1 interfaces fxp0 unit 0 family inet address 172.16.220.59/22

set interfaces fxp0 unit 0 family inet address 172.16.220.57/22 master-only

set chassis cluster reth-count 13
set chassis cluster heartbeat-interval 1000
set chassis cluster heartbeat-threshold 3
set chassis cluster redundancy-group 0 node 0 priority 200
set chassis cluster redundancy-group 0 node 1 priority 100
set chassis cluster redundancy-group 1 node 0 priority 200
set chassis cluster redundancy-group 1 node 1 priority 100

 

4 REPLIES 4
Highlighted
SRX Services Gateway

Re: Can ping only 1 SRX in cluster at any given time

‎04-24-2014 06:35 PM

Hello

 

Can you tell which scenario is working and which is not?

 

1. Are you able to ping 172.16.220.57/22 when primacy of RG-0 and RG1 is on node0?

2. Are you able to ping 172.16.220.57/22 when primacy of RG-0 and RG1 is on node1?

3. Are you able to ping 172.16.220.58/22?

4. Are you able to ping 172.16.220.59/22?

 

Regards,

Raveen

Note: If this answers your question, you could mark this post as accepted solution, that way it helps others as well. Kudos will be cool if I earned it!
Highlighted
SRX Services Gateway

Re: Can ping only 1 SRX in cluster at any given time

‎04-25-2014 11:00 AM

1. Are you able to ping 172.16.220.57/22 when primacy of RG-0 and RG1 is on node0? --- NO

2. Are you able to ping 172.16.220.57/22 when primacy of RG-0 and RG1 is on node1? ----- YES /NO . Was able to ping until the Node0 was under secondary hold stage once it returned to secondary pings stopped.

3. Are you able to ping 172.16.220.58/22? ----  NO

4. Are you able to ping 172.16.220.59/22? ----- YES

 

 

 

I was able to ping all 3 IP Address when i failed over RG-0 and RG1 to node 1 , and node 0 on RG0 was in secondary hold stage. But just as Node 0 in RG0 returned to secondary i was only able to ping the  172.16.220.58 . .59 and .57 went unresponsive.

 

 

Highlighted
SRX Services Gateway

Re: Can ping only 1 SRX in cluster at any given time

‎04-27-2014 05:24 AM

Are you pinging the FXP0 interfaces or the actual physical interface ?

 

Highlighted
SRX Services Gateway

Re: Can ping only 1 SRX in cluster at any given time

‎05-06-2014 03:50 AM

Hi

 

What network range are you trying to ping from?

Simon
JNCIP-SEC, JNCIS-ENT
Feedback