Hi,

Previous posts i have covered on labbing up SRX clustering and various topics on RETH interfaces. This post is mainly concentrated on building cluster if you happen to have a Layer-2 switching interface in your firewall and should have to route it to other cluster-node or even may if you have to switch the traffic instead of routing

Requirement : Make sure Server in vlan-15 defined on SRX should be able to communicate to VLAN-14 on SRX while both vlans are defined on the same cluster.

Topology

topology

Now, let us first see what interfaces do we have on SRX and what vlans are defined

1_vlans_securityzones

Next we define fab0/fab1 interfaces and for switching we have to define something called swfab0 and swfab1 interfaces as well

2_fab_swfab_interfaces

Lets see some cluster related outputs, remember we have to use ethernet-switching knob inorder to see ethernet-swtiching cluster related parameters

4_srx__ethestchng_outputs
3_srx_outputs

Verifying Ping from the configuration, looks fine!

5_sw1_ping_output

When initiated with switching traffic, we actually see that swfab interfaces are used for inter-vlan communication

6_final_output

Regards

Rakesh M

Advertisements