Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX/J] Can the secondary node of a chassis cluster be managed via J-Web?

0

0
Article ID: KB16827 KB Last Updated: 21 Jul 2020Version: 6.0 Summary:

This article describes the possibility of managing the secondary node of a chassis cluster via the J-Web interface.

Symptoms:

When in the JSRP (Junos Services Redundancy Protocol) chassis cluster mode on J-series or SRX-series platforms, J-Web management on the secondary node for the 0 redundancy group does not work.

Cause:

J-Web management can be performed only on the primary node for the 0 redundancy group.

The reason is that daemons referenced by J-Web are not running on the secondary node.

Example

The following example shows output of syslog and system process on both node0 and node1 after RG0 was failed over from node1 to node0.

  • On node1, web-management daemon (httpd-gk) was terminated (exited).
  • On node0, web-management daemon (httpd-gk) was started.
  • Two http related daemons; httpd-gk and httpd, run only on node0, which is the new primary node of RG0.
{secondary:node1}
root@SRX210HE-B> show chassis cluster status      
Cluster ID: 1 
Node                  Priority          Status    Preempt  Manual failover

Redundancy group: 0 , Failover count: 1
    node0                   255         primary        no       yes 
    node1                   1           secondary      no       yes 

Redundancy group: 1 , Failover count: 1
    node0                   100         primary        yes      no  
    node1                   1           secondary      yes      no  
{secondary:node1}
root@SRX210HE-B> show log log-any | grep web-management 
Jul  5 11:31:52  SRX210HE-B init: web-management (PID 9660) started
Jul  5 12:00:37  SRX210HE-B init: web-management (PID 9660) SIGTERM sent
Jul  5 12:00:37  SRX210HE-B init: web-management (PID 9660) exited with status=0 Normal Exit

{primary:node0}
root@SRX210HE-A> show log log-any | grep web-management 
Jul  5 12:00:37  SRX210HE-A init: web-management (PID 9498) started

{primary:node0}
root@SRX210HE-A> show system processes extensive node 0 | grep http 
 9498 root        1  76    0 12916K  4604K select 0   0:00  0.00% httpd-gk
 9535 nobody      1  90    0  8860K  3264K select 0   0:00  0.00% httpd

{primary:node0}
root@SRX210HE-A> show system processes extensive node 1 | grep http    
  => No httpd-gk and httpd processes running on node 1 (secondary node)


This limits remote procedure calls (RPCs) from J-Web logic and, subsequently, pages that can be issued from the secondary node. Therefore, J-Web management of the secondary node is not allowed.

Solution:

CLI access (SSH, telnet, console) is available for the secondary node.

Modification History:
2020-07-15:  Article reviewed for accuracy; no changes required.

Related Links

 Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search