SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Reth interfaces on Untrust zone

     
    Posted 03-22-2022 09:50
    Hi all,

    Based on the the following  Juniper TEchLibrary document  -Configuring an Active/Active Layer 3 Cluster Deployment,  I understand that there are only 2 Reth interfaces  that are associated with the Trust zone.  I have some questions about why this design hasn't got any  Reth interface(s) on the Untrust zone whilst Full Mech Chassis Cluster ( 2nd link below) has 2 reth interfaces on the Untrust zone..... 

    And  advice please?

    Example: Configuring an Active/Active Layer 3 Cluster Deployment

    Example: Configuring an SRX Series Services Gateway as a Full Mesh Chassis Cluster



    Thanks
    A.


  • 2.  RE: Reth interfaces on Untrust zone

     
    Posted 03-23-2022 09:47
    The difference is in the active/active diagram the two ISP are connected directly to single SRX node in the cluster.  So in that case there is no reth interface. 

    The reth interface allows a port on  each of the cluster members to back each other up using redundant ethernet protocol.  When the ISP is connected upstream like the second example then only one of the two srx at a time is connecting.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------