Junos OS

 View Only
last person joined: 6 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  VRRP MX with Juniper SSG and SRX

    Posted 08-23-2019 02:25

    Hi All, I plan to deploy as follow topology. As you can see both MX are interconnected with trunk mode to achieve VRRP configuration SRX with A/P cluster configuration, each SRX connected to MX with Reth interface. Please advice if it is applicable

     

    Screen Shot 2019-08-23 at 16.10.17.png



  • 2.  RE: VRRP MX with Juniper SSG and SRX

    Posted 08-23-2019 02:48

    Yes that setup will work for your vrrp gateway on the mx devices.

     

    Note that you will want the master device to be the one connected to the normally active SRX/SSG device so the cross link will not have to carry all the traffic unless a failover situation occurs.

     



  • 3.  RE: VRRP MX with Juniper SSG and SRX
    Best Answer

     
    Posted 08-23-2019 10:50

    Hi, 

     

    As the saying goes 'The devil is in the detail', this might well be the case.

    If the inet addresses are being configured under the physical ge interfaces on the MX, vrrp pkts will be sourced from that interface and unless the SRX is bridging/switching the vrrp packets, those will not reach the other MX and vice-versa, and result in split-brain vrrp as the back to back L2 trunk interface between the MXs will not be used for vrrp control traffic.

     

    From experience, I believe the MXs can be configured with a bridge-domain and the vrrp configured over an irb. That way vrrp can flow over the L2 trunk. Also to make sure data traffic does not traverse over the L2 trunk, vrrp track and priorities can be used to ensure vrrp mastership is in sync with the active reth on the SRX side.

     

    Hope this helps.

    Ashvin