Buon salve all,
how are you? How does proceed your digital life?
Today I would like to speak, again, about Juniper SRX and HA. Today I would like to speak you about an issue I encounter in my digital working life. I receive two new Juniper SRX240 with the firmware 12.1X44 already on board.
My goal is to create the cluster of both SRX 240 and the starting point was following these Juniper instructions: SRX Getting Started - Configure Chassis Cluster (High Availability) on a SRX240 device
Probably it's my fault, probably not, it doesn't matter. The point was that, the first check suggest by Juniper:
In the SRX configuration, remove any existing configuration associated with the interfaces that will be transformed into fxp0 (out-of-band management) and fxp1 (control link) when the chassis cluster feature is enabled.
it didn't work, and so I was not able to start the cluster configuration. I tried a lot of things, beleve me, but nothing work. Finaly I found the following Juniper document that solve my issue: [SRX] How to recover or prevent a chassis cluster from going into a Hold/Lost state
I propose you, here, the main passage of the document. Very usefull and solving for my case.
The main purpose of the document is to explain how to remove the configuration on the interfaces that will be used as fxp0 (out-of-band management) and fxp1 (control) in a chassis cluster. Pay attention, this is a very
Important: When configuring your chassis cluster, these two interfaces should NOT have any configuration. This is a prerequisite.
Follow the instructions for an SRX running 'factory default config' or for an existing stand-alone SRX below:
For an SRX running 'factory default config':
The 'factory default config' by default contains configuration on the interfaces that are transformed into the fxp0 and fxp1 interfaces. Therefore, it needs to be deleted by you before enabling chassis cluster mode.
There are two conditions that a device is running a 'factory default config':
Follow the instructions for an SRX running 'factory default config' or for an existing stand-alone SRX below:
For an SRX running 'factory default config':
The 'factory default config' by default contains configuration on the interfaces that are transformed into the fxp0 and fxp1 interfaces. Therefore, it needs to be deleted by you before enabling chassis cluster mode.
There are two conditions that a device is running a 'factory default config':
- A new device
- Generally it is seen in the production environment that the new devices are used for the chassis cluster. These new devices come with the factory-default configuration which have some or the other config on these interfaces.
- Device crashes and comes back with factory default config.
- Rarely, but if a device in chassis cluster mode crashes, it may come up with the factory default configuration.
To remove the configuration on the interfaces, it is typically easiest to delete the factory-default configuration and configure the device from scratch.
To delete the configuration:
Warning: The following procedure removes the current configuration.
- Get into the configuration mode.
- Execute the # delete command. (This command deletes the current configuration from the device.)
root# delete
This will delete the entire configuration
Delete everything under this level? [yes,no] (no) yes 3
This will delete the entire configuration
Delete everything under this level? [yes,no] (no) yes 3
- Configure the root password and commit:
root# set system root-authentication plain-text-password
root# commit
OR
root# commit
OR
For an existing stand-alone SRX:
If your SRX is currently running in a production environment, then check to see if there is configuration on the interfaces that will be transformed into fxp0 and fxp1. To determine which interfaces will be transformed into fxp0 and fxp1, refer to KB15356 - How are interfaces assigned on J-Series and SRX platforms when the chassis cluster is enabled and Node Interfaces on Active SRX Series Chassis Clusters.
Then to find the configuration for those interfaces, run these commands in configuration mode and delete all the configuration from every configuration hierarchy in which those interfaces are being used:
show | display set | match <control port physical interface>
show | display set | match <fxp0l port physical interface>
If you wish to remove the entire config and reconfigure the device for chassis cluster, follow the procedure to delete the entire configuration, as shown in the 'factory default config' instructions.
If your SRX is currently running in a production environment, then check to see if there is configuration on the interfaces that will be transformed into fxp0 and fxp1. To determine which interfaces will be transformed into fxp0 and fxp1, refer to KB15356 - How are interfaces assigned on J-Series and SRX platforms when the chassis cluster is enabled and Node Interfaces on Active SRX Series Chassis Clusters.
Then to find the configuration for those interfaces, run these commands in configuration mode and delete all the configuration from every configuration hierarchy in which those interfaces are being used:
show | display set | match <control port physical interface>
show | display set | match <fxp0l port physical interface>
If you wish to remove the entire config and reconfigure the device for chassis cluster, follow the procedure to delete the entire configuration, as shown in the 'factory default config' instructions.
in my case I run the first one of the two solution. When done I start again following the instructions about clustering SRX240 appliances and all was good.
And for today it's all.
I hope this post can help you and your troubleshooting!
Have a nice day!
DiGiTsHaMaN
