Please see the corrected configs below:
@yihhow wrote:
set device to cluster mode
first device > set chassis cluster cluster-id 1 node 0 reboot
second device > set chassis cluster cluster-id 1 node 1 reboot
setting up hostname n management interface
# set group node0 system host-name srxmaster-node0
# set group node0 interfaces fxp0 unit 0 family inet address 192.168.3.2/24 ( first device anagement ip )
# set group node0 system host-name srxbackup-node1
# set group node0 interfaces fxp0 unit 0 family inet address 192.168.4.2/24 ( second device management ip )
# set apply-groups ${node}
You need to specify the second node as node1, so it should look like this:
# set group node0 system host-name srxmaster-node0
# set group node0 interfaces fxp0 unit 0 family inet address 192.168.3.2/24 ( first device anagement ip )
# set group node1 system host-name srxbackup-node1
# set group node1 interfaces fxp0 unit 0 family inet address 192.168.4.2/24 ( second device management ip )
# set apply-groups ${node}
@yihhow wrote:
setup redundant ethernet interface
# set chassis cluster reth-count 2
# set interfaces fe-0/0/2 fastether-options redundant-parent reth1
# set interfaces fe-2/0/2 fastether-options redundant-parent reth1
# set interfaces fe-0/0/2 fastether-options redundant-parent reth2
# set interfaces fe-2/0/2 fastether-options redundant-parent reth2
# set interfaces reth1 redundant-ether-options redundancy-group 1
# set interfaces reth2 redundant-ether-options redundancy-group 2
# set interfaces reth1 unit 0 family inet address 192.168.1.1/24 ( untrusted ip for first device )
# set interfaces reth2 unit 0 family inet address 192.168.2.1/24 ( untrusted ip for second device )
# set interfaces ge-0/0/0 gigether-options redundant-parent reth3
# set interfaces ge-2/0/0 gigether-options redundant-parent reth3
# set interfaces ge-0/0/0 gigether-options redundant-parent reth4
# set interfaces ge-2/0/0 gigether-options redundant-parent reth4
# set interfaces reth3 redundant-ether-options redundancy-group 1
# set interfaces reth4 redundant-ether-options redundancy-group 2
# set interfaces reth3 unit 0 family inet address 192.168.3.1/24 ( trusted ip for first device )
# set interfaces reth4 unit 0 family inet address 192.168.4.1/24 ( trusted ip for second device )
# set security zones security-zone untrust interfaces reth1.0 ( untrusted interface for first device )
# set security zones security-zone untrust interfaces reth2.0 ( untrusted interface for second device )
# set security zones security-zone trust interfaces reth3.0 ( trust interface for first device )
# set security zones security-zone trust interfaces reth4.0 ( trust interface for second device )
You don't put the same underlying physical interfaces into different reth interfaces. You have the same physicals going into reth1, reth2, reth3 and reth4 which will give you an error. Also, you need more than a reth-count of 2 to support this many reth interfaces. Otherwise the rest of your config looks good...
should looks something like:
# set chassis cluster reth-count 4
# set interfaces fe-0/0/2 fastether-options redundant-parent reth1
# set interfaces fe-2/0/2 fastether-options redundant-parent reth1
# set interfaces fe-0/0/3 fastether-options redundant-parent reth2
# set interfaces fe-2/0/3 fastether-options redundant-parent reth2
# set interfaces reth1 redundant-ether-options redundancy-group 1
# set interfaces reth2 redundant-ether-options redundancy-group 2
# set interfaces reth1 unit 0 family inet address 192.168.1.1/24 ( untrusted ip for first device )
# set interfaces reth2 unit 0 family inet address 192.168.2.1/24 ( untrusted ip for second device )
# set interfaces ge-0/0/4 gigether-options redundant-parent reth3
# set interfaces ge-2/0/4 gigether-options redundant-parent reth3
# set interfaces ge-0/0/5 gigether-options redundant-parent reth4
# set interfaces ge-2/0/5 gigether-options redundant-parent reth4
# set interfaces reth3 redundant-ether-options redundancy-group 1
# set interfaces reth4 redundant-ether-options redundancy-group 2
# set interfaces reth3 unit 0 family inet address 192.168.3.1/24 ( trusted ip for first device )
# set interfaces reth4 unit 0 family inet address 192.168.4.1/24 ( trusted ip for second device )
# set security zones security-zone untrust interfaces reth1.0 ( untrusted interface for first device )
# set security zones security-zone untrust interfaces reth2.0 ( untrusted interface for second device )
# set security zones security-zone trust interfaces reth3.0 ( trust interface for first device )
# set security zones security-zone trust interfaces reth4.0 ( trust interface for second device )
@yihhow wrote:
> set chassis cluster cluster-id 1 node 0 reboot
> set chassis cluster clucter-id 1 node 1 reboot
reboot to take effect
A second reboot is not necessary once you've enabled the cluster.
HTHs.