will be rolled back regardless.
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Clay Haynes
Sent: Tuesday, 17 July 2012 10:08 PM
To: Pavel Lunin
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Quick Question About HA
Ben Dale worte:
All told though, I think once ISSU/LICU is addressed there'll be very little
reason not to cluster them.
In general I disagree. What you describe is basically about firewalls.
But the main issue with a multi-site cluster is the need to pool all
your VLANs to both devices. So
I believe the command was configure exclusive in order to perform a
commit confirmed on a cluster prior to 11.4; however this did have the
side effect of only allowing one user to configure the SRX cluster at a
time. Also there are no guarantees that the rollback would actually work
(hence why it
Is it possible to connect 2 SRX devices together into a HA Cluster by
connecting
the Control Fabric Interlinks via switches or must they be directly
connected.
My planned setup is as follows:
SRX-Switch-10GB Xconnect-Switch-SRX
I can also give each connection is own dedicated VLAN if that
Hiya bud
Yes that can work here.
Just make sure that the SRXs are less than 100ms apart and each sync
connection, both fabric and control, is on separate VLANs.
HTH
On 16 July 2012 10:04, Spam spam...@fioseurope.net wrote:
Is it possible to connect 2 SRX devices together into a HA Cluster
Although it can work, its recommended that you dont.
Any latency spikes between the switches can cause clustering to split, and
you will suddenly be in a split brain scenario.
I had a short talk with A-TAC about it a while back and they highly
recommended against it for our build out.
On Mon,
Good point.
Basically if we use a single switch to connect 2 SRXs in a cluster we
introduce the switch as a single point of failure here. If you are dead
set on separating your cluster nodes with switches, use 2 separate
switches, one for control, one for data and keep the traffic on different
Also make sur you have jumbo frame for fab link and igmp snooping deactivated
- Message d'origine -
De : Mark Menzies [m...@deimark.net]
Envoyé : 16.07.2012 10:16 CET
À : spam...@fioseurope.net
Cc : juniper-nsp@puck.nether.net
Objet : Re: [j-nsp] Quick Question About HA Setup
Hiya
SRX Technical Note 21 will have the Design Considerations and Deployment
Scenarios you need. This link does require an account to login first.
http://kb.juniper.net/InfoCenter/index?page=contentid=TN21
- Clay
On 7/16/12 5:04 AM, Spam spam...@fioseurope.net wrote:
Is it possible to
To: spam...@fioseurope.net spam...@fioseurope.net,
juniper-nsp@puck.nether.net juniper-nsp@puck.nether.net
Date: Mon, 16 Jul 2012 12:06:52 +
Subject: Re: [j-nsp] Quick Question About HA Setup
SRX Technical Note 21 will have the Design Considerations and Deployment
Scenarios you need
10 matches
Mail list logo
