SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

Secondary IP address/network not working in cluster

Jump to Best Answer
This thread has been viewed 0 times
  • 1.  Secondary IP address/network not working in cluster

    Posted 04-01-2011 13:44

    Hello,

     

    I have two SRX240 clustered.  Everything was working fine, however I am trying to add a second network on one of the interfaces and so far I am not able to communicate with it.  The current subnet we have is almost full and we need to change the subnet to something with more hosts.  In order to do that I wanted to configure both subnets on the interface until the migration is complete and then remove the original subnet:

     

    10.100.100.144/28 (current) -> 10.100.100.224/27 (new)

     

    The config I have set on the interface:

     

        reth6 {
            redundant-ether-options {
                redundancy-group 1;
            }
            unit 0 {
                description Vendor-Zone;
                family inet {
                    address 10.100.100.145/28 {
                        primary;
                        preferred;
                    }
                    address 10.100.100.225/27;
                }
            }
        }

     

    I have added the new subnet to the allowed addresses in the policies, but even the current subnet cannot ping anything in the new subnet, meaning nothing from 10.100.100.144/27 can ping 10.100.100.224/27  Is there something I am missing?

     

    Thanks!

     

    Anita


    #secondary
    #SRX
    #ip
    #cluster


  • 2.  RE: Secondary IP address/network not working in cluster
    Best Answer

    Posted 04-01-2011 14:21

    Solved it through JTAC.  With two different subnets on the same interface, I only should have primary configured not, prefered.  I removed the prefered options and everything started working. So the proper configuration is:

     

    reth6 {
            redundant-ether-options {
                redundancy-group 1;
            }
            unit 0 {
                description Vendor-Zone;
                family inet {
                    address 10.100.100.145/28 {
                        primary;
                    }
                    address 10.100.100.225/27;
                }
            }
        }