config reth aggregate-ethernet lacp tra una coppia di switch EX juniper in virtual-chassis ed una coppia di firewall SRX juniper in cluster

Home » Blog » Switching » L2 config » config reth aggregate-ethernet lacp tra una coppia di switch EX juniper in virtual-chassis ed una coppia di firewall SRX juniper in cluster

config reth aggregate-ethernet lacp tra una coppia di switch EX juniper in virtual-chassis ed una coppia di firewall SRX juniper in cluster

16.12 2019 | by massimiliano

config reth aggregate-ethernet tra una coppia di switch EX juniper in virtual-chassis ed una coppia di firewall SRX juniper in […]


https://www.ingegnerianetworking.com/wp-content/uploads/2019/12/rest-aggreg-eth-junos-cf0.png

config reth aggregate-ethernet tra una coppia di switch EX juniper in virtual-chassis ed una coppia di firewall SRX juniper in cluster

 

ARCHITETTURA DI RIFERIMENTO

 

 

rest aggreg eth junos

 

 

EX Switch Virtual-Chassis:

 

set interface xe-0/0/3 ether-option 802.3ad ae2

set interface xe-0/0/4 description “to SRX-1500 cluster Node0”

set interface xe-1/0/3 ether-option 802.3ad ae3

set interface xe-1/0/4 description “to SRX-1500 cluster Node1”

!

set interface ae3 aggregate-ether-option lacp active

set interface ae3 description “to SRX-1500 cluster Node1”

set interface ae3 unit 0 family ethernet-switching port-mode trunk

set interface ae3 unit 0 family ethernet-switching vlan members P2P_BGP_SRX_PE1

set interface ae3 unit 0 family ethernet-switching vlan members P2P_BGP_SRX_PE2

set interface ae3 unit 0 family ethernet-switching vlan members P2P_OSPF_SRX_PE1

set interface ae3 unit 0 family ethernet-switching vlan members P2P_OSPF_SRX_PE2

!

set interface ae2 aggregate-ether-option lacp active

set interface ae2 description “to SRX-1500 cluster Node0”

set interface ae2 unit 0 family ethernet-switching port-mode trunk

set interface ae2 unit 0 family ethernet-switching vlan members P2P_BGP_SRX_PE1

set interface ae2 unit 0 family ethernet-switching vlan members P2P_BGP_SRX_PE2

set interface ae2 unit 0 family ethernet-switching vlan members P2P_OSPF_SRX_PE1

set interface ae2 unit 0 family ethernet-switching vlan members P2P_OSPF_SRX_PE2

!

 

 

SRX Firewall Cluster Juniper

 

 

Redundancy Interface:

set interface xe-0/0/18 gigether-option redundant-parent reth1

set interface xe-0/0/19 gigether-option redundant-parent reth1

set interface xe-7/0/18 gigether-option redundant-parent reth1

set interface xe-7/0/19 gigether-option redundant-parent reth1

!

set interface reth1 description “aggregation EX”

set interface reth1 vlan-tagging

set interface reth1 redundant-ether-option redundancy-group 1

set interfaces reth1 redundant-ether-options lacp active

set interfaces reth1 redundant-ether-options lacp periodic slow

!

set interface reth1 unit 2 description P2P-OSPF-SRX-PE1

set interface reth1 unit 2 vlan-id 2

set interface reth1 unit 2 family inet address 2.2.2.26/30

!

set interface reth1 unit 3 description P2P-OSPF-SR-PE2

set interface reth1 unit 3 vlan-id 3

set interface reth1 unit 3 family inet address 3.3.3.30/30

!

set interface reth1 unit 4 description P2P-BGP-SRX-PE1

set interface reth1 unit 4 vlan-id 4

set interface reth1 unit 4 family inet address 4.4.4.34/30

!

set interface reth1 unit 5 description P2P-BGP-SRX-PE2

set interface reth1 unit 5 vlan-id 5

set interface reth1 unit 5 family inet address 5.5.5.38/30

!

 

 

Security Zone:

 

set security zones security-zone trust host-inbound-traffic system-services all

set security zones security-zone trust host-inbound-traffic protocols all

set security zones security-zone trust interface reth1.2

set security zones security-zone trust interface reth1.3

!

set security zones security-zone untrust host-inbound-traffic system-services all

set security zones security-zone untrust host-inbound-traffic protocols all

set security zones security-zone untrust interface reth1.4

set security zones security-zone untrust interface reth1.5

!

 

 

 

 

 

Torna in alto