Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
I have the shown design where I have Cisco core switches, two per building and there is no redundancy protocol used to cluster the physical appliances. They are sharing routes via OSPF.
My main question is about adding the SRX clusters to each building and how to connect them in the best way-knowing that I will be using reth interfaces since we have to do it for clustering, and there is only single links from each firewall to the core. Can I use reth from the Juniper (reth0 and reth1) as shown in the topology without configuring LACP just normal L3 IP address on each reth.
or I have to use LACP with reth interfaces always?
Not sure, but it looks like you are confusing reth (redundant ethernet) with ae (aggregated ethernet or port channel on Cisco).With reth interfaces these are configured as standard single ethernet ports. The pair are redundant so that one and only one is passing traffic at any time depending on the failover status of the reth group on the SRX. So with reth interfaces the two cisco side would be configured as standard access or trunk ports and there is no loop because only one is ever active.
fair enough, it thought so, just double checking, then I am good to go.