Hello Community,
I have this weird problem and am really hoping for this to be a silly config mistake. Here goes:
SRX(0/0/2)-------------EX-1------------------EX-2
99.1.1.1/24 99.1.1.2/24 99.1.1.3/24
reth1
-- The EX-links shown are layer-2.
-- The EX IP addresses are those of the corrsponding RVI (vlan.99).
-- Pings to 99.1.1.2 or 99.1.1.3 from the SRX are successful.
-- pings from EX-1 to EX-2 (and vice-versa) are successful.
-- pings from either EX-1 or EX-2 to 99.1.1.1 fail.
-- The ARP/MAC tables on EX's look good.
-- While initiating pings from the EX's, the output of 'tcpdump -i reth1' on the SRX doesn't show the packets coming in.
config on the SRX:
set chassis cluster reth-count 4
set chassis cluster redundancy-group 0 node 0 priority 100
set chassis cluster redundancy-group 0 node 1 priority 50
set chassis cluster redundancy-group 1 node 1 priority 50
set chassis cluster redundancy-group 1 node 0 priority 100
set chassis cluster redundancy-group 1 preempt
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/1 weight 255
set interfaces ge-0/0/1 gigether-options redundant-parent reth0
set interfaces ge-0/0/2 gigether-options redundant-parent reth1
set interfaces ge-0/0/5 unit 0 family inet address 27.1.1.1/24
set interfaces ge-3/0/1 gigether-options redundant-parent reth0
set interfaces ge-3/0/2 gigether-options redundant-parent reth1
set interfaces ge-3/0/5 unit 0 family inet address 27.2.2.1/24
set interfaces fab0 fabric-options member-interfaces ge-0/0/3
set interfaces fab1 fabric-options member-interfaces ge-3/0/3
set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth0 unit 0 family inet address 98.1.1.1/24
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 unit 0 family inet address 99.1.1.1/24
set routing-options static route 0.0.0.0/0 next-hop 27.1.1.2
set routing-options static route 0.0.0.0/0 qualified-next-hop 27.2.2.2 metric 50
set routing-options static route 0.0.0.0/0 metric 10
set routing-options autonomous-system 64790
set protocols bgp group routed-core type internal
set protocols bgp group routed-core export send-default
set protocols bgp group routed-core neighbor 98.1.1.2
set protocols bgp group routed-core neighbor 98.1.1.3
set protocols bgp group routed-core neighbor 99.1.1.2
set protocols bgp group routed-core neighbor 99.1.1.3
set protocols lldp interface all
set policy-options policy-statement send-default term match-default from route-filter 0.0.0.0/0 exact
set policy-options policy-statement send-default term match-default then next-hop self
set policy-options policy-statement send-default term match-default then accept
set security zones security-zone trusted interfaces reth1.0
set security zones security-zone trusted interfaces reth0.0
set security zones security-zone external-bgp host-inbound-traffic protocols all
set security zones security-zone external-bgp interfaces ge-0/0/5.0
set security zones security-zone external-bgp interfaces ge-3/0/5.0
Any help would be appreciated.
ankit