[j-nsp] Problem to ping a node on internet
Roland Droual
roland.droual at paris.iufm.fr
Tue Jun 19 07:52:51 EDT 2012
Hello the list,
I solve most of problems to ping from my SRX cluster.
- In first, my provider gave me another range IP @, because the first was wrong. So I can ping from my DMZ (with public @);
- In Second, I put my NAT rules (which I forgot), so I can ping from a node from INSIDE network;
- In third, I change the cluster ID number, on the cluster of site B; So I can ping the SRX cluster on site A, via the link "INTER-SITE". Because I have the same symetric configuration:
- same reth_s
- same cluster ID number = 1 for the both
- same node number
- same vlan
- etc ...
- vlan INTER-SITE : On site A = 10.1.3.1/29 on 1 cluster (cluster ID =1) ,
On site B = 10.1.3.2/29 on the other cluster (cluster ID = 1)
The cluster ont Site A (10.1.3.1) is up for 2 weeks. It could ping a node on site B (with 10.1.3.3/29), but the SRX of site B (with 10.1.3.2/29) .
I couldn't ping the SRX on site B , because the 2 SRX clusters are on the same L2 domain broadcast, and they had the same cluster number ID, that is used to form the virtual MAC address, that is used for the RETH interface. So I think I had a MAC address overlap, and forwarding problems occured.
When I changed the cluster ID number to 2 , on the cluster on Site B, the problems disappeared.
But now, I have a new problem, because I did a lot of changes: I don't have routing process on the cluster of site B.
==================================================
toto at BA-SRX650-01# run show chassis cluster status
Cluster ID: 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 0
node0 100 secondary no no
node1 1 primary no no
Redundancy group: 1 , Failover count: 0
node0 0 secondary no no
node1 0 primary no no
toto at BA-SRX650-01> show route all
error: the routing subsystem is not running
toto at BA-SRX650-01> restart routing
error: Routing protocols process is not running
error: Routing protocols process was not restarted
=========================================
artere at BA-SRX650-01# run show chassis alarms
node0:
--------------------------------------------------------------------------
1 alarms currently active
Alarm time Class Description
2012-06-19 19:51:11 UTC Major PEM 0 Output Failure
node1:
--------------------------------------------------------------------------
1 alarms currently active
Alarm time Class Description
2012-06-19 20:07:36 UTC Major PEM 0 Output Failure
I don't know where I can find the solution. How can I solve the problem about routing process doesn't work ?
Thanks
Roland
More information about the juniper-nsp
mailing list