SRX Services Gateway
Highlighted
SRX Services Gateway

SRX 340 both routers as Master- no advertisement received

[ Edited ]
‎04-07-2019 08:11 AM

Hello,

 

I have been experiencing strange issue with Juniper SRX 340 using firmware 15.1X49-D70.3. Vrrp is setup on both routers but advertisements "sent" not received on both routers. host-inbound services are allowed and both interfaces are in correct zones. Both routers remain Masters and won't show backup router ip when show vrrp is done. However for a split of a second secondary router changes state to Backup (when intially setup) and then back to Master and remain Master .

 

whislt troubleshooting i have downgraded fimrware to 15.1X49-D45 (i knew this works previously) and everything work as normal. I don't want to use this firmware as its old therfore please can someone advise. 

 

Router A

==========

interfaces {
ge-0/0/0 {
description Customer;
unit 0 {
family inet {
address 172.31.255.37/29 {
vrrp-group 1 {
virtual-address 172.31.255.36;
priority 254;
preempt;
accept-data;
authentication-type md5;
authentication-key ***********;
track {
priority-hold-time 3;
interface ge-0/0/15.0 {
priority-cost 100;
Router B

======

 

interfaces {
ge-0/0/0 {
description Customer;
unit 0 {
family inet {
address 172.31.255.38/29 {
vrrp-group 1 {
virtual-address 172.31.255.36;
priority 200;
preempt;
accept-data;
authentication-type md5;
authentication-key **********;
track {
priority-hold-time 3;
interface ge-0/0/15.0 {
priority-cost 100;

 

 

Any help would be much appreciated.

2 REPLIES 2
SRX Services Gateway

Re: SRX 340 both routers as Master- no advertisement received

‎04-07-2019 03:19 PM

Are you allowing inbound vrrp protocol on each srx?

 

set security zones security-zone <zone> host-inbound-traffic protocols vrrp

 

SRX Services Gateway

Re: SRX 340 both routers as Master- no advertisement received

‎04-07-2019 07:19 PM

Hello,

 

If possible upgrade to D140 or deploy VRRP on IRB rarther than physical interface.

 

https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1351755

 

PR mentions the platform as SRX1500 but it applies to SRX3XX as well. 

 

Regards,

 

Vikas