I've had really good luck with the ICU Upgrade for branch series. You
upload the software package to the active SRX, run the commands, and it
handles copying the package to the backup unit and all reboots. There is
still a drop in traffic for up to 30 seconds, but for the most part it's
much safer
puck.nether.net
> > Subject: Re: [j-nsp] SRX upgrade procedure -ready for enterprise?
> >
> > I've had really good luck with the ICU Upgrade for branch series. You
> upload
> > the software package to the active SRX, run the commands, and it handles
> > copying the
Subject: Re: [j-nsp] SRX upgrade procedure -ready for enterprise?
>
> I've had really good luck with the ICU Upgrade for branch series. You upload
> the software package to the active SRX, run the commands, and it handles
> copying the package to the backup unit and all reboots.
tiated solely by shutting down the interfaces on the active
> node...
>
>> -Original Message-
>> From: Tim Eberhard [mailto:xmi...@gmail.com]
>> Sent: Friday, March 08, 2013 10:11 AM
>> To: Andy Litzinger
>> Cc: juniper-nsp@puck.nether.net
>> Subject:
to:xmi...@gmail.com]
> Sent: Friday, March 08, 2013 10:11 AM
> To: Andy Litzinger
> Cc: juniper-nsp@puck.nether.net
> Subject: Re: [j-nsp] SRX upgrade procedure -ready for enterprise?
>
> I would never, ever follow that KB. It's just asking for a major outage..
>
> With that
I tried ISSU twice, both times on 3 MX routers during a single maintenance
window, going from 10.x to 11.x. It failed spectacularly on the second router,
requiring manual recovery via the console (mastership was not assumed by the
backup before the primary rebooted), so I completely gave up on
> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-
> boun...@puck.nether.net] On Behalf Of Mark Menzies
> Sent: Friday, March 08, 2013 1:03 PM
> To: Andy Litzinger
> Cc: juniper-nsp@puck.nether.net
> Subject: Re: [j-nsp] SRX upgrade
Yes the upgrade process is not the best.
The link above puts names on tasks to do do effectively "split" the cluster
in such a way that you can reconnect it without loss of connectivity.
The best approach, which does NOT include minimal downtime is to upgrade
both nodes and then reboot them both
Not that I've had to do it - but I'd probably break the cluster to do the
upgrade and run on one during the procedure.
On Mar 8, 2013, at 10:50 AM, Andy Litzinger wrote:
> We're evaluating SRX clusters as replacements for our aging ASAs FO pairs in
> various places in our network including th
I would never, ever follow that KB. It's just asking for a major outage..
With that said, you have two options. 1) ISSU and 2) Reboot both close
to the same time and take the hit. Depending on your hardware it might
be 4 minutes, it might be 8-10 minutes.
If option one is the path you choose to g
10 matches
Mail list logo
