So you want to protect your Cluster and you do reth what about LACP reth?

So let me try and explain how juniper does this…..let me just say this is simply amazing and right on.

Juniper set this up to give you more bandwidth and a hitless fail over.

a reth interface typically has 2 members where the redundancy group for that member is running is where the active port is, juniper does not take down the backup interface but keeps it up and active however does not use it to pass traffic.

Now lets through LACP trunks into the mix to add more bandwidth to the interface.

This is accomplished by creating a RETH/LACP trunk. or really creating an active LACP and a redundant LACP, remember Juniper keeps the redundant port active, so in order to make the switch happy and up we need three LACP configs, what no just two.  OK let me explain.

Typical you when you do LACP you create a trunk on device A and the matching config on device B.  But we have to account for the redundant portion, remember juniper keeps this ports up and ready but does not pass traffic on it.  This will mess up the LACP on the switch.

On the SRX we create a reth and LACP trunk on a total of 4 interfaces two on each nodes in the cluster all connecting to the switch. but on the switch side we need to creat two LACP trunks one for the active reth and one for the redundant reth trunk.

Wow that’s a mouth full.  Juniper explains this here but saying on the SRX when you add LACP to the reth you are actually creating one LACP but with 2 sub LAGs underneath. Cool eh. so the active node has a 2 port LACP trunk which connects to the switch LACP trunk A and the redundant node in the group creates a second sub-LAG  to the switches second LACP trunk.

So on the switch you have two LACP trunks up and active however the SRX only sends traffic down one.  If you try and add all 4 ports to a single LACP trunk on the switch this will not come up and will not pass traffic.  on the redundant LACP trunk the SRX keeps it up and passing LACP packets so that it is ready to switch traffic over in a hitless manor.

Sweet eh?  I’ll di a follow up post on this config and give you examples.

