[j-nsp] srx cluster - control and data link throuigh cisco

Wed May 29 23:25:06 EDT 2013

Also if the link is passing through high-end Cisco switches you might have
to disable IP header checks, as mentioned in this KB article:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB15141

More details @
http://juniper-frac.blogspot.com/2009/09/deploy-srx-cluster-across-layer-2.html

Also as mentioned by others: "After 10.4, the existing virtual LAN (VLAN)
tag, which is used for control-link traffic, will be replaced with the use
of the experimental *0x88b5 *Ether type. However, backward compatibility is
also supported for devices, which have already been deployed in the chassis
cluster with VLAN tagging. So, with the 10.4 release on SRX, you do not
have to set the trunk mode with vlan-id 4094 on the interface of EX
switches"

http://kb.juniper.net/InfoCenter/index?page=content&id=KB23995

Regards
Farrukh Haroon
JNCIE-SEC # 91

On Thu, May 30, 2013 at 3:57 AM, William McLendon <wimclend at gmail.com>wrote:

> Do you have Jumbo Frames enabled on all paths between the two nodes?
>  There is a required frame MTU that must be supported across the network
> for connectivity through intermediate switches to work / be supported.
>  Also if i'm not mistaken by default the control plane traffic is tagged
> with VLAN 4090, however in later versions of code that default behavior may
> have changed, and I think the VLAN ID it uses is now configurable.
>
> Thanks,
>
> Will
>
> On May 29, 2013, at 8:42 PM, juniper-nsp-request at puck.nether.net wrote:
>
> > Subject: [j-nsp] srx cluster - control and data link throuigh cisco
> >       nexus   switches
> > Message-ID: <51A64466.8070605 at yahoo.fr>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> >
> > Hi all,
> >
> > I'm currently trying to setup a cluster of srx3400 using a pair of cisco
> > nexus to connect
> > control and data link for redundancy. Junos Version is 11.4r7.
> >
> > Each SRX3400 uses one RE, one CRM, one SPC and one NPC.
> >
> > The first node from the cluster is fine but the second node doesn't come
> > up correctly.
> >
> > The "show chassis fpc pic" indicates that the slot 0, 5 and 6 (RE, NPC
> > and SPC) stay in testing state.
> >
> > The same hardware works correctly when wworking outside of the cluster.
> >
> > Badfully I can't remove the presumably faulty srx3400 from the rack to
> > plug it directly to the node0.
> >
> > Did anyone manage to setup a cluster using nexus to connect control and
> > data link ?
> >
> > I tried junos 12.1 but the cluster was not stable at all (jsrpd and
> > chassisd keeps crashing).
> >
> > thanks.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>