Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Example: Configure Chassis Cluster Redundancy Group IP Address Monitoring

This example shows how to configure redundancy group IP address monitoring for an SRX Series Firewall in a chassis cluster.

Requirements

Before you begin:

Overview

You can configure redundancy groups to monitor upstream resources by pinging specific IP addresses that are reachable through redundant Ethernet interfaces on either node in a cluster. You can also configure global threshold, weight, retry interval, and retry count parameters for a redundancy group. When a monitored IP address becomes unreachable, the weight of that monitored IP address is deducted from the redundancy group IP address monitoring global threshold. When the global threshold reaches 0, the global weight is deducted from the redundancy group threshold. The retry interval determines the ping interval for each IP address monitored by the redundancy group. The pings are sent as soon as the configuration is committed. The retry count sets the number of allowed consecutive ping failures for each IP address monitored by the redundancy group.

In this example, you configure the following settings for redundancy group 1:

  • IP address to monitor—10.1.1.10

  • IP address monitoring global-weight—255

  • IP address monitoring global-threshold—100

    The threshold applies cumulatively to all IP addresses monitored by the redundancy group.

  • IP address retry-interval—3 seconds

  • IP address retry-count—10

  • Weight—100

  • Redundant Ethernet interface—reth1.0

  • Secondary IP address—10.1.1.101

Configuration

Procedure

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Step-by-Step Procedure

To configure redundancy group IP address monitoring:

  1. Specify a global monitoring weight.

  2. Specify the global monitoring threshold.

  3. Specify the retry interval.

  4. Specify the retry count.

  5. Specify the IP address to be monitored, weight, redundant Ethernet interface, and secondary IP address.

Results

From configuration mode, confirm your configuration by entering the show chassis cluster redundancy-group 1 command. If the output does not display the intended configuration, repeat the configuration instructions in this example to correct it.

For brevity, this show command output includes only the configuration that is relevant to this example. Any other configuration on the system has been replaced with ellipses (...).

If you are done configuring the device, enter commit from configuration mode.

Verification

Verifying the Status of Monitored IP Addresses for a Redundancy Group

Purpose

Verify the status of monitored IP addresses for a redundancy group.

Action

From operational mode, enter the show chassis cluster ip-monitoring status command. For information about a specific group, enter the show chassis cluster ip-monitoring status redundancy-group command.