Ethernet Switching on Chassis Cluster
You can configure a chassis cluster to act as a Layer 2 Ethernet switch. For more information, see the following topics:.
Layer 2 Ethernet Switching Capability in a Chassis Cluster Mode
- Understanding Layer 2 Ethernet Switching Capability in a Chassis Cluster on SRX Series Devices
- Understanding Chassis Cluster Failover and New Primary Election
- Benefits of Ethernet Switching on Chassis Cluster
Understanding Layer 2 Ethernet Switching Capability in a Chassis Cluster on SRX Series Devices
Ethernet ports support various Layer 2 features such as spanning-tree protocols (STPs), IEEE 802.1x, Link Layer Discovery Protocol (LLDP), and Multiple VLAN Registration Protocol (MVRP). With the extension of Layer 2 switching capability to devices in a chassis cluster, you can use Ethernet switching features on both nodes of a chassis cluster.
To ensure that Layer 2 switching works seamlessly across chassis cluster nodes, a dedicated physical link connecting the nodes is required. This type of link is called a switching fabric interface. Its purpose is to carry Layer 2 traffic between nodes.
Configuring a LAG with
family ethernet-switchingis not supported.Configuring a Reth with
family ethernet-switchingis not supported. This is only supported in Transparent mode.If a switching fabric interface (swfab) is not configured on both nodes, and if you try to configure Ethernet switching related features on the nodes, then the behavior of the nodes might be unpredictable.
Understanding Chassis Cluster Failover and New Primary Election
When chassis cluster failover occurs, a new primary node is elected and the Ethernet switching process (eswd) runs in a different node. During failover, the chassis control subsystem is restarted. Also during failover, traffic outage occurs until the PICs are up and the VLAN entries are reprogrammed. After failover, all Layer 2 protocols reconverge because Layer 2 protocol states are not maintained in the secondary node.
The Q-in-Q feature in chassis cluster mode is not supported because of chip limitation for swfab interface configuration in Broadcom chipsets.
Benefits of Ethernet Switching on Chassis Cluster
Enables Ethernet switching functionality on both nodes of a chassis cluster and provides the option to configure the Ethernet ports on either node for family Ethernet switching.
Enables configuring a Layer 2 VLAN domain with member ports from both nodes and the Layer 2 switching protocols on both devices.
See Also
Example: Configuring Switch Fabric Interfaces to Enable Switching in Chassis Cluster Mode on a Security Device
This example shows how to configure switching fabric interfaces to enable switching in chassis cluster mode.
Requirements
The physical link used as the switch fabric member must be directly connected to the device.
Switching fabric interfaces must be configured on ports that support switching features. See Ethernet Ports Switching Overview for Security Devices for information about the ports on which switching features are supported.
The physical link used as the switch fabric member must be directly connected to the device. Switching supported ports must be used for switching fabric interfaces. See Ethernet Ports Switching Overview for Security Devices for switching supported ports.
Before you begin, See Example: Configuring the Chassis Cluster Fabric Interfaces.
Overview
In this example, pseudointerfaces swfab0 and swfab1 are created for Layer 2 fabric functionality. You also configure dedicated Ethernet ports on each node to be associated with the swfab interfaces.
Configuration
Procedure
CLI Quick Configuration
To quickly configure this section of the example,
copy the following commands, paste them into a text file, remove any
line breaks, change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
set interfaces swfab0 fabric-options member-interfaces ge-0/0/3 set interfaces swfab1 fabric-options member-interfaces ge-9/0/3
Step-by-Step Procedure
To configure swfab interfaces:
Configure swfab0 and swfab1 and associate these switch fabric interfaces to enable switching across the nodes. Note that swfab0 corresponds to node 0 and swfab1 corresponds to node 1.
{primary:node0} [edit] user@host# set interfaces swfab0 fabric-options member-interfaces ge-0/0/3 user@host# set interfaces swfab1 fabric-options member-interfaces ge-9/0/3If you are done configuring the device, commit the configuration.
{primary:node0} [edit] user@host# commit
Results
From configuration mode, confirm your configuration
by entering the show interfaces swfab0 command. If the
output does not display the intended configuration, repeat the configuration
instructions in this example to correct the configuration.
[edit]
user@host# show interfaces swfab0
fabric-options{
member-interfaces {
ge-0/0/3;
}
}
Verification
To confirm that the configuration is working properly, perform these tasks:
Verifying Switching Fabric Ports
Purpose
Verify that you are able to configure multiple ports as members of switching fabric ports.
Action
From configuration mode, enter the show interfaces swfab0 command to view the configured interfaces for each port.
user@host# show interfaces swfab0
fabric-options{
member-interfaces {
ge-0/0/3;
}
}
From operational mode, enter the show chassis cluster ethernet-switching
interfaces command to view the appropriate member interfaces.
user@host> show chassis cluster ethernet-switching interfaces
swfab0:
Name Status
ge-0/0/3 up
swfab1:
Name Status
ge-9/0/3 up