SRX Services Gateway
Highlighted
SRX Services Gateway

SRX 240 Cluster over EX switches, ethernet switching not working.

‎12-25-2018 02:11 AM

Hi!

I have srx240 cluster over ex-3200 switches.

My topology:

 

srx-240(node0) ---ex-3200----ISP L2 VPN(q-n-q)-----ex-3200----srx-240(node1)

 

Cluster work fine, except L2 switching.

swfab0 {
fabric-options {
member-interfaces {
ge-0/0/3;
}
}
}
swfab1 {
fabric-options {
member-interfaces {
ge-5/0/3;
}
}

 

show chassis cluster ethernet-switching interfaces
swfab0:

Name Status
ge-0/0/3 up
swfab1:

Name Status
ge-5/0/3 up

{primary:node0}

 

show chassis cluster ethernet-switching status
Monitor Failure codes:
CS Cold Sync monitoring FL Fabric Connection monitoring
GR GRES monitoring HW Hardware monitoring
IF Interface monitoring IP IP monitoring
LB Loopback monitoring MB Mbuf monitoring
NH Nexthop monitoring NP NPC monitoring
SP SPU monitoring SM Schedule monitoring

Cluster ID: 1
Node Priority Status Preempt Manual Monitor-failures

Redundancy group: 0 , Failover count: 1
node0 200 primary no no None
node1 100 secondary no no None

Ethernet switching status:
Probe state is DOWN. Both nodes are in separate ethernet switching domain(s).

 

swfab interfaces in separate vlan, igmp-snooping off, lldp off.

I lose my mind, please help.

 

 

4 REPLIES 4
Highlighted
SRX Services Gateway

Re: SRX 240 Cluster over EX switches, ethernet switching not working.

‎12-25-2018 03:42 AM

What about MTU on your QinQ link and EX3200 switchports? you must be able to transfer 9014 bytes packets without fragmentation.


--
Best regards,

Jonas Hauge Klingenberg
Juniper Ambassador & Technology Architect, SEC DATACOM A/S (Denmark)
Highlighted
SRX Services Gateway

Re: SRX 240 Cluster over EX switches, ethernet switching not working.

‎12-25-2018 05:45 AM

Thanks!

MTU 9216

 

Highlighted
SRX Services Gateway

Re: SRX 240 Cluster over EX switches, ethernet switching not working.

‎12-25-2018 06:29 AM

config on ex-3200 under spoiler

 

Management, control and fabric links work fine, but swfab no.

 show chassis cluster ethernet-switching interfaces
swfab0:

    Name               Status
    ge-0/0/3           up
swfab1:

    Name               Status
    ge-5/0/3           up

{primary:node0}

show chassis cluster ethernet-switching statistics

Switch fabric link statistics:
Probe state : DOWN
Probes sent: 69856
Probes received: 0
Probe recv errors: 0
Probe send errors: 0

{primary:node0}

 

what i am doing wrong?

Spoiler
    ge-0/0/1 {
        description Q-in-Q-Uplink;
        mtu 9216;
        ether-options {
            no-flow-control;
        }
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members qinq;
                }
            }
        }
    }
    ge-0/0/2 {
        description Q-in-Q-Loop-In;
        mtu 9216;
        ether-options {
            no-flow-control;
        }
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ iscsi server-vlan srx-cluster-control srx-cluster-fabric srx-cluster-managment srx-cluster-switching   ];
                }
            }
        }
    }
    ge-0/0/3 {
        description Q-in-Q-Loop-Out;
        mtu 9216;
        ether-options {
            no-flow-control;
        }
        unit 0 {
            family ethernet-switching {
                port-mode access;
                vlan {
                    members qinq;
                }
            }
        }
    }

    ge-0/0/10 {
        description srx-cluster-control-link;
        mtu 9014;
        ether-options {
            no-flow-control;
        }
        unit 0 {
            family ethernet-switching {
                port-mode access;
                vlan {
                    members srx-cluster-control;
                }
            }
        }
    }
    ge-0/0/11 {
        description srx-cluster-fabric-link;
        mtu 9014;
        ether-options {
            no-flow-control;
        }
        unit 0 {
            family ethernet-switching {
                port-mode access;
                vlan {
                    members srx-cluster-fabric;
                }
            }
        }
    }
    ge-0/0/12 {
        description srx-cluster-swfab-link;
        mtu 9014;
        ether-options {
            no-flow-control;
        }
        unit 0 {
            family ethernet-switching {
                port-mode access;
                vlan {
                    members srx-cluster-switching;
                }
            }
        }
    }
    ge-0/0/13 {
        description srx-cluster-managment;
        unit 0 {
            family ethernet-switching {
                port-mode access;
                vlan {
                    members srx-cluster-managment;
                }
            }
        }
    }
ethernet-switching-options {
    voip;
    dot1q-tunneling {
        ether-type 0x8100;
    }
    storm-control {
        interface all;
    }
}
vlans {
    default {
        vlan-id 1;
        l3-interface vlan.1;
    }
    iscsi {
        vlan-id 101;
    }
    qinq {
        vlan-id 605;
        dot1q-tunneling {
            customer-vlans [ 80  93 101  2000 4093 4094 ];
        }
    }
    server-vlan {
        vlan-id 80;
        l3-interface vlan.80;
    }
    srx-cluster-control {
        vlan-id 4094;
    }
    srx-cluster-fabric {
        vlan-id 4093;
    }
    srx-cluster-managment {
        vlan-id 93;
        l3-interface vlan.93;
    }
    srx-cluster-switching {
        vlan-id 2000;
    }
}
Highlighted
SRX Services Gateway

Re: SRX 240 Cluster over EX switches, ethernet switching not working.

[ Edited ]
‎06-03-2019 02:59 PM

March,

 

Please note that in order to use the SWFab link, the nodes have to be connected back to back (directly connected):

 

https://kb.juniper.net/KB21422

 

Hope this helps.

 

Please mark this comment as the Solution if applicable
Feedback