SRX Services Gateway
SRX Services Gateway

configure reth interface as turnk on SRX240 ?

‎02-04-2014 05:15 AM

help please i have twoSRX240 i configure them as chassis cluster and this is the configuration i made 

set version 11.4R7.5
set groups node0 system host-name srx1
set groups node0 interfaces fxp0 unit 0 family inet address 10.99.99.1/24
set groups node1 system host-name srx2
set groups node1 interfaces fxp0 unit 0 family inet address 10.99.99.2/24
set apply-groups "${node}"
set system host-name test-1
set system root-authentication encrypted-password "$S6by8Pi$jnawFiIE6vCYtVe3sv2IC1"
set system services ssh
set system services web-management http
set system services web-management https system-generated-certificate
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set chassis cluster reth-count 2
set chassis cluster redundancy-group 0 node 0 priority 100
set chassis cluster redundancy-group 0 node 1 priority 1
set chassis cluster redundancy-group 1 node 0 priority 100
set chassis cluster redundancy-group 1 node 1 priority 1
set interfaces ge-0/0/3 gigether-options redundant-parent reth0
set interfaces ge-0/0/4 gigether-options redundant-parent reth1
set interfaces ge-5/0/3 gigether-options redundant-parent reth0
set interfaces ge-5/0/4 gigether-options redundant-parent reth1
set interfaces fab0 fabric-options member-interfaces ge-0/0/2
set interfaces fab1 fabric-options member-interfaces ge-5/0/2
set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth0 unit 0 family inet address 10.10.10.200/24
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 unit 0 family inet
set security zones security-zone untrust interfaces reth0.0
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces reth1.0

 i need to configure the RETH interfaces as TRUNK to connect them to EX3300 switches , any idea ? please help me ?

4 REPLIES 4
SRX Services Gateway

Re: configure reth interface as turnk on SRX240 ?

‎02-04-2014 05:46 AM

Hello.

 

Hope this helps:

 

set interfaces reth1 vlan-tagging
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 unit 100 vlan-id 100
set interfaces reth1 unit 100 family inet address 1.1.1.1/24
set interfaces reth1 unit 200 vlan-id 200
set interfaces reth1 unit 200 family inet address 2.2.2.2/24

 

 

 

Regards,

Sam

SRX Services Gateway

Re: configure reth interface as turnk on SRX240 ?

‎02-04-2014 05:59 AM

i donot need any ip just trunk between reth interfaces on srx and trunk interfaces on ex330 switch Smiley Sad

SRX Services Gateway
Solution
Accepted by topic author elbeshti mohamed
‎08-26-2015 01:27 AM

Re: configure reth interface as turnk on SRX240 ?

[ Edited ]
‎02-04-2014 10:29 PM

hi ,

 

You should enable ethernet switching on your chassis cluster and then instead of reth interface you will be able to configure the same trunk and access ports as on ex switches.

 

Please reffer to this kb article: http://kb.juniper.net/InfoCenter/index?page=content&id=KB21422&smlogin=true

 

 

SRX Services Gateway

Re: configure reth interface as turnk on SRX240 ?

‎02-06-2014 10:30 PM

Hi Guys

 

im sitting with the same problem on 2 x SRX550 - I have 2 x reth interface and im useing vlan tagging. Reth0 is assigned to the untrust zone and Reth1 is assigned to the trust zone.

 

My Boss requires me to connect to a EX on Reth0, and just TAG the VLANS (L2) on the EX. The L3 interface is actually the Reth0.650 on the FW

 

so i Tag the port on the EX - "set interface ge-0/0/0.0 family ethernet switching vlan members VLAN650"  then i TRUNK the port the RETH0 connects to on the EX, i then run a ping to the host on ge-0/0/0 and i get no joy. the Host defualt gateway is the reth0.650. I do get an arp though for the host, but i cant ping it.

 

My question is - with the SWFAB interfaces, once ive connected them up, do i need to then get a second pair of cables to create the actual trunk between the switch and the FW?

 

I saw some config that looked like this - will it work? on the version ive got, (12.1) i dont see the command

 

set inter reth0.0 family ethernet switching port mode trunk vlan member all

 

This would be ideal

 

Any help with this would be appreciated