[j-nsp] SRX monitor-interface question

Fahad Khan fahad.khan at gmail.com
Wed Dec 18 00:10:30 EST 2013 

SRX (High end) by default keeps logs on data plane and they have to be
forwarded to any external syslog

http://kb.juniper.net/InfoCenter/index?page=content&id=KB16506

however from Junos 10 perhaps you can copy them from data plane to control
plane if you want to see them on console.

Muhammad Fahad Khan
JNCIE-M # 756
Lead Network and Security Consultant - IBM
+92-301-8247638
Skype: fahad-ibm
http://pk.linkedin.com/in/muhammadfahadkhan


On Fri, Dec 13, 2013 at 7:28 PM, R S <dim0sal at hotmail.com> wrote:

> The only part missing will remain local control plane resources (ie logs,
> snmp, etc) that remain on RG0 secondary.
>
> Am I right ?
>
> ------------------------------
> Date: Fri, 13 Dec 2013 14:58:46 +0300
>
> Subject: Re: [j-nsp] SRX monitor-interface question
> From: asadgardezi at gmail.com
> To: dim0sal at hotmail.com
> CC: fahad.khan at gmail.com; juniper-nsp at puck.nether.net
>
> Reffer data plane on following:
>
> http://kb.juniper.net/InfoCenter/index?page=content&id=KB16224
>
> Asad
>
>
>
> On Friday, December 13, 2013, R S wrote:
>
> how can I config syslog/traffic log directly from data plane ?
> some config example ?
>
> tks
>
> ------------------------------
> Date: Fri, 13 Dec 2013 14:51:58 +0300
> Subject: Re: [j-nsp] SRX monitor-interface question
> From: asadgardezi at gmail.com
> To: dim0sal at hotmail.com
> CC: fahad.khan at gmail.com; juniper-nsp at puck.nether.net
>
> Its not recommended to use control plane for traffic logs, you can
> configure sex to forward traffic logs directly from data plane
>
> RG0 aka control plane controls your rotuing engine, routing protocols and
> chassis. Failing it over will cause your routing daemon to restart ,
> routing protocols to reconverge and so on...
>
> Asad
>
> On Friday, December 13, 2013, R S wrote:
>
> And what about syslog or firewall traffic logging flows on the RG1 Active
> node if RG0 remain active on the Passive ?
>
> Date: Fri, 13 Dec 2013 16:34:53 +0500
> Subject: Re: [j-nsp] SRX monitor-interface question
> From: fahad.khan at gmail.com
> To: dim0sal at hotmail.com
> CC: juniper-nsp at puck.nether.net
>
> RG0 only contains Control Plane or REs.
> In SRX failover, its not necessary to failover RG0 when there is a
> failover in RG1 due to a link failure. So we only do interface-monitor in
> RG1, RG2 ... not in RG0. RG0 already run in A/P mode.
>
>
> It can be possible that SRX B is Primary in RG0 while Secondary in RG1
> (means SRX A is Primary in RG 1)
> Muhammad Fahad Khan
> JNCIE-M # 756
> Lead Network and Security Consultant - IBM
>
> +92-301-8247638
> Skype: fahad-ibm
> http://pk.linkedin.com/in/muhammadfahadkhan
>
>
> On Fri, Dec 13, 2013 at 2:07 PM, R S <dim0sal at hotmail.com> wrote:
>
>
>
>
>
> Hi
>
>
>
> In an SRX5800 cluster
>
> A/P deployment, does anybody recommend to monitor-interface also on RG0 or
> not
>
> ?
>
>
>
> PRO ? CONS ?
>
>
>
>
>
>
>
> We did it but
>
> unfortunately during an SPU crash the RG0 didn’t switch properly and JTAC
> told us it’s
>
> not recommended monitor-interface under RG0 in same corner case…
>
>
>
>
>
>
>
> Any experience to share
>
> is useful
>
>
>
>
>
>
>
> Tks
>
>
>
>
>
> _______________________________________________
>
> juniper-nsp mailing list juniper-nsp at puck.nether.net
>
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>

More information about the juniper-nsp mailing list