Hi,
I've set up an SRX300 Cluster for a customer. I've got one cable from each member running to the customer switch in a reth interface, and have two 100Mbps WAN links, one on ge-0/0/3 and one on ge-1/0/3.
I'm having issues load balancing my outbound traffic
I'm running version 15.1X49-D70.3
I've set up OSPF between this cluster and my MX in the DC. The load balancing from the MX down to the SRX works fine, however it looks like outbound traffic from my SRX to the MX isn't working properly.
Traceroutes show the traffic taking different links if I run it a few times in succession, but it seems transit traffic is only going over the link on ge-0/0/3.
Cluster config:
hostname> show chassis cluster status
Monitor Failure codes:
CS Cold Sync monitoring FL Fabric Connection monitoring
GR GRES monitoring HW Hardware monitoring
IF Interface monitoring IP IP monitoring
LB Loopback monitoring MB Mbuf monitoring
NH Nexthop monitoring NP NPC monitoring
SP SPU monitoring SM Schedule monitoring
CF Config Sync monitoring
Cluster ID: 1
Node Priority Status Preempt Manual Monitor-failures
Redundancy group: 0 , Failover count: 1
node0 100 primary no no None
node1 1 secondary no no None
Redundancy group: 1 , Failover count: 37
node0 100 primary yes no None
node1 1 secondary yes no None
Redundancy group: 2 , Failover count: 1
node0 100 primary yes no None
node1 1 secondary yes no None
hostname> show configuration chassis cluster
reth-count 3;
redundancy-group 0 {
node 0 priority 100;
node 1 priority 1;
}
redundancy-group 1 {
node 0 priority 100;
node 1 priority 1;
preempt;
interface-monitor {
ge-0/0/4 weight 255;
}
}
redundancy-group 2 {
node 0 priority 100;
node 1 priority 1;
preempt;
interface-monitor {
ge-0/0/5 weight 255;
}
}
I see the route being added if I do a show route:
hostname> show route forwarding-table
Routing table: default.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
default user 2 ulst 262143 8
f4:b5:2f:db:ad:4b ucst 1616 2 ge-0/0/3.0
f4:b5:2f:db:ad:4c ucst 1617 2 ge-1/0/3.0
default perm 0 rjct 36 2
0.0.0.0/32 perm 0 dscd 34 1
hostname> show route
inet.0: 100 destinations, 100 routes (100 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[OSPF/150] 1d 02:24:30, metric 0, tag 0
to 100.127.0.162 via ge-0/0/3.0
> to 100.127.0.164 via ge-1/0/3.0
hostname> show configuration routing-options
forwarding-table {
export LOADBALANCING;
}
{primary:node0}
hostname> show configuration policy-options policy-statement LOADBALANCING
term VOICE {
from {
prefix-list VOICE;
}
then accept;
}
term LOADBALANCE {
then {
load-balance per-packet;
}
}
The config seems correct and I've followed the knowledge base. I've set this up on a single SRX 210 and it works fine. Is this not sending traffic over ge-1/0/3 since it is part of the secondary member? I can't see anything noticeably wrong here
Thanks!