[j-nsp] Problem to ping a node on internet

Roland Droual roland.droual at paris.iufm.fr
Tue Jun 19 07:52:51 EDT 2012


Hello the list, 

I solve most of problems to ping from my SRX cluster. 
- In first, my provider gave me another range IP @, because the first was wrong. So I can ping from my DMZ (with public @); 
- In Second, I put my NAT rules (which I forgot), so I can ping from a node from INSIDE network; 
- In third, I change the cluster ID number, on the cluster of site B; So I can ping the SRX cluster on site A, via the link "INTER-SITE". Because I have the same symetric configuration: 
- same reth_s 
- same cluster ID number = 1 for the both 
- same node number 
- same vlan 
- etc ... 
- vlan INTER-SITE : On site A = 10.1.3.1/29 on 1 cluster (cluster ID =1) , 
On site B = 10.1.3.2/29 on the other cluster (cluster ID = 1) 
The cluster ont Site A (10.1.3.1) is up for 2 weeks. It could ping a node on site B (with 10.1.3.3/29), but the SRX of site B (with 10.1.3.2/29) . 
I couldn't ping the SRX on site B , because the 2 SRX clusters are on the same L2 domain broadcast, and they had the same cluster number ID, that is used to form the virtual MAC address, that is used for the RETH interface. So I think I had a MAC address overlap, and forwarding problems occured. 
When I changed the cluster ID number to 2 , on the cluster on Site B, the problems disappeared. 


But now, I have a new problem, because I did a lot of changes: I don't have routing process on the cluster of site B. 

================================================== 
toto at BA-SRX650-01# run show chassis cluster status 
Cluster ID: 1 
Node Priority Status Preempt Manual failover 

Redundancy group: 0 , Failover count: 0 
node0 100 secondary no no 
node1 1 primary no no 

Redundancy group: 1 , Failover count: 0 
node0 0 secondary no no 
node1 0 primary no no 

toto at BA-SRX650-01> show route all 
error: the routing subsystem is not running 


toto at BA-SRX650-01> restart routing 
error: Routing protocols process is not running 
error: Routing protocols process was not restarted 

========================================= 
artere at BA-SRX650-01# run show chassis alarms 
node0: 
-------------------------------------------------------------------------- 
1 alarms currently active 
Alarm time Class Description 
2012-06-19 19:51:11 UTC Major PEM 0 Output Failure 

node1: 
-------------------------------------------------------------------------- 
1 alarms currently active 
Alarm time Class Description 
2012-06-19 20:07:36 UTC Major PEM 0 Output Failure 


I don't know where I can find the solution. How can I solve the problem about routing process doesn't work ? 

Thanks 

Roland 



More information about the juniper-nsp mailing list