Campus Network as a Service
FW CNaaS Redundant ethernet interfaces (reth)
Overview
A redundant Ethernet interface (reth) is a pseudointerface that includes at minimum one physical interface from each node of the cluster, it is pretty similar to aggregated ethernet interfaces that we use on routers.
A redundant Ethernet interface inherits its failover properties from the redundancy group x that it belongs to. A redundant Ethernet interface remains active as long as its primary child interface is available or active. For example, if reth0 is associated with redundancy group 1 and redundancy group 1 is active on node 0, then reth0 is up as long as the node 0 child of reth0 is up.
Useful commands
#> show chassis cluster interfaces
Control link status: Up
Control interfaces:
Index Interface Monitored-Status Internal-SA Security
0 em0 Up Disabled Disabled
Fabric link status: Up
Fabric interfaces:
Name Child-interface Status Security
(Physical/Monitored)
fab0 xe-0/0/17 Up / Up Disabled
fab0
fab1 xe-7/0/17 Up / Up Disabled
fab1
Redundant-ethernet Information:
Name Status Redundancy-group
reth0 Up 1
reth1 Down Not configured
Redundant-pseudo-interface Information:
Name Status Redundancy-group
lo0 Up 0
Interface Monitoring:
Interface Weight Status Redundancy-group
(Physical/Monitored)
xe-7/0/19 255 Up / Up 1
xe-0/0/19 255 Up / Up 1
Configuration example
#> show configuration chassis
cluster {
reth-count 2;
preempt {
delay 360;
}
gratuitous-arp-count 4;
redundancy-group 0 {
node 0 priority 100;
node 1 priority 1;
}
redundancy-group 1 {
node 0 priority 100;
node 1 priority 1;
preempt;
interface-monitor {
xe-0/0/19 weight 255;
xe-7/0/19 weight 255;
}
ip-monitoring {
global-weight 255;
global-threshold 200;
family {
inet {
192.168.200.2 {
weight 100;
interface reth0.510 {
secondary-ip-address 192.168.200.4;
}
}
192.168.200.3 {
weight 100;
interface reth0.510 {
secondary-ip-address 192.168.200.4;
}
}
}
}
}
}
}
ip-monitor should monitor outside/internet link, both addresses of the Arista switches. The secondary-ip-address is the IP that the secondary node in the SRX cluster will use to ping, it should be a free IP in the linknet (in this case .1 is srx, .2 and .3 is arista, and .4 is used on the srx secondary node)
#> show configuration interfaces reth0
description "To dist-L3";
flexible-vlan-tagging;
mtu 9192;
gratuitous-arp-reply;
redundant-ether-options {
redundancy-group 1;
minimum-links 1;
}
unit 1 {
description "description";
vlan-id 1;
family inet {
mtu 1600;
address 10.20.50.6/29;
}
}
#> show configuration interfaces xe-0/0/19
description "reth0 1/2";
gigether-options {
redundant-parent reth0;
}
#> show configuration interfaces xe-7/0/19
description "reth0 2/2";
gigether-options {
redundant-parent reth0;
}