SRX Services Gateway
Highlighted
SRX Services Gateway

about control plane failover

‎07-27-2012 03:19 AM

SRX-node0 ----  SRX-node1

       |                        |

       |                        |

switch0--------   switch1

 

 

due to upgrade switch0,I need to failover srx primary from node0 to node1

 

I have one question here

 

1:only need to failover data plane of srx,right?

 

2:if I leave control plane primary in node0,dataplane primary in node1,is it fine?

 

will it cause any issue?

 

 

JNCIE-SP/JNCIP-SEC/CCNP
4 REPLIES 4
Highlighted
SRX Services Gateway

Re: about control plane failover

‎07-27-2012 05:12 AM

Hi Robert,

 

Make sure that all Data RG group expect RG0 (if you have mored that 1 Data RG ) groups they should failover that node 1.

 

From my point of view looking at this topology it should not be the issue if we failover the data RG say RG1 failover to node 1 and control RG RG0 at node0.

 

Regards,

Deepak

Highlighted
SRX Services Gateway

Re: about control plane failover

‎07-27-2012 06:14 PM

one more question,in which scenario we need to failover control plane

 

 

JNCIE-SP/JNCIP-SEC/CCNP
Highlighted
SRX Services Gateway

Re: about control plane failover

‎07-28-2012 01:55 AM

Dear Robert,

 

1. If you have configured intf or ip monitoring right, failure / upgrd of switch-0 will result in RG1 (data plane) shifted to node-1 automatically. However, you can do manual shiftover too.

 

2. RG0 (control plane) cannot shift to node-1 automatically, so you will have to shift RG0 to node1 `manually

 

   request chassis cluster failover redundancy-group 0 node 1

  

Deepak is also right, there is no issue if you do not do this failover manual (i.e. RG0 at node0 and RG1 at node1) ; only fabric link may be choked.

 

Recommended is you keep all RGs primary at node1 manually.

 

regards

 

 

 

 

 

Hafiz Muhammad Farooq
JNCIE-SEC, JNCIP-SEC, JNCIS-SEC, JNCIS-FWV
JNCIS-SP, JNCIS-SA, JNCIA-JUNOS
IBM Qradar Deployment Professional

[Please mark it as Accepted Solution if it works, Kudos if you like]

Highlighted
SRX Services Gateway

Re: about control plane failover

‎07-28-2012 03:14 AM

hi,Hafiz

 

1:I don't want to failover RG-0 because it will cause around 10 seconds blip

I 'd like to know why fabric link may be choked if RG-0 in node 0 and RG-1 in node 1

 

2:in which case I need to failover RG-0,I can't see this possiblity

 

when external box,switch in our case,is down,RG-1 failover to node 1 and keep working

why should I failover RG-0 mannually

 

would u like to show me a sceario I have to failover RG-0

 

thanks in advance

 

 

JNCIE-SP/JNCIP-SEC/CCNP
Feedback