close

keyboard_arrow_left

Table of Contents Expand all

play_arrow Overview
- Chassis Cluster Overview
- Chassis Cluster Features Supported on SRX Series Devices
play_arrow Setting Up a Chassis Cluster
play_arrow Configuring Redundancy and Failover in a Chassis Cluster
play_arrow Chassis Cluster Operations
play_arrow Upgrading or Disabling a Chassis Cluster
play_arrow Troubleshooting
play_arrow Configuration Statements and Operational Commands
- Junos CLI Reference Overview
play_arrow Chassis Cluster Support on SRX100, SRX210, SRX220, SRX240, SRX550M, SRX650, SRX1400, SRX3400, and SRX3600 Devices
- Chassis Cluster Support on SRX100, SRX210, SRX220, SRX240, SRX550M, SRX650, SRX1400, SRX3400, and SRX3600 Devices

list Table of Contents

English

Example: Enabling Eight-Queue Class of Service on Redundant Ethernet Interfaces on SRX Series Firewalls in a Chassis Cluster

date_range 20-Mar-24

arrow_backward

arrow_forward

This example shows how to enable eight-queue CoS on redundant Ethernet interfaces on SRX Series Firewalls in a chassis cluster. This example is applicable to SRX1600, SRX2300, SRX4100, SRX4200, SRX4300, SRX4600, SRX5400, SRX5600, and SRX5800. The eight-queue CoS is also supported on redundant Ethernet interfaces for branch SRX Series Firewalls in a chassis cluster. The SRX Series for the branch support eight queues, but only four queues are enabled by default.

Requirements

This example uses the following hardware and software components:

Two SRX5600 Service Gateways in a chassis cluster
Junos OS Release 11.4R4 or later for SRX Series Firewalls

Before you begin:

Understand chassis cluster configuration. See Example: Configuring an Active/Passive Chassis Cluster on SRX5800 Devices.
Understand chassis cluster redundant interface configuration. See Example: Configuring Chassis Cluster Redundant Ethernet Interfaces.

Overview

The SRX Series Firewalls support eight queues, but only four queues are enabled by default. Use the set chassis fpc x pic y max-queues-per-interface 8 command to enable eight queues explicitly at the chassis level. The values of x and y depends on the location of the IOC and the PIC number where the interface is located on the device on which CoS needs to be implemented. To find the IOC location use the show chassis fpc pic-status or show chassis hardware commands.

You must restart the chassis control for the configuration to take effect.

On SRX Series Firewalls, eight QoS queues are supported per ae interface.

Figure 1 shows how to configure eight-queue CoS on redundant Ethernet interfaces on SRX Series Firewalls in a chassis cluster.

Topology

Figure 1: Eight-Queue CoS on Redundant Ethernet Interfaces

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

content_copy zoom_out_map
set chassis fpc 5 pic 1 max-queues-per-interface 8
set chassis fpc 5 pic 1 max-queues-per-interface 8 
set chassis cluster reth-count 2 
set chassis cluster control-ports fpc 4 port 0 
set chassis cluster control-ports fpc 10 port 0 
set chassis cluster redundancy-group 0 node 0 priority 254 
set chassis cluster redundancy-group 0 node 1 priority 1 
set chassis cluster redundancy-group 1 node 0 priority 200 
set chassis cluster redundancy-group 1 node 1 priority 100 
set interfaces ge-5/1/14 gigether-options redundant-parent reth0 
set interfaces ge-5/1/15 gigether-options redundant-parent reth1 
set interfaces ge-11/1/14 gigether-options redundant-parent reth0 
set interfaces ge-11/1/15 gigether-options redundant-parent reth1 
set interfaces reth0 vlan-tagging 
set interfaces reth0 redundant-ether-options redundancy-group 1 
set interfaces reth0 unit 0 vlan-id 1350 
set interfaces reth0 unit 0 family inet address 192.0.2.1/24 
set interfaces reth1 hierarchical-scheduler 
set interfaces reth1 vlan-tagging 
set interfaces reth1 redundant-ether-options redundancy-group 2 
set interfaces reth1 unit 0 vlan-id 1351 
set interfaces reth1 unit 0 family inet address 192.0.2.2/24 
set interfaces reth1 unit 1 vlan-id 1352 
set interfaces reth1 unit 1 family inet address 192.0.2.3/24 
set interfaces reth1 unit 2 vlan-id 1353 
set interfaces reth1 unit 2 family inet address 192.0.2.4/24 
set interfaces reth1 unit 3 vlan-id 1354 
set interfaces reth1 unit 3 family inet address 192.0.2.5/24 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q0 loss-priority low code-points 000 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q2 loss-priority low code-points 010 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q3 loss-priority low code-points 011 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q1 loss-priority low code-points 001 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q4 loss-priority low code-points 100 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q5 loss-priority low code-points 101 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q6 loss-priority low code-points 110 
set class-of-service classifiers inet-precedence inet_prec_4 forwarding-class q7 loss-priority low code-points 111 
set class-of-service forwarding-classes queue 0 q0 
set class-of-service forwarding-classes queue 1 q1 
set class-of-service forwarding-classes queue 2 q2 
set class-of-service forwarding-classes queue 3 q3 
set class-of-service forwarding-classes queue 4 q4 
set class-of-service forwarding-classes queue 5 q5 
set class-of-service forwarding-classes queue 6 q6 
set class-of-service forwarding-classes queue 7 q7 
set class-of-service traffic-control-profiles 1 scheduler-map sched_map 
set class-of-service traffic-control-profiles 1 shaping-rate 200m 
set class-of-service interfaces reth0 unit 0 classifiers inet-precedence inet_prec_4 
set class-of-service interfaces reth1 unit 0 output-traffic-control-profile 1 
set class-of-service scheduler-maps sched_map forwarding-class q0 scheduler S0 
set class-of-service scheduler-maps sched_map forwarding-class q1 scheduler S1 
set class-of-service scheduler-maps sched_map forwarding-class q2 scheduler S2 
set class-of-service scheduler-maps sched_map forwarding-class q3 scheduler S3 
set class-of-service scheduler-maps sched_map forwarding-class q4 scheduler S4 
set class-of-service scheduler-maps sched_map forwarding-class q5 scheduler S5 
set class-of-service scheduler-maps sched_map forwarding-class q6 scheduler S6 
set class-of-service scheduler-maps sched_map forwarding-class q7 scheduler S7 
set class-of-service schedulers S0 transmit-rate percent 20 
set class-of-service schedulers S1 transmit-rate percent 5 
set class-of-service schedulers S2 transmit-rate percent 5 
set class-of-service schedulers S3 transmit-rate percent 10 
set class-of-service schedulers S4 transmit-rate percent 10 
set class-of-service schedulers S5 transmit-rate percent 10 
set class-of-service schedulers S6 transmit-rate percent 10 
set class-of-service schedulers S7 transmit-rate percent 30 

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To enable eight-queue CoS on redundant Ethernet interfaces:

Configure a maximum of eight queues on the interfaces on Node 0 and Node 1.
```
[edit chassis]
user@host# set fpc 5 pic 1 max-queues-per-interface 8
```
In addition to configuring eight queues at the [edit chassis] hierarchy level, the configuration at the [edit class-of-service] hierarchy level must support eight queues per interface.
Specify the number of redundant Ethernet interfaces.
```
[edit chassis cluster]
user@host# set reth-count 2
```

Configure the control ports.

content_copy zoom_out_map
[edit chassis cluster]
user@host# set control-ports fpc 4 port 0
user@host# set control-ports fpc 10 port 0

Configure redundancy groups.

content_copy zoom_out_map
[edit chassis cluster]
user@host# set redundancy-group 0 node 0 priority 254
user@host# set redundancy-group 0 node 1 priority 1
user@host# set redundancy-group 1 node 0 priority 200
user@host# set redundancy-group 1 node 1 priority 100

Configure the redundant Ethernet interfaces.

content_copy zoom_out_map
[edit interfaces]
user@host# set ge-5/1/14 gigether-options redundant-parent reth0
user@host# set ge-11/1/14 gigether-options redundant-parent reth0
user@host# set ge-5/1/15 gigether-options redundant-parent reth1
user@host# set ge-11/1/15 gigether-options redundant-parent reth1
user@host# set reth0 redundant-ether-options redundancy-group 1
user@host# set reth0 vlan-tagging
user@host# set reth0 unit 0 vlan-id 1350
user@host# set reth0 unit 0 family inet address 192.0.2.1/24
user@host# set reth1 hierarchical-scheduler
user@host# set reth1 vlan-tagging
user@host# set reth1 redundant-ether-options redundancy-group 2
user@host# set reth1 unit 0 vlan-id 1351
user@host# set reth1 unit 0 family inet address 192.0.2.2/24
user@host# set reth1 unit 1 vlan-id 1352
user@host# set reth1 unit 1 family inet address 192.0.2.3/24
user@host# set reth1 unit 2 vlan-id 1353
user@host# set reth1 unit 2 family inet address 192.0.2.4/24
user@host# set reth1 unit 3 vlan-id 1354
user@host# set reth1 unit 3 family inet address 192.0.2.5/24

Define a classifier and apply it to a logical interface.

content_copy zoom_out_map
[edit class-of-service]
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q0 loss-priority low code-points 000
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q2 loss-priority low code-points 010
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q3 loss-priority low code-points 011
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q1 loss-priority low code-points 001
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q4 loss-priority low code-points 100
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q5 loss-priority low code-points 101
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q6 loss-priority low code-points 110
user@host# set classifiers inet-precedence inet_prec_4 forwarding-class q7 loss-priority low code-points 111

Map forwarding classes to CoS queues.

content_copy zoom_out_map
[edit class-of-service]
user@host# set forwarding-classes queue 0 q0
user@host# set forwarding-classes queue 1 q1
user@host# set forwarding-classes queue 2 q2
user@host# set forwarding-classes queue 3 q3
user@host# set forwarding-classes queue 4 q4
user@host# set forwarding-classes queue 5 q5
user@host# set forwarding-classes queue 6 q6
user@host# set forwarding-classes queue 7 q7

Configure traffic control profiles.

content_copy zoom_out_map
[edit class-of-service]
user@host# set traffic-control-profiles 1 scheduler-map sched_map
user@host# set traffic-control-profiles 1 shaping-rate 200m

Define packet flow through the CoS elements.

content_copy zoom_out_map
[edit class-of-service]
user@host# set interfaces reth0 unit 0 classifiers inet-precedence inet_prec_4

Apply a traffic scheduling profile to the interface.

content_copy zoom_out_map
[edit class-of-service]
user@host# set interfaces reth1 unit 0 output-traffic-control-profile 1

Configure the CoS schedulers.

content_copy zoom_out_map
[edit class-of-service]
user@host# set scheduler-maps sched_map forwarding-class q0 scheduler S0
user@host# set scheduler-maps sched_map forwarding-class q1 scheduler S1
user@host# set scheduler-maps sched_map forwarding-class q2 scheduler S2
user@host# set scheduler-maps sched_map forwarding-class q3 scheduler S3
user@host# set scheduler-maps sched_map forwarding-class q4 scheduler S4
user@host# set scheduler-maps sched_map forwarding-class q5 scheduler S5
user@host# set scheduler-maps sched_map forwarding-class q6 scheduler S6
user@host# set scheduler-maps sched_map forwarding-class q7 scheduler S7
user@host# set schedulers S0 transmit-rate percent 20
user@host# set schedulers S1 transmit-rate percent 5
user@host# set schedulers S2 transmit-rate percent 5
user@host# set schedulers S3 transmit-rate percent 10
user@host# set schedulers S4 transmit-rate percent 10
user@host# set schedulers S5 transmit-rate percent 10
user@host# set schedulers S6 transmit-rate percent 10
user@host# set schedulers S7 transmit-rate percent 30

Results

From configuration mode, confirm your configuration by entering the show class-of-service command. If the output does not display the intended configuration, repeat the configuration instructions in this example to correct it.

For brevity, this show command output includes only the configuration that is relevant to this example. Any other configuration on the system has been replaced with ellipses (...).

content_copy zoom_out_map
[edit]
user@host# show class-of-service
classifiers {
    inet-precedence inet_prec_4 {
        forwarding-class q0 {
            loss-priority low code-points 000;
        }
        forwarding-class q2 {
            loss-priority low code-points 010;
        }
        forwarding-class q3 {
            loss-priority low code-points 011;
        }
        forwarding-class q1 {
            loss-priority low code-points 001;
        }
        forwarding-class q4 {
            loss-priority low code-points 100;
        }
        forwarding-class q5 {
            loss-priority low code-points 101;
        }
        forwarding-class q6 {
            loss-priority low code-points 110;
        }
        forwarding-class q7 {
            loss-priority low code-points 111;
        }
    }
}
forwarding-classes {
    queue 0 q0;
    queue 1 q1;
    queue 2 q2;
    queue 3 q3;
    queue 4 q4;
    queue 5 q5;
    queue 6 q6;
    queue 7 q7;
}
traffic-control-profiles {
    1 {
        scheduler-map sched_map;
        shaping-rate 200m;
    }
}
interfaces {
    reth0 {
        unit 0 {
            classifiers {
                inet-precedence inet_prec_4;
            }
        }
    }
    reth1 {
        unit 0 {
            output-traffic-control-profile 1;
        }
    }
}
scheduler-maps {
    sched_map {
        forwarding-class q0 scheduler S0;
        forwarding-class q1 scheduler S1;
        forwarding-class q2 scheduler S2;
        forwarding-class q3 scheduler S3;
        forwarding-class q4 scheduler S4;
        forwarding-class q5 scheduler S5;
        forwarding-class q6 scheduler S6;
        forwarding-class q7 scheduler S7;
    }
}
schedulers {
    S0 {
        transmit-rate percent 20;
    }
    S1 {
        transmit-rate percent 5;
    }
    S2 {
        transmit-rate percent 5;
    }
    S3 {
        transmit-rate percent 10;
    }
    S4 {
        transmit-rate percent 10;
    }
    S5 {
        transmit-rate percent 10;
    }
    S6 {
        transmit-rate percent 10;
    }
    S7 {
        transmit-rate percent 30;
    }
}

If you are done configuring the device, enter commit from configuration mode.

To restart chassis control, enter restart chassis-control command from operational mode.

When you execute the restart chassis-control command all the FRU cards on the box are reset, thus impacting traffic. Changing the number of queues must be executed during a scheduled downtime. It takes 5-10 minutes for the cards to come online after the restart chassis-control command is executed.

Verification

Verifying the Eight-Queue COS Configuration

Purpose
Action

Purpose

Verify that eight-queue CoS is enabled properly.

Action

From the operational mode, enter the following commands:

show interfaces ge-5/1/14 extensive
show interfaces queue ge-5/1/14
show class-of-service forwarding-class
show class-of-service interface ge-5/1/14

arrow_backward PREVIOUS Configuring Chassis Clustering on SRX Series Devices

NEXT arrow_forward Conditional Route Advertisement over Redundant Ethernet Interfaces on SRX Series Firewalls in a Chassis Cluster

Chassis Cluster User Guide for SRX Series Devices

ON THIS PAGE

Example: Enabling Eight-Queue Class of Service on Redundant Ethernet Interfaces on SRX Series Firewalls in a Chassis Cluster

Requirements

Overview

Topology

Configuration

Procedure

CLI Quick Configuration

Step-by-Step Procedure

Results

Verification

Verifying the Eight-Queue COS Configuration

Purpose

Action

Stay in touch

Helped me install or use the product
Accelerated my deployment

Discuss the product with a co-worker
Make a purchase inquiry

Chassis Cluster User Guide for SRX Series Devices

ON THIS PAGE

Example: Enabling Eight-Queue Class of Service on Redundant Ethernet Interfaces on SRX Series Firewalls in a Chassis Cluster

Requirements

Overview

Topology

Configuration

Procedure

CLI Quick Configuration

Step-by-Step Procedure

Results

Verification

Verifying the Eight-Queue COS Configuration

Purpose

Action

Related Documentation

Stay in touch