Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Configuring an Active/Passive Chassis Cluster Pair (CLI)

    This example shows how to configure active/passive chassis clustering for J Series devices.

    Requirements

    Before you begin:

    1. Physically connect a pair of J Series devices together, ensuring that they are the same models. This example uses a pair of J2320 Services Router devices.
      1. To create the fabric link, connect a Gigabit Ethernet interface on one device to another Gigabit Ethernet interface on the other device. See Connecting J Series Devices to Create a Chassis Cluster.
      2. To create the control link, connect the ge-0/0/3 Gigabit Ethernet interfaces of the two devices. See Connecting J Series Devices to Create a Chassis Cluster.
    2. Connect to one of the devices using the console port. (This is the node that forms the cluster.)
      1. Set the cluster ID and node number.
        user@host> set chassis cluster cluster-id 1 node 0 reboot
    3. Connect to the other device using the console port.
      1. Set the cluster ID and node number.
        user@host> set chassis cluster cluster-id 1 node 1 reboot

    Overview

    In this example, a single device in the cluster is used to route all traffic, and the other device is used only in the event of a failure. (See Figure 1.) When a failure occurs, the backup device becomes master and controls all forwarding.

    Figure 1: Active/Passive Chassis Cluster Topology (J Series Devices)

    Active/Passive Chassis Cluster Topology (J Series Devices)

    You can create an active/passive chassis cluster by configuring redundant Ethernet interfaces (reths) that are all assigned to the same redundancy group. This configuration minimizes the traffic over the fabric link because only one node in the cluster forwards traffic at any given time.

    In this example, you configure group (applying the configuration with the apply-groups command) and chassis cluster information. Then you configure security zones and security policies. See Table 1 through Table 4.

    Table 1: Group and Chassis Cluster Configuration Parameters

    Feature

    Name

    Configuration Parameters

    Groups

    node0

    • Hostname: J2320-A
    • Interface: fxp0
      • Unit 0
      • 192.168.3.110/24

    node1

    • Hostname: J2320-B
    • Interface: fxp0
      • Unit 0
      • 192.168.3.111/24

    Table 2: Chassis Cluster Configuration Parameters

    Feature

    Name

    Configuration Parameters

    Fabric links

    fab0

    Interface: ge-0/0/1

    fab1

    Interface: ge-4/0/1

    Heartbeat interval

    1000

    Heartbeat threshold

    3

    Redundancy group

    0

    • Priority:
      • Node 0: 254
      • Node 1: 1

    1

    • Priority:
      • Node 0: 254
      • Node 1: 1

    Interface monitoring

    • fe-1/0/0
    • fe-5/0/0
    • ge-0/0/0
    • ge-4/0/0

    Number of redundant Ethernet interfaces

    2

    Interfaces

    ge-0/0/0

    Redundant parent: reth1

    ge-4/0/0

    Redundant parent: reth1

    fe-1/0/0

    Redundant parent: reth0

    fe-5/0/0

    Redundant parent: reth0

    reth0

    Redundancy group: 1

    • Unit 0
    • 10.16.8.1/24

    reth1

    Redundancy group: 1

    • Unit 0
    • 11.2.0.233/24

    Table 3: Security Zone Configuration Parameters

    Name

    Configuration Parameters

    trust

    The reth1.0 interface is bound to this zone.

    untrust

    The reth0.0 interface is bound to this zone.

    Table 4: Security Policy Configuration Parameters

    Purpose

    Name

    Configuration Parameters

    This security policy permits traffic from the trust zone to the untrust zone.

    ANY

    • Match criteria:
      • source-address any
      • destination-address any
      • application any
    • Action: permit

    Configuration

    CLI Quick Configuration

    To quickly configure a chassis cluster on a J2320 Services Router, copy the following commands and paste them into the CLI.

    [edit]set groups node0 system host-name J2320-Aset groups node0 interfaces fxp0 unit 0 family inet address 192.168.3.110/24 set groups node1 system host-name J2320-B set groups node1 interfaces fxp0 unit 0 family inet address 192.168.3.111/24 set apply-groups “${node}”set interfaces fab0 fabric-options member-interfaces ge-0/0/1 set interfaces fab1 fabric-options member-interfaces ge-4/0/1 set chassis cluster heartbeat-interval 1000 set chassis cluster heartbeat-threshold 3 set chassis cluster redundancy-group 0 node 0 priority 100 set chassis cluster redundancy-group 0 node 1 priority 1 set chassis cluster redundancy-group 1 node 0 priority 100 set chassis cluster redundancy-group 1 node 1 priority 1 set chassis cluster redundancy-group 1 interface-monitor fe-1/0/0 weight 255 set chassis cluster redundancy-group 1 interface-monitor fe-5/0/0 weight 255 set chassis cluster redundancy-group 1 interface-monitor ge-0/0/0 weight 255 set chassis cluster redundancy-group 1 interface-monitor ge-4/0/0 weight 255 set chassis cluster reth-count 2 set interfaces ge-0/0/0 gigether-options redundant-parent reth1 set interfaces ge-4/0/0 gigether-options redundant-parent reth1 set interfaces fe-1/0/0 fastether-options redundant-parent reth0 set interfaces fe-5/0/0 fastether-options redundant-parent reth0 set interfaces reth0 redundant-ether-options redundancy-group 1 set interfaces reth0 unit 0 family inet address 10.16.8.1/24 set interfaces reth1 redundant-ether-options redundancy-group 1 set interfaces reth1 unit 0 family inet address 1.2.0.233/24 set security zones security-zone untrust interfaces reth1.0 set security zones security-zone trust interfaces reth0.0 set security policies from-zone trust to-zone untrust policy ANY match source-address any set security policies from-zone trust to-zone untrust policy ANY match destination-address any set security policies from-zone trust to-zone untrust policy ANY match application any set security policies from-zone trust to-zone untrust policy ANY then permit

    Step-by-Step Procedure

    To configure an active/passive chassis cluster pair with J2320 Services Router devices:

    1. Configure the management interface.
      {primary:node0}[edit]user@host# set groups node0 system host-name J2320-Auser@host# set groups node0 interfaces fxp0 unit 0 family inet address 192.168.3.110/24user@host# set groups node1 system host-name J2320-Buser@host# set groups node1 interfaces fxp0 unit 0 family inet address 192.168.3.111/24user@host# set apply-groups “${node}”
    2. Configure the fabric interface.
      {primary:node0}[edit]user@host# set interfaces fab0 fabric-options member-interfaces ge-0/0/1user@host# set interfaces fab1 fabric-options member-interfaces ge-4/0/1
    3. Configure heartbeat settings.
      {primary:node0}[edit]user@host# set chassis cluster heartbeat-interval 1000user@host# set chassis cluster heartbeat-threshold 3
    4. Configure redundancy groups.
      {primary:node0}[edit]user@host# set chassis cluster redundancy-group 0 node 0 priority 100user@host# set chassis cluster redundancy-group 0 node 1 priority 1user@host# set chassis cluster redundancy-group 1 node 0 priority 100user@host# set chassis cluster redundancy-group 1 node 1 priority 1user@host# set chassis cluster redundancy-group 1 interface-monitor fe-1/0/0 weight 255user@host# set chassis cluster redundancy-group 1 interface-monitor fe-5/0/0 weight 255user@host# set chassis cluster redundancy-group 1 interface-monitor ge-0/0/0 weight 255user@host# set chassis cluster redundancy-group 1 interface-monitor ge-4/0/0 weight 255
    5. Configure redundant Ethernet interfaces.
      {primary:node0}[edit]user@host# set chassis cluster reth-count 2user@host# set interfaces ge-0/0/0 gigether-options redundant-parent reth1user@host# set interfaces ge-4/0/0 gigether-options redundant-parent reth1user@host# set interfaces fe-1/0/0 fastether-options redundant-parent reth0user@host# set interfaces fe-5/0/0 fastether-options redundant-parent reth0user@host# set interfaces reth0 redundant-ether-options redundancy-group 1user@host# set interfaces reth0 unit 0 family inet address 10.16.8.1/24user@host# set interfaces reth1 redundant-ether-options redundancy-group 1user@host# set interfaces reth1 unit 0 family inet address 1.2.0.233/24
    6. Configure security zones.
      {primary:node0}[edit]user@host# set security zones security-zone untrust interfaces reth1.0user@host# set security zones security-zone trust interfaces reth0.0
    7. Configure security policies.
      {primary:node0}[edit]user@host# set security policies from-zone trust to-zone untrust policy ANY match source-address anyuser@host# set security policies from-zone trust to-zone untrust policy ANY match destination-address anyuser@host# set security policies from-zone trust to-zone untrust policy ANY match application anyuser@host# set security policies from-zone trust to-zone untrust policy ANY then permit

    Results

    From configuration mode, confirm your configuration by entering the show configuration command. If the output does not display the intended configuration, repeat the configuration instructions in this example to correct it.

    For brevity, this show command output includes only the configuration that is relevant to this example. Any other configuration on the system has been replaced with ellipses (...).

    user@host> show configurationversion x.xx.x;
    groups {node0 {system {host-name J2320-A;}interfaces {fxp0 {unit 0 {family inet {address 192.168.3.110/24;}}}}}node1 {system {host-name J2320-B;interfaces {fxp0 {unit 0 {family inet {address 192.168.3.111/24;}}}}}}apply-groups "${node}";chassis {cluster {reth-count 2;heartbeat-interval 1000; heartbeat-threshold 3;redundancy-group 0 {node 0 priority 100;node 1 priority 1;}redundancy-group 1 {node 0 priority 100;node 1 priority 1;interface-monitor {fe–1/0/0 weight 255;fe–5/0/0 weight 255;ge–0/0/0 weight 255;ge–4/0/0 weight 255;}}}}interfaces {fe–1/0/0 {fastether–options {redundant–parent reth0;}}fe–5/0/0{fastether–options {redundant–parent reth0;}}ge–0/0/0 {fastether–options {redundant–parent reth1;}}ge–4/0/0 {fastether–options {redundant–parent reth1;}}fab0 {fabric–options {member–interfaces {ge–0/0/1;}}}fab1 {fabric–options {member–interfaces {ge–4/0/1;}}}reth0 {redundant–ether–options {redundancy–group 1;}unit 0 {family inet {address 10.16.8.1/24;}}}reth1 {redundant–ether–options {redundancy–group 1;}unit 0 {family inet {address 1.2.0.233/24;}}}}...
    security {zones {security–zone untrust {interfaces {reth1.0;}}security–zone trust {interfaces {reth0.0;}}}policies {from-zone trust to-zone untrust {policy ANY {match {source-address any;destination-address any;application any;}then {permit;}}}}}

    If you are done configuring the device, enter commit from configuration mode.

    Verification

    To confirm that the configuration is working properly:

    Verifying Chassis Cluster Status

    Purpose

    Verify the chassis cluster status, failover status, and redundancy group information.

    Action

    From operational mode, enter the show chassis cluster status command.

    {primary:node0}
    user@host> show chassis cluster status
    Cluster ID: 1
Node                       Priority     Status    Preempt  Manual failover

Redundancy group: 0 , Failover count: 1
    node0                   100         primary   no       no
    node1                   1           secondary no       no

Redundancy group: 1 , Failover count: 1
    node0                   100         primary   no       no
    node1                   1           secondary no       no

    Verifying Chassis Cluster Interfaces

    Purpose

    Verify information about chassis cluster interfaces.

    Action

    From operational mode, enter the show chassis cluster interfaces command.

    {primary:node0}
    user@host> show chassis cluster interfaces
    Control link name: fxp1

Redundant-ethernet Information:
    Name         Status      Redundancy-group
    reth0        Up          1
    reth1        Up          1

Interface Monitoring:
    Interface         Weight    Status    Redundancy-group
    fe-1/0/0          255       Up        1
    fe-5/0/0          255       Up        1
    ge-0/0/0          255       Up        1
    ge-4/0/0          255       Up        1

    Verifying Chassis Cluster Statistics

    Purpose

    Verify information about the statistics of the different objects being synchronized, the fabric and control interface hellos, and the status of the monitored interfaces in the cluster.

    Action

    From operational mode, enter the show chassis cluster statistics command.

    {primary:node0}
    user@host> show chassis cluster statistics
    Control link statistics:
    Control link 0:
        Heartbeat packets sent: 2276
        Heartbeat packets received: 2280
        Heartbeat packets errors: 0
Fabric link statistics:
    Child link 0
        Probes sent: 2272
        Probes received: 597
Services Synchronized:
    Service name                              RTOs sent    RTOs received
    Translation context                       0            0
    Incoming NAT                              0            0
    Resource manager                          6            0
    Session create                            161          0
    Session close                             148          0
    Session change                            0            0
    Gate create                               0            0
    Session ageout refresh requests           0            0
    Session ageout refresh replies            0            0
    IPSec VPN                                 0            0
    Firewall user authentication              0            0
    MGCP ALG                                  0            0
    H323 ALG                                  0            0
    SIP ALG                                   0            0
    SCCP ALG                                  0            0
    PPTP ALG                                  0            0
    RPC ALG                                   0            0
    RTSP ALG                                  0            0
    RAS ALG                                   0            0
    MAC address learning                      0            0
    GPRS GTP                                  0            0

    Verifying Chassis Cluster Control Plane Statistics

    Purpose

    Verify information about chassis cluster control plane statistics (heartbeats sent and received) and the fabric link statistics (probes sent and received).

    Action

    From operational mode, enter the show chassis cluster control-plane statistics command.

    {primary:node0}
    user@host> show chassis cluster control-plane statistics
    Control link statistics:
    Control link 0:
        Heartbeat packets sent: 258689
        Heartbeat packets received: 258684
        Heartbeat packets errors: 0
Fabric link statistics:
    Child link 0
        Probes sent: 258681
        Probes received: 258681

    Verifying Chassis Cluster Data Plane Statistics

    Purpose

    Verify information about the number of RTOs sent and received for services.

    Action

    From operational mode, enter the show chassis cluster data-plane statistics command.

    {primary:node0}
    user@host> show chassis cluster data-plane statistics
    Services Synchronized:
    Service name                              RTOs sent    RTOs received
    Translation context                       0            0
    Incoming NAT                              0            0
    Resource manager                          6            0
    Session create                            161          0
    Session close                             148          0
    Session change                            0            0
    Gate create                               0            0
    Session ageout refresh requests           0            0
    Session ageout refresh replies            0            0
    IPSec VPN                                 0            0
    Firewall user authentication              0            0
    MGCP ALG                                  0            0
    H323 ALG                                  0            0
    SIP ALG                                   0            0
    SCCP ALG                                  0            0
    PPTP ALG                                  0            0
    RPC ALG                                   0            0
    RTSP ALG                                  0            0
    RAS ALG                                   0            0
    MAC address learning                      0            0
    GPRS GTP                                  0            0

    Verifying Chassis Cluster Redundancy Group Status

    Purpose

    Verify the state and priority of both nodes in a cluster and information about whether the primary node has been preempted or whether there has been a manual failover.

    Action

    From operational mode, enter the chassis cluster status redundancy-group command.

    {primary:node0}
    user@host> show chassis cluster status redundancy-group 1
    Cluster ID: 1
    Node               Priority    Status    Preempt  Manual failover

	Redundancy-Group: 1, Failover count: 1
    node0              100          primary   no       no
    node1              1            secondary no       no

    Troubleshooting with Logs

    Purpose

    Use these logs to identify any chassis cluster issues. You should run these logs on both nodes.

    Action

    From operational mode, enter these show commands.

    user@host> show log jsrpduser@host> show log chassisduser@host> show log messagesuser@host> show log dcduser@host> show traceoptions
     

    Related Documentation

     

    Published: 2013-11-11

    Previous Page Next Page