[j-nsp] SRX Active/Active
Brian Spade
bitkraft at gmail.com
Sun Jun 26 14:15:25 EDT 2016
Hi,
I'm trying to figure out the best way to setup an SRX cluster as
active/active. I have attached a diagram of the topology, but it's a
full mesh of links. The ISP links are local interfaces and the
southbound interfaces to the core routers are reth's. Core1 is HSRP
primary for all VLANs. FW1 is primary for RG1 and FW2 is primary for
RG2. The IGP is OSPF but have many VRFs that are connected to the FW
with transit VLANs to bind the sub-interface to virtual router & zone.
The issue I have is Core2 has no active OSPF neighbors in this setup.
Therefore, if Core1 fails, there will be a control outage as Core2
establishes OSPF adjacencies.
So I'm thinking it might be better to remove the reth's and use local
interfaces on the FW/CORE links. This way I can have a full mesh of
OSPF adjacencies and no control plane loss when Core1 fails.
Does anyone have thoughts on this or recommend the best way to achieve
this active/active full mesh setup? If there's good reason to not use
active/active, I'd welcome the feedback.
Thanks.
/bs
More information about the juniper-nsp
mailing list