Juniper SRX Failover Testing Part 2

Reading Time: 2 minutes

Having completed a manual failover of the redundancy groups in my previous post, this test go through the process of what would have happen if we had a link fault.

Test B (Interface Failure)

In my first post creating srx cluster, I had configured Interface Monitoring. Interface monitoring can be used to trigger a failover in the event link status on an interface goes down. For this test I will be disconnecting interface ge-0/0/1, once this has been disconnected we should see that redundancy group 1 failover to Node1 from Node0.

We will check the status of the cluster and the interfaces before proceed:

Chassis Cluster StatusChassis Cluster Interfaces
{primary:node0}[email protected]_SRX220_Top# run show chassis cluster status 
Cluster ID: 1 
Node                  Priority          Status    Preempt  Manual failover

Redundancy group: 0 , Failover count: 7
    node0                   100         primary        no       no  
    node1                   1           secondary      no       no  

Redundancy group: 1 , Failover count: 33
    node0                   100         primary        yes      no  
    node1                   1           secondary      yes      no
{primary:node0}
[email protected]_SRX220_Top> show chassis cluster interfaces    
Control link status: Up

Control interfaces: 
    Index   Interface        Status
    0       fxp1             Up    

Fabric link status: Up

Fabric interfaces: 
    Name    Child-interface    Status
                               (Physical/Monitored)
    fab0    ge-0/0/5           Up   / Up  
    fab0   
    fab1    ge-3/0/5           Up   / Up  
    fab1   

Redundant-ethernet Information:     
    Name         Status      Redundancy-group
    reth0        Up          1                
    reth1        Up          1                
   
Redundant-pseudo-interface Information:
    Name         Status      Redundancy-group
    lo0          Up          0                

Interface Monitoring:
    Interface         Weight    Status    Redundancy-group
    ge-0/0/2          255       Up        1   
    ge-3/0/2          255       Up        1   
    ge-3/0/1          255       Up        1   
    ge-0/0/1          255       Up        1   

{primary:node0}

As everything is as expected, I have disconnected interface ge-0/0/1 and by running the same commands we are able to see that the link failure has been detected by running show chassis cluster interface command

{primary:node0}[edit]
[email protected]_SRX220_Top# run show chassis cluster interfaces       
Control link status: Up

Control interfaces: 
    Index   Interface        Status
    0       fxp1             Up    

Fabric link status: Up

Fabric interfaces: 
    Name    Child-interface    Status
                               (Physical/Monitored)
    fab0    ge-0/0/5           Up   / Up  
    fab0   
    fab1    ge-3/0/5           Up   / Up  
    fab1   

Redundant-ethernet Information:     
    Name         Status      Redundancy-group
    reth0        Up          1                
    reth1        Up          1                
   
Redundant-pseudo-interface Information:
    Name         Status      Redundancy-group
    lo0          Up          0                

Interface Monitoring:
    Interface         Weight    Status    Redundancy-group
    ge-0/0/2          255       Up        1   
    ge-3/0/2          255       Up        1   
    ge-3/0/1          255       Up        1   
    ge-0/0/1          255       Down      1

And running show chassis cluster status we can see that redundancy group 1 has failed over from Node0 to Node1.

{primary:node0}[edit]
[email protected]_SRX220_Top# run show chassis cluster status            
Cluster ID: 1 
Node                  Priority          Status    Preempt  Manual failover

Redundancy group: 0 , Failover count: 7
    node0                   100         primary        no       no  
    node1                   1           secondary      no       no  

Redundancy group: 1 , Failover count: 34
    node0                   0           secondary      yes      no  
    node1                   1           primary        yes      no

As I have configured preempt on redundancy group 1, once the link (ge-0/0/1) is reconnected, it will automatically fail back to Node0

Chassis Cluster InterfaceChassis Cluster Status
{primary:node0}[edit]
[email protected]_SRX220_Top# run show chassis cluster interfaces    
Control link status: Up

Control interfaces: 
    Index   Interface        Status
    0       fxp1             Up    

Fabric link status: Up

Fabric interfaces: 
    Name    Child-interface    Status
                               (Physical/Monitored)
    fab0    ge-0/0/5           Up   / Up  
    fab0   
    fab1    ge-3/0/5           Up   / Up  
    fab1   

Redundant-ethernet Information:     
    Name         Status      Redundancy-group
    reth0        Up          1                
    reth1        Up          1                
   
Redundant-pseudo-interface Information:
    Name         Status      Redundancy-group
    lo0          Up          0                

Interface Monitoring:
    Interface         Weight    Status    Redundancy-group
    ge-0/0/2          255       Up        1   
    ge-3/0/2          255       Up        1   
    ge-3/0/1          255       Up        1   
    ge-0/0/1          255       Up        1
{primary:node0}[edit]
[email protected]_SRX220_Top# run show chassis cluster status        
Cluster ID: 1 
Node                  Priority          Status    Preempt  Manual failover

Redundancy group: 0 , Failover count: 7
    node0                   100         primary        no       no  
    node1                   1           secondary      no       no  

Redundancy group: 1 , Failover count: 35
    node0                   100         primary        yes      no  
    node1                   1           secondary      yes      no

My next post in this series, will demonstrate the methods of upgrading Junos version on a SRX cluster.

The following two tabs change content below.

Keeran Marquis

Network Engineer
Keeran Marquis is a Network Engineer. His main goal is to learn everything within the Networking field, pick up a little bit of scripting, be a poor man sysadmin and share whatever he knows! All Posts are his own views, opinions and experiences, no guarantees they will work for you but point you in the right direction 🙂
Share this:
Share

4 thoughts on “Juniper SRX Failover Testing Part 2”

    1. Keeran Marquis Post Author

      Hi Amar

      I use physical devices as I’ve got access via work 🙂

      For juniper stuff if you access to an esxi server you can upload vSRX & vMXs or you can use junosphere or Cisco virl. With Cisco virl you can use junos vmdk images.

      Cheers

      Keeran

  1. E. Bosch

    Hi Keeran,

    I’m doing the same configuration, it works fine when one and two links are down, but when there are three links down (only one link up) I have detected a undesirable side effect with the following situation:
    initially all interfaces are up
    then
    ge-3/0/1 goes down, no failover, primary is node0, expected
    then
    ge-0/0/1 goes down, no failover, primary is node0, expected
    then
    ge-0/0/2 goes down, no failover, primary is node0, NOT expected

    My intention is when there are no interfaces available in node0 should failover to node1, even the reth have only one link up (ge-3/0/2), but in my tests this is not happening.

    Could you test it? Any ideas?

    1. E. Bosch

      Hi, finally I solved the issue with this configuration, I reproduce here just in case is useful for someone.

      The idea is to trigger an event when reth0 is down, the action is to change the weights of the interfaces, then reth0 is up again even if there is only one physical interface up.


      event-options {
      policy keep_one_interface_reth0 {
      events snmp_trap_link_down;
      within 1 events snmp_trap_link_down;
      attributes-match {
      snmp_trap_link_down.interface-name matches reth0;
      }
      then {
      change-configuration {
      commands {
      "set chassis cluster redundancy-group 1 interface-monitor ge-0/0/1 weight 128";
      "set chassis cluster redundancy-group 1 interface-monitor ge-0/0/2 weight 128";
      "set chassis cluster redundancy-group 1 interface-monitor ge-3/0/1 weight 128";
      "set chassis cluster redundancy-group 1 interface-monitor ge-3/0/2 weight 128";
      }
      commit-options {
      log "commited by keep_one_interface_reth0 event policy";
      }
      }
      }
      }
      }

      Note: in my configuration all (four) physical interfaces are assigned to reth0.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.