vSRX

 View Only
last person joined: 2 days ago 

Ask questions and share experiences with vSRX Virtual Firewall deployments and how to scale firewall protection.
  • 1.  LACP between Juniper vSRX and Cisco Nexus 9000

    Posted 04-04-2022 05:42
    Hi Everyone,

    Is it really possible de set LACP for LAG  between Juniper SRX firewall and  Cisco Nexus ? 
    Actually I'm working on below LAB with port aggregation between Nexus and vSRX.
    For Juniper side I used Aggregate Ethernet ae0 interface (ge-0/0/4 and ge-0/0/5) and for Nexus side I used port channel interface (E1/4 and E1/5).
    Active mode for Nexus and Passive mode for Juniper.


    When I enable LACP on each aggregate interface automatically both ae0 et port channel interface are on protocole  mode DOWN.
    By troubleshooting I could see that Nexus interface are on suspended mode because they didn't receive LACPDU reply from peer. 
    No any LACP statistics information is available for vSRX.

    When I put vSRX LACP on active mode I can see transmission query counter but no any reply information from Nexus: 

    root# run show lacp statistics interfaces ae0

    Aggregated interface: ae0
                LACP Statistics: LACP Rx              LACP Tx         Unknown Rx          Illegal Rx
                       ge-0/0/3                         0                          386                                0                            0
                       ge-0/0/4                         0                         386                                 0                            0


    Once I disable LACP both aggregate interfaces are UP and I provide reachability between device.
    this issue is same white Reth interface for SRX Cluster device.

    So I want to know if LACP between Juniper and other vendor is possible or if I make some mistake let me know.

    Thanks Expert for your support.


    ------------------------------
    WYA ABU
    ------------------------------


  • 2.  RE: LACP between Juniper vSRX and Cisco Nexus 9000

    This message was posted by a user wishing to remain anonymous
    Posted 04-05-2022 05:28
    This message was posted by a user wishing to remain anonymous

    Hi,

    Following statement from juniper vSRX guide




  • 3.  RE: LACP between Juniper vSRX and Cisco Nexus 9000

    Posted 04-05-2022 09:55
    Hi,

    Thanks for your answer. I see that many function are not supported on vSRX.

    I see that LAG on routed ports didn't support but I was able to do it and reachability is OK.

    Someone can confirm that LAG LACP with physical SRX is supported with Cisco Nexus devices ?

    ------------------------------
    WYA ABU
    ------------------------------