[179188] in North American Network Operators' Group
Re: Question about EX - SRX redundancy
daemon@ATHENA.MIT.EDU (Hugo Slabbert)
Thu Apr 2 11:51:08 2015
X-Original-To: nanog@nanog.org
Date: Thu, 2 Apr 2015 08:51:05 -0700
From: Hugo Slabbert <hugo@slabnet.com>
To: Anurag Bhatia <me@anuragbhatia.com>
In-Reply-To: <CAJ0+aXZb6QKJJq2QzqpEXLexSzOZpvxLKXVP+E79Ds6dp5o71g@mail.gmail.com>
Cc: NANOG Mailing List <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--2FkSFaIQeDFoAt0B
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In:
>> > EX0 (ae1) >> Two Patches to SRX0 (reth1)
>> > EX1 (ae2) >> Two Patches to SRX1 (reth1)
with:
>> > that if one EX goes down then I cannot make use of other corresponding
>> SRX.
Do you mean that e.g. if SRX0 is the chassis cluster primary and EX0 goes=
=20
down, then you can't use SRX0, but you would like to be able to survive EX0=
=20
going down *without* failing over the SRX chassis cluster to SRX1?
--=20
Hugo
On Thu 2015-Apr-02 20:47:03 +0530, Anurag Bhatia <me@anuragbhatia.com> wrot=
e:
>Hi
>
>
>I thought cross chassis lag is supposed by the use of reth bundled at SRX
>end. I read this is basically the major difference in reth Vs ae bundle in
>SRX.
>
>
>Interesting factor here is that ae bundles can spread across multiple EX
>chassis in a virtual chassis environment but this cannot be the case with
>ae bundles in SRX.
>
>
>
>
>Thanks.
>
>On Thu, Apr 2, 2015 at 7:59 PM, Bill Blackford <bblackford@gmail.com> wrot=
e:
>
>> It's my understanding that a cross chassis LAG is not supported. If there
>> is a way, I'm not aware of it. I'm running the same set up as your worki=
ng
>> example in my locations and for now, this suits my requirements.
>>
>> Sent from my iPhone
>>
>> > On Apr 2, 2015, at 07:12, Anurag Bhatia <me@anuragbhatia.com> wrote:
>> >
>> > Hello everyone!
>> >
>> >
>> >
>> >
>> > I have got two Juniper EX series switches (on virtual chassis) and two
>> SRX
>> > devices on native clustering.
>> >
>> >
>> > I am trying to have a highly available redundancy between them with
>> atleast
>> > 2Gbps capacity all the time but kind of failing. I followed Juniper's
>> > official page here
>> > <http://kb.juniper.net/InfoCenter/index?page=3Dcontent&id=3DKB22474> as
>> well as
>> > this detailed forum link here
>> > <
>> http://forums.juniper.net/t5/SRX-Services-Gateway/Best-way-of-redundancy=
-between-SRX-and-EX/td-p/181365
>> >
>> > .
>> >
>> >
>> > I wish to have a case where devices are connected criss cross and
>> following
>> > the documentation I get two ae bundles in EX side and one single reth
>> > bundle on SRX side. Both ae bundles on EX side have identical
>> configuration
>> > and VLAN has both ae interfaces called up.
>> >
>> >
>> > If I do not go for criss cross connectivity like this:
>> >
>> >
>> >
>> > EX0 (ae1) >> Two Patches to SRX0 (reth1)
>> > EX1 (ae2) >> Two Patches to SRX1 (reth1)
>> >
>> >
>> > Then it works all well and redundancy works fine. In this case as long
>> as 1
>> > out of 4 patch is connected connectivity stays live but this has trade
>> off
>> > that if one EX goes down then I cannot make use of other corresponding
>> SRX.
>> >
>> > If I do criss connectivity, something like:
>> >
>> >
>> > EX0 (ae1) >> Two Patches to SRX0 (reth1)
>> > EX0 (ae1) >> One patch to SRX1 (reth1)
>> >
>> > EX1 (ae2) >> Two Patches to SRX1 (reth1)
>> > EX1 (ae2) >> One patch to SRX0 (reth1)
>> >
>> >
>> > In this config system behaves very oddly with one ae pair (and it's
>> > corresponding physical ports) working well while failover to other ae
>> > bundle fails completely.
>> >
>> >
>> >
>> > I was wondering if someone can point me out here.
>> >
>> >
>> >
>> >
>> > Appreciate your time and help!
>> >
>> >
>> >
>> >
>> >
>> > --
>> >
>> >
>> > Anurag Bhatia
>> > anuragbhatia.com
>> >
>> > Linkedin <http://in.linkedin.com/in/anuragbhatia21> | Twitter
>> > <https://twitter.com/anurag_bhatia>
>> > Skype: anuragbhatia.com
>> >
>> > PGP Key Fingerprint: 3115 677D 2E94 B696 651B 870C C06D D524 245E 58E2
>>
>
>
>
>--=20
>
>
>Anurag Bhatia
>anuragbhatia.com
>
>Linkedin <http://in.linkedin.com/in/anuragbhatia21> | Twitter
><https://twitter.com/anurag_bhatia>
>Skype: anuragbhatia.com
>
>PGP Key Fingerprint: 3115 677D 2E94 B696 651B 870C C06D D524 245E 58E2
--2FkSFaIQeDFoAt0B
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVHWVpAAoJEJqxD/2xeDE+PvgP/is9m+/CbD+PxIvGJjuVjK9C
QTv9EwIR+QkqW678eHk42F904Hq4R9hRTYZGcetrkOQgX7q1yM8tV/AL/IArLNJX
/WR6W/B+5OMxn7SPe2bgExLIRNxrcHAvnxCEVjo4EGMxtHjSUoTKFRqBy3brBsIZ
+3nzdl7sQE4h3RH3LJM/EnVxK0T9MFdSY409t02reYOHTbwu1c3ZRqaGqt5fBkcl
amco5FY6opUa47PwuKyat5GRPm5Bs3n2wQNxrmBTqBX3E4yNGACVRUmdnrBbZQId
28HVfUx43vusUJlRrt8fR0cSdnyDh6IPs/4hvSvz4EH2RoUZb0A2FQ8ROH+IFuOj
t4Oi+IlrnOuZ28+pKhcGIamDZsNoWt73WIR2PdXN9czOiX638PLated2Ktko99aw
Q6sI5Spm9uL9YG/BlOj0kmDraO2lUoEmvf/6DvzDyF/JeBhhuHGrKz+AaLe+7QRq
RYKKpSVfehn8CtKl1wQH9qrRr9WjWGuMR60kk21ut08V8H4YswqEG+qiZ3a38yhQ
ExBAg/mzZr2X5TIEQ0vktXW7DTh2DZ3fLsYZfpKAKbeMYJCt+68Ia+8Mg8f9lKwe
L5zbz6bC39i176HvqDtpgrpLrxRllaY0tLh8pF7BuXlK4XliYsN6oKfhQDvy3iwJ
QEHVQuGbHLCOvhuHfNRR
=o76w
-----END PGP SIGNATURE-----
--2FkSFaIQeDFoAt0B--
