Knowledge Search
[SRX] How to configure Ethernet Switching in Chassis Cluster mode
|
|
[KB21422] Show Article Properties
[KB21422] Hide Article Properties
Summary:
Symptoms:
Solution:
This feature allows users to use Ethernet switching features on both nodes of a chassis cluster. The Ethernet ports on either of the nodes can be configured for family Ethernet switching. Users can configure a Layer 2 VLAN domain with member ports from both of the nodes and the Layer 2 switching protocols on both of the devices. To ensure that Layer 2 switching works seamlessly across chassis cluster nodes, a dedicated physical link connecting the nodes is required. This type of link is called a switching fabric interface (swfab). Its function is to transmit Layer 2 traffic between the nodes.
Note:
When chassis cluster failover occurs, a new primary node is elected and the Ethernet Switching Daemon (ESWD) runs in a different node. During failover, chassis control subsystem is restarted, and the traffic outage occurs until the PICs are up and the VLAN entries are re-programmed. After fail over, all Layer 2 protocols re-converge, because Layer 2 protocols states are not maintained in the secondary node.
Note: The Ethernet-switching subsystem runs only in the primary node
The physical link used as the switch fabric members must be directly connected. Switching supported ports must be used for swfab interfaces. For SRX650, the swfab member
ports must belong to the same GPIM. Members spanning across multiple GPIMs are not supported. New pseudo interfaces - swfab0 and swfab1 are created for Layer 2 fabric functionality. Users need to configure dedicated Ethernet ports on each side of the node to be associated with the swfab interface.
To configure swfab interfaces:
Sample configuration on SRX650
CLI Configuration
Technical Documentation:
NOTE: Layer3 routing from L2 ethernet-switching network via L3-interface Vlan.X in chassis cluster deployment is supported as of Junos OS 12.1X44-D20, 12.1X45-D10 and higher versions.
Modification History:
Related Links:
Symptoms:
Solution:
Understanding Layer 2 Ethernet Switching Capability in Chassis Cluster on SRX-Branch
Ethernet ports support various Layer 2 features such as Spanning Tree Protocols (xSTP), DOT1X, Link Aggregation (LAG), Internet Group Membership Protocol (IGMP), GARP, VLAN Registration Protocol (GVRP), Link Layer Discovery Protocol (LLDP), and snooping. The enhanced feature extends Layer 2 switching capability to devices in a chassis cluster.This feature allows users to use Ethernet switching features on both nodes of a chassis cluster. The Ethernet ports on either of the nodes can be configured for family Ethernet switching. Users can configure a Layer 2 VLAN domain with member ports from both of the nodes and the Layer 2 switching protocols on both of the devices. To ensure that Layer 2 switching works seamlessly across chassis cluster nodes, a dedicated physical link connecting the nodes is required. This type of link is called a switching fabric interface (swfab). Its function is to transmit Layer 2 traffic between the nodes.
Note:
- Configuring a LAG with members and reth interface with family ethernet switching across nodes is not supported.
- Behavior of the nodes may be unpredictable, if the Ethernet switching-related features are configured before configuring the swfab interface on both the nodes.
When chassis cluster failover occurs, a new primary node is elected and the Ethernet Switching Daemon (ESWD) runs in a different node. During failover, chassis control subsystem is restarted, and the traffic outage occurs until the PICs are up and the VLAN entries are re-programmed. After fail over, all Layer 2 protocols re-converge, because Layer 2 protocols states are not maintained in the secondary node.
Note: The Ethernet-switching subsystem runs only in the primary node
The physical link used as the switch fabric members must be directly connected. Switching supported ports must be used for swfab interfaces. For SRX650, the swfab member
ports must belong to the same GPIM. Members spanning across multiple GPIMs are not supported. New pseudo interfaces - swfab0 and swfab1 are created for Layer 2 fabric functionality. Users need to configure dedicated Ethernet ports on each side of the node to be associated with the swfab interface.
To configure swfab interfaces:
- Configure swfab0 and swfab1 to associate switch fabric interfaces to enable switching across the nodes.
Sample configuration on SRX650
ge-0/0/0, ge-9/0/0 are fxp0 (out-of-band management)
ge-0/0/1,ge-9/0/1 are fxp1 (control link)
ge-0/0/2, ge-9/0/2 are fab links and ge-2/0/5 and ge-11/0/5 are swfab members.
ge-2/0/0,ge-11/0/0 are part of VLAN A and ge-2/0/1,ge-11/0/1 are part of VLAN B
CLI Configuration
interfaces {
ge-2/0/0 {
unit 0 {
family ethernet-switching {
vlan {
members A;
}
}
}
}
ge-2/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members B;
}
}
}
}
ge-11/0/0 {
unit 0 {
family ethernet-switching {
vlan {
members A;
}
}
}
}
ge-11/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members B;
}
}
}
}
fab0 {
fabric-options {
member-interfaces {
ge-0/0/2;
}
}
}
fab1 {
fabric-options {
member-interfaces {
ge-9/0/2;
}
}
}
swfab0 {
fabric-options {
member-interfaces {
ge-2/0/5;
}
}
}
swfab1 {
fabric-options {
member-interfaces {
ge-11/0/5;
}
}
}
}
vlans {
A {
vlan-id 100;
}
B {
vlan-id 200;
}
}
Verification:
- Use show chassis cluster ethernet-switching interfaces command to view the appropriate member interfaces.
{primary:node1}[edit] root@SRX-650# run show chassis cluster ethernet-switching interfaces swfab0: Name Status ge-2/0/5 up swfab1: Name Status - ge-11/0/5 up Use show chassis cluster ethernet-switching status to display chassis cluster ethernet switching status (probe status and switching domain)
{primary:node1}[edit] root@SRX-650# run show chassis cluster ethernet-switching status Cluster ID: 1 Node Priority Status Preempt Manual failover Redundancy group: 0 , Failover count: 0 node0 100 primary no no node1 1 secondary no no Redundancy group: 1 , Failover count: 0 node0 100 primary no no node1 1 secondary no noEthernet switching status:
Probe state is UP. Both nodes are in single Ethernet switching domain(s). If proper interface for swfab purpose (such as on-board interfaces on SRX650), and Ethernet-switching is not used, the status is displayed as Probe state is DOWN. Both nodes are in separate Ethernet switching domain(s).
- Use show chassis cluster ethernet-switching statistics to display chassis cluster switch fabric probe statistics
{primary:node1}[edit] root@SRX-650# run show chassis cluster ethernet-switching statistics Switch fabric link statistics: Probe state : UP Probes sent: 1866 Probes received: 1871 Probe recv errors: 0 Probe send errors: 0
Technical Documentation:
For additional information and examples, refer to the Technical Documentation, Ethernet Switching on Chassis Cluster
NOTE: Layer3 routing from L2 ethernet-switching network via L3-interface Vlan.X in chassis cluster deployment is supported as of Junos OS 12.1X44-D20, 12.1X45-D10 and higher versions.
Related Links:
