Looking for your assistance with a weird issue we are having on our SRX3400 Chassis Cluster.
Environment: SRX3400 Chassis Cluster - 12.1X46D40.2 (JTAC Recommended)
Issue: We upgraded this cluster from 11.4R5.5 to 12.1X46D40.2 over the weekend. After the upgrade, SRX stopped sending ARP requests out on reth7.0 sub interface. Other physical and logical interfaces are forwarding and arp-ing out normally. We tried failover to the secondry node. No effect. Rebooting both nodes one by one. Moving the subnet from reth7.0 to reth7.5.
Only way for devices in the subnet to work:
Switches IP addresses: Clear arp cache on switches
Windows Servers: ping firewall IP address so that firewall can learn the mac address.
Pinging from firewall to server/switch IP addresses does help in populating the mac table as firewall does not seem to arping out on that interface. TAC is working on the case as well. We ran monitor traffic interface while pinging out from fw interface, no arp packets. However, once it is learned everything works fine. Static arp also proved to helpful in getting this to work. I am so confused this why Sub-if is not arping out. Any help/suggestions much appreciated.
Thanks and Regards,
Re: SRX Sub-Interface Not sending ARP requests out
Team this issue is resolved. We had ip addresses on fxp0 on the same subnet. Never had an issue when we were on 11.4R5.5. Maybe 12.1X46D40.2 implemeneted some strict checks , causing arp problem. After disabling those IP addresses, everything was working as expected.