You need to use reth interface for redundancy. I'm pasting similer configuration for reth interface but not tested in LAB. It will help you in guiding.
set interfaces ge-0/0/0 gigether-options redundant-parent reth0 set interfaces ge-0/0/2 gigether-options redundant-parent reth0 set interfaces irb unit 202 family inet address 192.168.1.254/24 set interfaces reth0 vlan-tagging set interfaces reth0 redundant-ether-options redundancy-group 1 set interfaces reth0 redundant-ether-options lacp active set interfaces reth0 redundant-ether-options lacp periodic slow set interfaces reth0 unit 0 family ethernet-switching interface-mode trunk set interfaces reth0 unit 0 family ethernet-switching vlan members vlan202 set vlans vlan202 vlan-id 202 set vlans vlan202 l3-interface irb.202
If this worked for you please flag my post as an "Accepted Solution" so others can benefit.
Is the above example ment for chassi cluster ? Currently i am running only one router and i would like to attach 2 switches that are redundant. But if possible use both at the same time, if not then switch over to other when first fails. Dirty solution would be to script interface enable/disable when sw1 fails, but surely there is somthing that can create simple portchannel to switch.
In Junos an Aggregated-Ethernet (ae) interface is the same thing as a port-channel in Cisco. An ae interface is just a bundle of physical interfaces; this bundle can be a group of L2 (family ethernet-switching) or L3 (family inet) interfaces. As you mentioned, ethernet-switching is not supported in high end SRX, however you can configure a L3 interface with sub-interfaces that will understand vlan-tagging.
Based on the provided configuration I can see that you have two L3 interfaces (one with vlan-tagging) acting as VRRP gateways and you mentioned that you dont have a chassis cluster. The steps you will need to follow are:
1. Enable, at least, 1 ae interaface:
user@host# set chassis aggregated-devices ethernet device-count 1
3. Configure ae0 with subinterfaces using vlan-tagging (Router-on-a-stick):
user@host# set interfaces ae0 vlan-tagging
user@host# set interfaces ae0 unit 202 vlan-id 202
user@host# set interfaces ae0 unit 202 family inet address 192.168.3.254/24 vrrp-group 1 virtual-address 192.168.3.1 priority 200
user@host# set interfaces ae0 unit 202 family inet address 192.168.3.254/24 vrrp-group 1 accept-data authentication-type md5 authentication-key [password]
user@host# set interfaces ae0 unit 205 vlan-id 205 user@host# set interfaces ae0 unit 205 family inet address 192.168.1.4/29 vrrp-group 2 virtual-address 192.168.1.2 priority 200 user@host# set interfaces ae0 unit 205 family inet address 192.168.3.254/24 vrrp-group 1 accept-data authentication-type md5 authentication-key [password]
Follow the same format to configure other sub-units and note they have to have their own vlan-ids.
With above configuration you just need to make sure that your switch also has a L2 port-channel created acting as a trunk port and passing the vlan-ids created on the sun-units (202 and 205).
Remember that ge-0/0/0 and ge-0/0/2 are currently part of a security-zone; you will need to include ae0.202 and ae0.205 within those security-zones as well.
I really hope this was the information you were looking for. Please mark my comment as "Solution" if it applies.