[j-nsp] SRX and not working VRRP
Robert Hass
robhass at gmail.com
Tue Jan 8 18:36:47 EST 2013
Hi
I have SRX100 running 11.4R6.5 and I cannot make VRRP working. I have
configuration like below:
admin at srx100> show configuration interfaces fe-0/0/0
unit 0 {
family inet {
address 10.0.0.69/29 {
vrrp-group 0 {
virtual-address 10.0.0.70;
priority 253;
}
}
}
}
admin at srx100> show vrrp
Interface State Group VR state VR Mode Timer Type Address
fe-0/0/0.0 up 0 master Active A 0.128 lcl 10.0.0.69
vip 10.0.0.70
But I cannot ping 10.0.0.70 from host in this subnet (10.0.0.68) and
also from SRX inself:
I'm able to ping 10.0.0.69 without problem from SRX and host 10.0.0.68.
admin at srx100> ping 10.0.0.70
PING 10.0.0.70 (10.0.0.70): 56 data bytes
ping: sendto: No route to host
^C
--- 10.0.0.70 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss
What I did wrong ? I also added protocol VRRP to security, but didn't helped :(
Security config:
admin at srx100> show configuration security zones security-zone untrust
interfaces {
fe-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
ping;
ike;
ssh;
https;
}
protocols {
vrrp;
}
}
}
}
Rob
More information about the juniper-nsp
mailing list