Recommendations in regards to a HA setup running BGP and having "Z-mode" traffic.
I currently testing a multi-location HA setup with SRX 650's.
The HA cluster would run over 10 gbit fiber link between to buildings. The control link and fabric links would run over vlan's between the two buildings.
This is a setup I have done before and it works fine. I'm also reviewing this document.
However, this is going to be a high traffic setup with the ISP running BGP.
Currently it will be all gigabit ethernet connections but in the future it could be come 2x 10gbit running LACP for the "trust".
The "untrust" will be gigabit ethernet with BGP from the ISP.
I have a few design questions in regards to this:
If the BGP fails over and the RG0 keeps running, I will get traffic going in at node 0 and leaving at node 1. This is what Juniper describes as Z-mode traffic. In this case I'm worried that the fabric links will get saturated. Would dual fabric link help in this case? (I'm planning of doing dual fab either way) Or should I run something like track IP that will cause the RG0 to failover along with the BGP? What do you recommend?
Can you assign a vlan interface (on that 10 gbit interface) as a fabric link? Or does it always need to be physical interfaces?
Re: Recommendations in regards to a HA setup running BGP and having "Z-mode" traffic.
For BGP failover you would probaby be better utilising the ip-monitoring feature under the configured redundancy group(s) to failover to the secondary node in the event your BGP peer for the primary path is lost. And no, only physical ports can be used for the fab links.