Working on Juniper SRX 240 Chassis Cluster Configuration. Here will list all steps what I have done from the first step. Refer to Juniper KB15504
2. Login with root username, no password
3. CLI into command line
4. Change root user password
6. Connect SRX-A ge-0/0/1 with SRX-B ge-0/0/1 directly with a cable. Warning , switch can not be used.
7. Connect SRX-A ge-0/0/2 with SRX-B ge-0/0/2 directly with a cable. Not sure if switch can be used.
After both of system boots up, get into configuration mode on SRX-A, no need to do configuration on SRX-B anymore from now. Also Set up the device specific configurations such as host names and management IP addresses, this is specific to each device and is the only part of the configuration that is unique to its specific node. This is done by entering the following commands (all on the primary node):
The following command is to apply the individual configs for each node.
Create FAB links (data plane links for RTO sync, etc).
# set interfaces fab0 fabric-options member-interfaces ge-0/0/2
set chassis cluster reth-count 10
Set up the Redundancy Group 0 for the Routing Engine failover properties. Also setup Redundancy Group 1 (all the interfaces will be in one Redundancy Group in this example) to define the failover properties for the Reth interfaces
set chassis cluster redundancy-group 0 node 0 priority 50
set chassis cluster redundancy-group 0 node 1 priority 1
set chassis cluster redundancy-group 1 node 0 priority 50
set chassis cluster redundancy-group 1 node 1 priority 1
set chassis cluster redundancy-group 1 preempt
Set up the Interface monitoring. Monitoring the health of the interfaces is one way to trigger Redundancy group failover. Note: interface monitoring is not recommended for redundancy-group 0.
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/8 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/9 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/10 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/11 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/12 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/13 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/13 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/12 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/11 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/10 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/9 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/8 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/14 weight 255
set chassis cluster redundancy-group 1 interface-monitor ge-5/0/14 weight 255
set interfaces ge-0/0/8 gigether-options redundant-parent reth0
set interfaces ge-0/0/9 gigether-options redundant-parent reth1
set interfaces ge-0/0/10 gigether-options redundant-parent reth2
set interfaces ge-0/0/11 gigether-options redundant-parent reth3
set interfaces ge-0/0/12 gigether-options redundant-parent reth4
set interfaces ge-0/0/13 gigether-options redundant-parent reth5
set interfaces ge-0/0/14 gigether-options redundant-parent reth6
set interfaces ge-0/0/15 gigether-options redundant-parent reth7
set interfaces ge-5/0/8 gigether-options redundant-parent reth0
set interfaces ge-5/0/9 gigether-options redundant-parent reth1
set interfaces ge-5/0/10 gigether-options redundant-parent reth2
set interfaces ge-5/0/11 gigether-options redundant-parent reth3
set interfaces ge-5/0/12 gigether-options redundant-parent reth4
set interfaces ge-5/0/13 gigether-options redundant-parent reth5
set interfaces ge-5/0/14 gigether-options redundant-parent reth6
set interfaces ge-5/0/15 gigether-options redundant-parent reth7
set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth0 unit 0 family inet address 100.199.132.1/24
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 unit 0 family inet address 100.199.130.1/24
set interfaces reth2 redundant-ether-options redundancy-group 1
set interfaces reth2 unit 0 family inet address 100.199.128.1/24
set interfaces reth3 redundant-ether-options redundancy-group 1
set interfaces reth3 unit 0 family inet address 100.199.134.1/24
set interfaces reth4 redundant-ether-options redundancy-group 1
set interfaces reth4 unit 0 family inet address 100.199.2.1/24
set interfaces reth5 redundant-ether-options redundancy-group 1
set interfaces reth5 unit 0 family inet address 100.199.1.1/24
set interfaces reth6 redundant-ether-options redundancy-group 1
set interfaces reth6 unit 0 family inet address 100.199.136.1/24
set interfaces reth7 redundant-ether-options redundancy-group 1
set interfaces reth7 unit 0 family inet address 100.199.138.1/24
13. Assign the Redundant interface to a zone.
set security zones security-zone Data host-inbound-traffic system-services all
set security zones security-zone Data interfaces reth0.0
set security zones security-zone Client host-inbound-traffic system-services all
set security zones security-zone Client interfaces reth1.0
set security zones security-zone Internal host-inbound-traffic system-services all
set security zones security-zone Internal interfaces reth2.0
set security zones security-zone Pop host-inbound-traffic system-services all
set security zones security-zone Pop interfaces reth3.0
set security zones security-zone Office host-inbound-traffic system-services all
set security zones security-zone Office interfaces reth4.0
set security zones security-zone Tokyo host-inbound-traffic system-services all
set security zones security-zone Tokyo interfaces reth5.0
set security zones security-zone Beijin host-inbound-traffic system-services all
set security zones security-zone Beijin interfaces reth6.0
set security zones security-zone DMZ host-inbound-traffic system-services all
set security zones security-zone DMZ interfaces reth7.0
14. Commit and changes will be copied over to the Secondary Node, Device B.
- On device A:
{primary:node0}
# commit This will prepare the basic clustering setting for both the devices.