[j-nsp] Suggestions on management of dual-RE devices
Olivier Benghozi
olivier.benghozi at wifirst.fr
Tue Nov 24 15:52:38 EST 2015
Juniper document provides each RE with it's own MANAGEMENT address (on fxp port of each RE), not its own loopback.
You configure a single loopback (interface lo0.0).
Anyway, about your need, there is:
http://www.juniper.net/documentation/en_US/junos15.1/topics/usage-guidelines/interfaces-configuring-a-consistent-management-ip-address.html <http://www.juniper.net/documentation/en_US/junos15.1/topics/usage-guidelines/interfaces-configuring-a-consistent-management-ip-address.html>
> Le 24 nov. 2015 à 19:07, Mike Williams <mike.williams at comodo.com> a écrit :
>
> Hi all,
>
> So we just got our first Juniper devices with dual-REs (if you exclude virtual
> chassis').
> Before I get into actually configuring them, I'm wondering how others handle
> management, as I'm a touch confused.
>
> Normally we just SSH/snmp to the loopback address, optionally jumping off from
> a device on the same OoB network if routing is down (yes, we should configure
> a backup router).
>
> Juniper document providing each RE with it's own loopback address.
> If you do that, you'd have to detect if what you're connected to is master or
> backup, right?
> That might be a necessary trade off. As if you had a single loopback address,
> wouldn't the system SSH key change as loopback "moved" between the REs?
> Can a 'global' single loopback even be configured?
>
> Or do dual-RE devices actually work like virtual chassis, where the system SSH
> key is the same on all nodes, and connections to the backup are internally
> redirected to the master?
More information about the juniper-nsp
mailing list