[j-nsp] SRX vs J-Series for HA over Layer2

Pierre-Yves Maunier j-nsp at maunier.org
Tue Mar 8 05:50:44 EST 2011 

Hello,

thanks for the infos,

I was trying to find out which vlan to us in the first link Laurens gave me
but the infos is not in the document.
My first tests was with igmp snooping disabled but with the switch ports in
access mode in a standard vlan.

Using trunk mode with vlan 4094 now works well for the control link, thanks
again for the tip.

Is there any specific vlan for the fabric link or any standard vlan will
work (using access mode) ?

Regards,

--
Pierre-Yves


2011/3/8 Ben Dale <bdale at comlinx.com.au>

> Almost forgot - make sure IGMP snooping is turned off on both VLANs as
> well.
>
> On 08/03/2011, at 7:32 PM, Ben Dale wrote:
>
> > Hi Pierre,
> >
> > Yes this can be done - control link traffic on the branch SRXs is
> actually sent 802.1Q tagged in VLAN 4094, so you'll need to make the
> interface you plug into the control link a trunk on your EX.
> >
> > I would also recommend that you increase the MTU size of both your fabric
> links (and the transport network in between the SRXs), as you'll need to be
> able to carry the largest frame your revenue interfaces can receive wrapped
> in a header (if traffic ingresses via one SRX and needs to egress the
> other).  So if you're just using 1500 byte MTUs on your revenue ports,
> you'll need a PMTU of 1632 over the links in between.
> >
> > I'm sure in reality it's a lot less that this (132 bytes for a header
> seems excessive), but these are what Juniper recommend right now.
> >
> > Actually a quick google brings up this document which is quite
> comprehensive:
> >
> >
> http://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/technotes/3500165-EN.pdf
> >
> > Cheers,
> >
> > Ben
> >
> > On 08/03/2011, at 3:42 AM, Pierre-Yves Maunier wrote:
> >
> >> Hello all,
> >>
> >> I've been able to setup HA between two J2320 having the control and
> fabric
> >> link in two separate vlans over EX switches and it works fine. It's even
> >> told in the documentation :   "Define the interfaces used for the FAB
> >> connection. These interfaces must be connected back to back, or through
> a
> >> Layer 2 infrastructure, as shown in Figure 2".
> >>
> >> I tried to do the same with a pair of SRX-240 without any success
> (tested in
> >> 10.3R2.11 and 10.3R3.7). The interfaces must be connected back-to-back.
> >>
> >> Anybody already succeded in doing control/fabric link over a layer 2
> >> infrastructure with SRX hardware ? How did you do it ?
> >>
> >> Thanks.
> >>
> >> Regards,
> >>
> >> --
> >> Pierre-Yves Maunier
> >> _______________________________________________
> >> juniper-nsp mailing list juniper-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/juniper-nsp
> >>
> >
>
>

More information about the juniper-nsp mailing list