[j-nsp] SRX cluster across L2 vlan issue

james list jameslist72 at gmail.com
Wed Jan 13 11:49:55 EST 2016


Hi Youssef,
here the ctrl/fabric are transported using a vlan over a trunk, not direct
p2p link, I guess it's different.

They run VSTP and not sure what on Extreme network,...

I suspect SRX is not happy to see different packet than HA packet on that
link ;-)

cheers
James

2016-01-13 17:25 GMT+01:00 Youssef Bengelloun-Zahr <youssef at 720.fr>:

> Dear James,
>
> We have a pretty similar setup with an SRX5600 cluster in two distinct DCs
> seperated by dark fibers (18 and 28 kms) that we light ourselves.
>
> Control and fabric link are directly connected and transported via PtP
> MPLS services on our core backbone. It's been working great so far.
>
> When we consulted Juniper about this, they told us to worry about the
> following :
>
>      - Distance shouldn't be over 100 kms,
>
>      - Latency shouldn't be higher than 1-2 ms,
>
>      - Change the ethertype of the ports connecting HA links in order to
> be transparant to any VLANs transported between cluster members.
>
> HTH.
>
> Y.
>
>
>
> 2016-01-13 17:04 GMT+01:00 james list <jameslist72 at gmail.com>:
>
>> Hi experts,
>>
>>
>> a customer of mine has implemented an SRX cluster HE(1400) over a L2
>> (vlan)
>> infrastructure and is having sometime problems on the dual FAB links,
>> which
>> trigger basically a split brain.
>>
>>
>> The cluster is geographically stretched and in one site the customer has
>> Cisco Nexus 5k and on the other has Extreme switches.
>>
>>
>> I’m not having a lot of info by the customer, I can only see that they
>> have
>> configured PVSTP on Cisco side and no STP protocol on Extreme side.
>>
>>
>> Has anyone experienced problems in these kind of scenario ?
>>
>>
>> I’m aware of the Juniper prerequisites stated here:
>>
>>
>> http://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/NT21/LAHAAppNotev4.pdf
>>
>>
>> I’m looking for real experience and comments, what to check, any help,
>> etc.
>>
>>
>> Cheers,
>>
>> James
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
>
> --
> Youssef BENGELLOUN-ZAHR
>


More information about the juniper-nsp mailing list