VM switch Juniper

jmartin819 · ‎11-21-2013

My organization wants to get rid of the switch in front of our Juniper SRXs that our ESX hosts connect to. My network admin wants me to set my NICs in my virtual switch to one Active and one stand by stating that is how our SRX's are configured since it's a layer 3 switch instead of a layer 2 switch. He is double checking with Juniper. I told him I could do that but not thrilled about it. Was just wondering if anyone using Junipers has a similar config and is this the correct approach?

Thanks

tomtom901 · ‎11-21-2013

Are your SRX configured in an HA config? Also, which version of JunOS are you running? In JunOS 10.4 and below, ethernet switching on a chassis cluster is not supported.

jmartin819 · ‎11-21-2013

We are running ha and we're on version 11.4R7.5. Our SRX model is SRX3600.

tomtom901 · ‎11-21-2013

Nice, that is a big firewall!

From Juniper Networks:

The Ethernet ports on either of the nodes can be configured for family Ethernet switching. Users can configure a Layer 2 VLAN domain with member ports from both of the nodes and the Layer 2 switching protocols on both of the devices. To ensure that Layer 2 switching works seamlessly across chassis cluster nodes, a dedicated physical link connecting the nodes is required. This type of link is called a switching fabric interface (swfab). Its function is to transmit Layer 2 traffic between the nodes.

You can configure both nics to be active active, but you need the swfab to ensure both nodes can switch traffic. Reference article, if you have a Juniper account:

Juniper Networks - How to configure Ethernet Switching in Chassis Cluster mode - Knowledge Base

jmartin819 · ‎11-21-2013

Thank you tomtom901. We will test it out and I'll be sure to check the Correct Answer for you when we're done. Thanks again.

All

VM switch Juniper