Hi guys,
i have a strange behavior on two brand new srx345. In cluster mode, i can't ping the reth0 interface from the outside. Let's get the point first, the reth0 interface is already set up in a security zone.The truly strange behavior is, if i rename the interface to reth1 it will run as expected. No firewall filters are used...
Any ideas?
Here is my config:
chassis {
alarm {
ethernet {
link-down ignore;
}
}
cluster {
control-link-recovery;
reth-count 3;
network-management {
cluster-master;
}
redundancy-group 0 {
node 0 priority 100;
node 1 priority 1;
}
redundancy-group 1 {
node 0 priority 100;
node 1 priority 1;
preempt;
gratuitous-arp-count 4;
}
}
}
security {
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
}
interfaces {
reth1.0;
}
}
security-zone test {
host-inbound-traffic {
system-services {
ping;
}
}
interfaces {
reth2.0;
}
}
security-zone untrust {
host-inbound-traffic {
system-services {
ping;
}
}
interfaces {
reth0.0;
}
}
}
}
interfaces {
ge-0/0/0 {
gigether-options {
redundant-parent reth0;
}
}
ge-0/0/5 {
gigether-options {
redundant-parent reth2;
}
}
ge-0/0/7 {
gigether-options {
redundant-parent reth1;
}
}
ge-5/0/0 {
gigether-options {
redundant-parent reth0;
}
}
ge-5/0/5 {
gigether-options {
redundant-parent reth2;
}
}
ge-5/0/7 {
gigether-options {
redundant-parent reth1;
}
}
fab0 {
fabric-options {
member-interfaces {
ge-0/0/2;
}
}
}
fab1 {
fabric-options {
member-interfaces {
ge-5/0/2;
}
}
}
reth0 {
redundant-ether-options {
redundancy-group 1;
}
unit 0 {
family inet {
address 212.88.155.77/24;
}
}
}
reth1 {
redundant-ether-options {
redundancy-group 1;
}
unit 0 {
family inet {
address 212.88.155.76/24;
}
}
}
reth2 {
redundant-ether-options {
redundancy-group 1;
}
unit 0 {
family inet {
address 212.88.155.78/24;
}
}
}
st0 {
unit 0 {
family inet {
address 10.0.4.1/28;
}
}
}
}