Preparing Your Equipment for Chassis Cluster Formation
To form a chassis cluster, a pair of the same kind of supported SRX Series Firewalls is combined to act as a single system that enforces the same overall security. SRX Series Firewalls must meet the following requirements to be included in a chassis clusters.
To form a chassis cluster, a pair of the same kind of supported SRX Series Firewalls is combined to act as a single system that enforces the same overall security.
-
The network node redundancy is achieved by grouping a pair of the same kind of supported SRX Series Firewalls into a cluster.
-
SRX Series Firewalls must be the same model.
-
Junos OS requirements: Both the devices must be running the same Junos OS version
-
Licensing requirements: Licenses are unique to each device and cannot be shared between the devices. Both devices (which are going to form chassis cluster) must have the identical features and license keys enabled or installed them. If both devices do not have an identical set of licenses, then after a failover, that particular licensed feature might not work or the configuration might not synchronize in chassis cluster formation.
-
All services processing cards (SPCs), network processing cards (NPCs), and input/output cards (IOCs) on applicable SRX Series Firewalls must have the same slot placement and must be of same type. Example:
-
For SRX5400, SRX5600 and SRX5800 chassis clusters, the placement and the type of services processing cards (SPC, SPC2, SRX5K-SPC3), and input/output cards (IOC1, IOC2, IOC3, IOC4) must match in two devices. Only SCB4 is not supported on SRX5400. All other components are supported on SRX5400.
-
For SRX3400 and SRX3600 chassis clusters, the placement and the type of SPCs, input/output cards (IOCs, NPIOCs), and network processing cards (NPCs) must match in two devices.
You can use the
show chassis hardwarecommand to identify the type of the card.Following example shows the placement and the type of cards used in a chassis cluster setup:
user@host> show chassis hardware node0: -------------------------------------------------------------------------- Hardware inventory: Item Version Part number Serial number Description Chassis JN1267B0FAGA SRX5800 Midplane REV 42 760-063937 ACRL3065 Enhanced SRX5800 Backplane FPM Board REV 05 760-061272 CAHE4860 Front Panel Display PDM Rev 01 740-063049 QCS2209509D Power Distribution Module PEM 0 Rev 04 740-034724 QCS171002016 PS 4.1kW; 200-240V AC in PEM 1 Rev 11 740-027760 QCS1825N07S PS 4.1kW; 200-240V AC in Routing Engine 0 REV 01 750-095568 CALK8884 SRX5k RE-2000x6 Routing Engine 1 REV 01 750-095568 CADZ9076 SRX5k RE-2000x6 CB 0 REV 26 750-031391 CALV3002 SRX5k SCB4 CB 1 REV 26 750-031391 CALV3009 SRX5k SCB4 FPC 2 REV 28 750-073435 CALS4630 SPC3 CPU BUILTIN BUILTIN SRX5k vCPP Broadwell PIC 0 BUILTIN BUILTIN SPU Cp-Flow PIC 1 BUILTIN BUILTIN SPU Flow FPC 3 REV 17 750-044175 CABE7777 SRX5k SPC II CPU BUILTIN BUILTIN SRX5k DPC PPC PIC 0 BUILTIN BUILTIN SPU Flow PIC 1 BUILTIN BUILTIN SPU Flow PIC 2 BUILTIN BUILTIN SPU Flow PIC 3 BUILTIN BUILTIN SPU Flow FPC 4 REV 08 750-061262 CAFD8147 SRX5k IOC II CPU REV 02 711-061263 CAFV7488 SRX5k MPC PMB MIC 0 REV 03 750-055732 CAFV9369 20x 1GE(LAN) SFP PIC 0 BUILTIN BUILTIN 10x 1GE(LAN) SFP Xcvr 0 REV 02 740-011613 PNB1GJR SFP-SX PIC 1 BUILTIN BUILTIN 10x 1GE(LAN) SFP FPC 5 REV 10 750-062242 CAKX2328 SRX5k IOC3 2CGE+4XGE PIC 0 BUILTIN BUILTIN 2x 10GE SFP+ Xcvr 0 REV 01 740-021308 ANA07RE SFP+-10G-SR Xcvr 1 REV 01 740-031980 AQF0RBJ SFP+-10G-SR PIC 1 BUILTIN BUILTIN 1x 100GE CFP2 PIC 2 BUILTIN BUILTIN 2x 10GE SFP+ Xcvr 0 REV 01 740-031980 AA1650304RF SFP+-10G-SR Xcvr 1 REV 01 740-021308 AQ93BDK SFP+-10G-SR PIC 3 BUILTIN BUILTIN 1x 100GE CFP2 FPC 8 REV 46 750-056519 CALC4514 SRX5k IOC4 MRATE CPU REV 21 750-057177 CALC3494 SMPC PMB PIC 0 BUILTIN BUILTIN MRATE-6xQSFPP-XGE-XLGE-CGE Xcvr 0 REV 01 740-059437 000T20128 QSFP28-LPBK Xcvr 1 REV 01 740-067443 1ACP13450KH QSFP+-40G-SR4 PIC 1 BUILTIN BUILTIN MRATE-6xQSFPP-XGE-XLGE-CGE Xcvr 0 REV 01 740-059437 0000T3443 QSFP28-LPBK Fan Tray 0 REV 06 740-035409 ACAE9390 Enhanced Fan Tray Fan Tray 1 REV 06 740-035409 ACAE9386 Enhanced Fan Tray node1: -------------------------------------------------------------------------- Hardware inventory: Item Version Part number Serial number Description Chassis JN1267B01AGA SRX5800 Midplane REV 42 760-063937 ACRL3068 Enhanced SRX5800 Backplane FPM Board REV 05 760-061272 CAJX9988 Front Panel Display PDM Rev 01 740-063049 QCS2209507A Power Distribution Module PEM 0 Rev 11 740-027760 QCS1822N0EY PS 4.1kW; 200-240V AC in PEM 1 Rev 03 740-034724 QCS17020203F PS 4.1kW; 200-240V AC in Routing Engine 0 REV 01 750-095568 CALK8904 SRX5k RE-2000x6 Routing Engine 1 REV 01 750-095568 CADZ9076 SRX5k RE-2000x6 CB 0 REV 26 750-031391 CALV3010 SRX5k SCB4 CB 1 REV 26 750-031391 CALV3000 SRX5k SCB4 FPC 2 REV 28 750-073435 CAKZ9620 SPC3 CPU BUILTIN BUILTIN SRX5k vCPP Broadwell PIC 0 BUILTIN BUILTIN SPU Cp-Flow PIC 1 BUILTIN BUILTIN SPU Flow FPC 3 REV 18 750-054877 CACH4082 SRX5k SPC II CPU BUILTIN BUILTIN SRX5k DPC PPC PIC 0 BUILTIN BUILTIN SPU Flow PIC 1 BUILTIN BUILTIN SPU Flow PIC 2 BUILTIN BUILTIN SPU Flow PIC 3 BUILTIN BUILTIN SPU Flow FPC 4 REV 08 750-061262 CAFD8165 SRX5k IOC II CPU REV 02 711-061263 CAFV7507 SRX5k MPC PMB MIC 0 REV 03 750-055732 CAFV6603 20x 1GE(LAN) SFP PIC 0 BUILTIN BUILTIN 10x 1GE(LAN) SFP Xcvr 0 REV 01 740-011613 AM0805S8M4N SFP-SX PIC 1 BUILTIN BUILTIN 10x 1GE(LAN) SFP FPC 5 REV 03 750-062242 CAFZ2748 SRX5k IOC3 2CGE+4XGE PIC 0 BUILTIN BUILTIN 2x 10GE SFP+ Xcvr 0 REV 01 740-021308 11T511100788 SFP+-10G-SR Xcvr 1 REV 01 740-031980 AS92WJ0 SFP+-10G-SR PIC 1 BUILTIN BUILTIN 1x 100GE CFP2 PIC 2 BUILTIN BUILTIN 2x 10GE SFP+ Xcvr 0 REV 01 740-031980 AA1650304EZ SFP+-10G-SR Xcvr 1 REV 01 740-031980 ANS0EAR SFP+-10G-SR PIC 3 BUILTIN BUILTIN 1x 100GE CFP2 FPC 8 REV 46 750-056519 CALC4526 SRX5k IOC4 MRATE CPU REV 21 750-057177 CALF5727 SMPC PMB PIC 0 BUILTIN BUILTIN MRATE-6xQSFPP-XGE-XLGE-CGE Xcvr 1 REV 01 740-067443 1ACP13450L9 QSFP+-40G-SR4 PIC 1 BUILTIN BUILTIN MRATE-6xQSFPP-XGE-XLGE-CGE Fan Tray 0 REV 06 740-035409 ACAE9298 Enhanced Fan Tray Fan Tray 1 REV 06 740-035409 ACAE9314 Enhanced Fan Tray -
-
SRX1600, SRX2300 and SRX4300—Devices support dual control link and dual fab link.
-
SRX4600—Has dedicated slots for each kind of card that cannot be interchanged.
-
SRX300, SRX320, SRX340, SRX345, and SRX380—Although the devices must be of the same type, they can contain different Physical Interface Modules (PIMs).
-
The control ports on the respective nodes are connected to form a control plane that synchronizes the configuration and kernel state to facilitate the high availability of interfaces and services.
-
The data plane on the respective nodes is connected over the fabric ports to form a unified data plane. The fabric link allows for the management of cross-node flow processing and for the management of session redundancy.