Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Chassis clustering provides network node redundancy bygrouping a pair of the same kind of supported J-seriesdevices or SRX...
The basic active/passive chassis cluster consists of twodevices:1. One device actively provides routing, firewall, NAT,   ...
To create an SRX-series chassis cluster, you mustphysically connect a pair of the same kind of supportedSRX-series devices...
Control Ports                Fabric  Fabric Link                 Link  Cable
After wiring the two devices together, you useCLI operational mode commands to enable chassisclustering by assigning a clu...
The fxp0 interfaces, when configured for active/activeoperations, function like standard management interfaceson SRX-serie...
The fabric is the data link between the nodes and is used toforward traffic between the chassis.Traffic arriving on a node...
The control interfaces provide the control link between thetwo nodes in the cluster and are used for routing updatesand fo...
1. Physically connect a pair of SRX-series devices    together2. Connect the initial node to the console port3. Configure ...
After connecting the two devices together, you configure acluster ID and a node ID. A cluster ID identifies the cluster t...
To set the node IDs and cluster IDs, connect to eachdevice through the console port and enter the followingoperational com...
Enter the cluster ID and node ID for the other node. If youwant redundancy groups to be secondary on this nodewhen priorit...
Use the show chassis cluster status operationalcommand to view node status.user@host# show chassis cluster statusWhen you ...
You must assign a unique IP address to each node inthe cluster to provide network management access. Thisconfiguration is ...
From the console port connection to the device you wantto designate as the primary node, in configuration modeenter the fo...
From the console port connection to the device you want todesignate the secondary node, in configuration mode enter thefol...
For the chassis cluster configuration, you specify thenumber of redundant Ethernet interfaces that the clustercontains and...
The fabric is the back-to-back data connection between thenodes in a cluster. Traffic on one node that needs to beprocesse...
Enter the following commands to join ge-0/0/1 on onenode in the cluster and ge-7/0/1 on the other to form thefabric:{prima...
A redundancy group is an abstract entity (extractingcommon features from specific object) that includesand manages a colle...
Use the following command in configuration mode tospecify the number of gratuitous Address ResolutionProtocol (ARP) reques...
Use the following command in configuration mode toidentify an interface to be monitored by a specificredundancy group and ...
Use the following commands in configuration mode tospecify a redundancy groups priority for primacy on eachnode of the clu...
Use the following command in configuration mode tospecify if a node with a better (higher) priority can initiatea failover...
A redundant Ethernet interface is a pseudo interface thatcontains two physical interfaces, one from each node ofthe cluste...
Use the following commands to bind redundant child physicalinterfaces to reth1:{primary:node1}user@host# set interfaces ge...
Use the following commands to:Add reth 1 to redundancy group 1Set the MTU (Maximum Transmission Unit) size to 1500  byte...
Use the following command to associate reth1.0 with asecurity zone named Trust. Security zone configuration isthe same for...
Redundancy group failover is triggered by the results frommonitoring the health of interfaces that belong to theredundancy...
Use the following command to set interfacemonitoring on ge-7/0/3:{primary:node1}user@host# set chassis cluster redundancy-...
You can initiate a failover manually withthe request command. A manual failover bumps up thepriority of the redundancy gro...
Use the show command to display the status of nodes in thecluster:{primary:node0}user@host> show chassis cluster status re...
Use the show command to display the new status of nodes inthe cluster.{primary:node1}user@host> show chassis cluster statu...
Purpose:Display chassis cluster verification options.Action:From the CLI, enter the show chassis cluster ? command:{primar...
Purpose:Display information about chassis cluster interfaces.Action:From the CLI, enter the show chassis clusterinterfaces...
Purpose:Display information about chassis cluster services andinterfaces.Action:From the CLI, enter the show chassis clust...
Purpose:Clear displayed information about chassis cluster servicesand interfaces.Action:From the CLI, enter the clear chas...
Purpose:Display chassis cluster control-plane statistics.Action:From the CLI, enter the show chassis cluster control-plane...
Purpose:Clear displayed chassis cluster control plane statisticsAction:From the CLI, enter the clear chassis cluster contr...
Purpose:Display chassis cluster data plane statisticsAction:From the CLI, enter the show chassis cluster data-planestatist...
Purpose:Clear displayed chassis cluster data plane statisticsAction:From the CLI, enter the clear chassis cluster data-pla...
Purpose:Display the failover status of a chassis cluster.Action:From the CLI, enter the show chassis clusterstatus command...
Purpose:Clear the failover status of a chassis cluster.Action:From the CLI, enter the clear chassis cluster failover-count...
Purpose:Display the failover status of a chassis cluster redundancygroup.Action:From the CLI, enter the show chassis clust...
To upgrade a chassis cluster: Load the new image file on node 0. Perform the image upgrade without rebooting the node  b...
To disable chassis cluster, enter the followingcommand:{primary:node1}user@host> set chassis cluster disable rebootSuccess...
Chassis Cluster Configuration
Chassis Cluster Configuration
Upcoming SlideShare
Loading in …5
×

Chassis Cluster Configuration

3,817 views

Published on

Published in: Education, Technology, Business
  • Be the first to comment

Chassis Cluster Configuration

  1. 1. Chassis clustering provides network node redundancy bygrouping a pair of the same kind of supported J-seriesdevices or SRX-series devices into a cluster. The devicesmust be running JUNOS software.A chassis cluster takes the two SRX devices andrepresents them as a single device. It consist of two important models that are:1. active/active2. active/passive
  2. 2. The basic active/passive chassis cluster consists of twodevices:1. One device actively provides routing, firewall, NAT, VPN, and security services, along with maintaining control of the chassis cluster.2. The other device passively maintains its state for cluster failover capabilities should the active device become inactive.
  3. 3. To create an SRX-series chassis cluster, you mustphysically connect a pair of the same kind of supportedSRX-series devices back-to-back over a pair of GigabitEthernet connections or a pair of 10-Gigabit Ethernetconnections.The connection that serves as the control link must be thebuilt-in controller port on each device. The fabric linkconnection can be a combination of any pair of GigabitEthernet interfaces on the devices.
  4. 4. Control Ports Fabric Fabric Link Link Cable
  5. 5. After wiring the two devices together, you useCLI operational mode commands to enable chassisclustering by assigning a cluster ID and node ID on eachchassis in the cluster. The cluster ID is the same on bothnodes.To do this, you connect to the console port on the devicethat will be the primary, give it a node ID, and identify thecluster it will belong to, then reboot the system.Now you then connect the console port to the other device,give it a node ID, and assign it the same cluster ID yougave to the first node, then reboot the system.
  6. 6. The fxp0 interfaces, when configured for active/activeoperations, function like standard management interfaceson SRX-series devices and allow network access to eachnode in the cluster.You must, however, first connect to each node through theconsole port and assign a unique IP address toeach fxp0 interface.
  7. 7. The fabric is the data link between the nodes and is used toforward traffic between the chassis.Traffic arriving on a node that needs to be processed on theother is forwarded over the fabric data link. Similarly, trafficprocessed on a node that needs to exit through an interface onthe other node is forwarded over the fabric.The fabric also provides for synchronization of session stateobjects created by operations such as authentication, NetworkAddress Translation (NAT), Application Layer Gateways (ALGs),and IP Security (IPsec) sessions. The fabric link can be any pairof Gigabit Ethernet interfaces spanning the cluster.
  8. 8. The control interfaces provide the control link between thetwo nodes in the cluster and are used for routing updatesand for control plane signal traffic, such as heartbeat andthreshold information that triggers node failover.The control link is also used to synchronize theconfiguration between the nodes. When you submitconfiguration statements to the cluster, the configuration isautomatically synchronized over the control link.
  9. 9. 1. Physically connect a pair of SRX-series devices together2. Connect the initial node to the console port3. Configure the control ports4. Use CLI operational mode commands to enable clustering5. Repeat step 2, 3 & 4 for other device6. Configure the management interfaces on the cluster7. Configure the cluster8. Initiate manual failover9. Configure conditional route advertisement over redundant Ethernet interfaces10. Verify the configuration
  10. 10. After connecting the two devices together, you configure acluster ID and a node ID. A cluster ID identifies the cluster that the two nodes belong to. A node ID identifies a unique node within a cluster. You can deploy up to 15 clusters in a Layer 2 domain. Each cluster is defined by a cluster-id value within the range of 1 through 15. A device can belong to only one cluster at any given time. Nodes in a cluster are numbered 0 and 1.
  11. 11. To set the node IDs and cluster IDs, connect to eachdevice through the console port and enter the followingoperational commands, then reboot the system.Enter the cluster ID and node ID information for the firstnode. If you want redundancy groups to be primary onthis node when priority settings for both nodes are thesame, make it node 0.user@host> set chassis cluster node 0 cluster-id 1warning: A reboot is required for chassis cluster to beenabled
  12. 12. Enter the cluster ID and node ID for the other node. If youwant redundancy groups to be secondary on this nodewhen priority settings for both nodes are the same, makeit node1.user@host> set chassis cluster node 1 cluster-id 1rebootSuccessfully enabled chassis cluster. Going to rebootnow.
  13. 13. Use the show chassis cluster status operationalcommand to view node status.user@host# show chassis cluster statusWhen you complete the chassis cluster basicconfiguration, any subsequent configuration changes youmake are automatically synchronized on both nodes.
  14. 14. You must assign a unique IP address to each node inthe cluster to provide network management access. Thisconfiguration is not replicated across the two nodes.In an SRX-series chassis cluster, the fxp0 interface is aport on the Routing Engine (RE) card.
  15. 15. From the console port connection to the device you wantto designate as the primary node, in configuration modeenter the following commands to name the node node0-router and assign IP address 10.1.1.1/24 to it:user@host# set groups node0 system host-namenode0-routeruser@host# set groups node0 interfaces fxp0 unit 0family inet address 10.1.1.1/24
  16. 16. From the console port connection to the device you want todesignate the secondary node, in configuration mode enter thefollowing commands to name the node node1-router andassign IP address 10.1.1.2/24 to it:user@host# set groups node1 system host-name node1-routeruser@host# set groups node1 interfaces fxp0 unit 0 familyinet address 10.1.1.2/24Enter the following command in configuration mode to applythese unique configurations to the appropriate node. Thisconfiguration is not replicated across the two nodes.user@host# set apply-groups
  17. 17. For the chassis cluster configuration, you specify thenumber of redundant Ethernet interfaces that the clustercontains and the information used to monitor the “health”of the cluster.You must configure the redundant Ethernet interfacescount for the cluster in order for the redundant Ethernetinterfaces that you configure to be recognized. Use thefollowing command in configuration mode to define thenumber of redundant Ethernet interfaces for the cluster:user@host# set chassis cluster reth-count 3
  18. 18. The fabric is the back-to-back data connection between thenodes in a cluster. Traffic on one node that needs to beprocessed on the other node or to exit through an interfaceon the other node passes over the fabric. Session stateinformation also passes over the fabric.In an SRX-series chassis cluster, you can configure any pair of Gigabit Ethernet interfaces or any pair of 10- Gigabit interfaces to serve as the fabric between nodes.You cannot configure filters, policies, or services on the fabric interface.
  19. 19. Enter the following commands to join ge-0/0/1 on onenode in the cluster and ge-7/0/1 on the other to form thefabric:{primary:node0}user@host# set interfaces fab0 fabric-optionsmember-interfaces ge-0/0/1{secondary:node1}user@host# set interfaces fab1 fabric-optionsmember-interfaces ge-7/0/1
  20. 20. A redundancy group is an abstract entity (extractingcommon features from specific object) that includesand manages a collection of objects. A redundancygroup can be primary on only one node at a time.Before you can create redundant Ethernet interfacesyou must create their redundancy groups.
  21. 21. Use the following command in configuration mode tospecify the number of gratuitous Address ResolutionProtocol (ARP) requests that an interface can send tonotify other network devices of its presence after theredundancy group it belongs to has failed over:{primary:node1}user@host# set chassis cluster redundancy-group 1gratuitous-arp-count 4
  22. 22. Use the following command in configuration mode toidentify an interface to be monitored by a specificredundancy group and give it a weight. You can configurea redundancy group to monitor any interfaces, not justthose belonging to its redundant Ethernet interfaces.{primary:node1}user@host# set chassis cluster redundancy-group 1interface-monitor fe-3/1/1/1 weight 100
  23. 23. Use the following commands in configuration mode tospecify a redundancy groups priority for primacy on eachnode of the cluster. The higher number takes precedence.{primary:node1}user@host# set chassis cluster redundancy-group 1node 1 priority 100{secondary:node0}user@host# set chassis cluster redundancy-group 1node 0 priority 200
  24. 24. Use the following command in configuration mode tospecify if a node with a better (higher) priority can initiatea failover to become primary for the redundancy group:{primary:node1}user@host# set chassis cluster redundancy-group 1preempt
  25. 25. A redundant Ethernet interface is a pseudo interface thatcontains two physical interfaces, one from each node ofthe cluster. To create a redundant Ethernet interface, youconfigure the two physical interfaces independently.You configure the rest of the configuration that pertains tothem at the level of the redundant Ethernet interface, andeach of the child interfaces inherits this configuration.
  26. 26. Use the following commands to bind redundant child physicalinterfaces to reth1:{primary:node1}user@host# set interfaces ge-0/0/0 gigether-optionsredundant-parent reth1{primary:node1}user@host# set interfaces ge-7/0/0 gigether-optionsredundant-parent reth1{primary:node1}user@host# set interfaces fe-1/0/0 fast-ether-optionsredundant-parent reth1{primary:node1}user@host# set interfaces fe-8/0/0 fast-ether-optionsredundant-parent reth1
  27. 27. Use the following commands to:Add reth 1 to redundancy group 1Set the MTU (Maximum Transmission Unit) size to 1500 bytesAssign IP address 10.1.1.3/24 to reth1{primary:node1}user@host# set interfaces reth1 redundant-ether-optionsredundancy-group 1{primary:node1}user@host# set interfaces reth1 unit 0 family inet mtu1500{primary:node1}user@host# set interfaces reth1 unit 0 family inet address10.1.1.3/24
  28. 28. Use the following command to associate reth1.0 with asecurity zone named Trust. Security zone configuration isthe same for redundant Ethernet interfaces as for anyother interface.{primary:node1}user@host# set security zones security-zone Trustinterfaces reth1.0
  29. 29. Redundancy group failover is triggered by the results frommonitoring the health of interfaces that belong to theredundancy group. When you assign a weight to aninterface to be monitored, the system monitors theinterface for availability.If a physical interface fails, the weight is deducted fromthe corresponding redundancy groups threshold. Everyredundancy group has a threshold of 255. If the thresholdhits 0, a failover is triggered. Failover is triggered even ifthe redundancy group is in manual failover mode andpreempt is not enabled.
  30. 30. Use the following command to set interfacemonitoring on ge-7/0/3:{primary:node1}user@host# set chassis cluster redundancy-group 1 interface-monitor ge-7/0/3 weight 255
  31. 31. You can initiate a failover manually withthe request command. A manual failover bumps up thepriority of the redundancy group for that member to 255.After a manual failover, the new primary continues in thatrole until there is a failback. If there is a failback, themanual failover is lost and state election is made basedon priority and preempt settings. A failback in manualfailover mode can occur if the primary node fails or if thethreshold of a redundancy group 0 reaches 0.
  32. 32. Use the show command to display the status of nodes in thecluster:{primary:node0}user@host> show chassis cluster status redundancy-group 0Output to this command indicates that node 0 is primary.Use the request command to trigger a failover and make node1 the primary:{primary:node1}user@host> request chassis cluster failover redundancy-group 0 node 1
  33. 33. Use the show command to display the new status of nodes inthe cluster.{primary:node1}user@host> show chassis cluster status redundancy-group 0Output to this command shows that node 1 is now primary.You can reset the failover for redundancy groups usingthe request command. This change is propagated across thecluster.{primary:node1}user@host> request chassis cluster failover resetredundancy-group 0 node 0
  34. 34. Purpose:Display chassis cluster verification options.Action:From the CLI, enter the show chassis cluster ? command:{primary:node1}user@host> show chassis cluster ?What it Means…?The output shows a list of all chassis cluster verification parameters.Verify the following information:1. Interfaces—Displays information about chassis cluster interfaces.2. Statistics—Displays information about chassis cluster services and interfaces.3. Status—Displays failover status about nodes in a cluster.
  35. 35. Purpose:Display information about chassis cluster interfaces.Action:From the CLI, enter the show chassis clusterinterfaces command:{primary:node1}user@host> show chassis cluster interfacesWhat it Means…?The output shows the state the control link between thenodes, and provides information about the link state. Theoutput also shows the state of the fabric interface between thenodes and provides information about traffic on that link.
  36. 36. Purpose:Display information about chassis cluster services andinterfaces.Action:From the CLI, enter the show chassis clusterstatistics command:{primary:node1}user@host> show chassis cluster statisticsWhat it Means…?The output shows the control link statistics (heartbeatssent and received), the fabric link statistics (probes sentand received), and the number of RTOs sent andreceived for services.
  37. 37. Purpose:Clear displayed information about chassis cluster servicesand interfaces.Action:From the CLI, enter the clear chassis clusterstatistics command:{primary:node1}user@host> clear chassis cluster statisticsWhat it Means…?Cleared control-plane statisticsCleared data-plane statistics
  38. 38. Purpose:Display chassis cluster control-plane statistics.Action:From the CLI, enter the show chassis cluster control-planestatistics command:{primary:node1}user@host> show chassis cluster control-planestatisticsWhat it Means…?The output shows the control link statistics (heartbeatssent and received) and the fabric link statistics (probessent and received).
  39. 39. Purpose:Clear displayed chassis cluster control plane statisticsAction:From the CLI, enter the clear chassis cluster control—planestatistics command:{primary:node1}user@host> clear chassis cluster control—planestatisticsWhat it Means…?Cleared control-plane statistics
  40. 40. Purpose:Display chassis cluster data plane statisticsAction:From the CLI, enter the show chassis cluster data-planestatistics command:{primary:node1}user@host> show chassis cluster data-plane statisticsWhat it Means…?The output shows the number of RTOs sent and receivedfor services.
  41. 41. Purpose:Clear displayed chassis cluster data plane statisticsAction:From the CLI, enter the clear chassis cluster data-planestatistics command:{primary:node1}user@host> clear chassis cluster data-plane statisticsWhat it Means…?Cleared data-plane statistics
  42. 42. Purpose:Display the failover status of a chassis cluster.Action:From the CLI, enter the show chassis clusterstatus command:{primary:node1}user@host> show chassis cluster statusWhat it Means…?The output shows the failover status of the chassis clusterin addition to information about the chassis clusterredundancy groups.
  43. 43. Purpose:Clear the failover status of a chassis cluster.Action:From the CLI, enter the clear chassis cluster failover-count command:{primary:node1}user@host> clear chassis cluster failover-countWhat it Means…?Cleared failover-count for all redundancy-groups
  44. 44. Purpose:Display the failover status of a chassis cluster redundancygroup.Action:From the CLI, enter the show chassis cluster statusredundancy-group command:{primary:node1}user@host> show chassis cluster status redundancy-group2What it Means..?The output shows state and priority of both nodes in a clusterand indicates whether the primary has been preempted orwhether there has been a manual failover.
  45. 45. To upgrade a chassis cluster: Load the new image file on node 0. Perform the image upgrade without rebooting the node by entering:user@host> request system software add <image_name> Load the new image file on node 1. Repeat Step 2. Reboot both nodes simultaneously.
  46. 46. To disable chassis cluster, enter the followingcommand:{primary:node1}user@host> set chassis cluster disable rebootSuccessfully disabled chassis cluster. Going to rebootnow. After the system reboots, the chassis cluster isdisabled.

×