[j-nsp] Suggestions on management of dual-RE devices

Olivier Benghozi olivier.benghozi at wifirst.fr
Tue Nov 24 15:52:38 EST 2015

Juniper document provides each RE with it's own MANAGEMENT address (on fxp port of each RE), not its own loopback.
You configure a single loopback (interface lo0.0).

Anyway, about your need, there is:
http://www.juniper.net/documentation/en_US/junos15.1/topics/usage-guidelines/interfaces-configuring-a-consistent-management-ip-address.html <http://www.juniper.net/documentation/en_US/junos15.1/topics/usage-guidelines/interfaces-configuring-a-consistent-management-ip-address.html>

> Le 24 nov. 2015 à 19:07, Mike Williams <mike.williams at comodo.com> a écrit :
> Hi all,
> So we just got our first Juniper devices with dual-REs (if you exclude virtual 
> chassis').
> Before I get into actually configuring them, I'm wondering how others handle 
> management, as I'm a touch confused.
> Normally we just SSH/snmp to the loopback address, optionally jumping off from 
> a device on the same OoB network if routing is down (yes, we should configure 
> a backup router).
> Juniper document providing each RE with it's own loopback address.
> If you do that, you'd have to detect if what you're connected to is master or 
> backup, right?
> That might be a necessary trade off. As if you had a single loopback address, 
> wouldn't the system SSH key change as loopback "moved" between the REs?
> Can a 'global' single loopback even be configured?
> Or do dual-RE devices actually work like virtual chassis, where the system SSH 
> key is the same on all nodes, and connections to the backup are internally 
> redirected to the master?

More information about the juniper-nsp mailing list