show security group-vpn server server-cluster
Syntax
Release Information
Command introduced in Junos OS Release 15.1X49-D30.
Description
Show information about servers in the Group VPNv2 server cluster. Group VPNv2 is supported on SRX300, SRX320, SRX340, SRX345, SRX550HM, SRX1500, SRX4100, SRX4200, and SRX4600 devices and vSRX instances.
Options
Required Privilege Level
view
Related Documentation
List of Sample Output
show security group-vpn server server-clustershow security group-vpn server server-cluster detail
Output Fields
Table 1 lists the output fields for the show security group-vpn server server-cluster command. Output fields are listed in the approximate order in which they appear.
Table 1: show security group-vpn server server-cluster Output Fields
Field Name | Field Description |
|---|---|
Group | Group name. |
Group Id | Group identifier. |
Role | Role of this server in the Group VPNv2 server cluster. |
Version Number | 32-bit version number included in cluster-update exchanges and DPD probes to support anti-replay. The first cluster-update message sent from the root-server has version number 1. Subsequent cluster-update messages increment the version number by one. (Retransmit messages do not increment the version number.) Upon receipt of a cluster-update message, the sub-server validates the received version number. The received version number must be greater than the version number in the last received message, otherwise the message is discarded. The sub-server responds to a cluster-update message with an ACK message that contains the same version number as the received message. Upon receipt of the ACK message, the root-server checks that the version number is the same as in the message it sent. If the version number is valid, the exchange is considered successful. If the version number is not valid, the original message is retransmitted or the exchange is considered failed. |
Peer Gateway | Name of the peer server in the Group VPNv2 server cluster. |
Peer IP | IP address of the remote peer server in the Group VPNv2 server cluster. |
Role | Role of the peer server in the Group VPNv2 server cluster. |
Status | Status of the peer server in the Group VPNv2 server cluster. |
Sample Output
show security group-vpn server server-cluster
user@host> show security group-vpn server server-clusterGroup: group200, Group Id: 200 Role: Root-server, Version Number: 1, Peer Gateway Peer IP Role Status sub_server1 192.168.1.112 Sub-server Active sub_server2 192.168.1.113 Sub-server Active
show security group-vpn server server-cluster detail
user@host> show security group-vpn server server-cluster
detailGGroup: group200, Group Id: 200 Role: Root-server, Version Number: 1, Peer gateway: sub_server1, Peer IP: 192.168.1.112, Local IP: 192.168.1.111, VR: vr1, Role: Sub-server, Status: Active, CLUSTER-INIT send: 0 CLUSTER-INIT recv: 1 CLUSTER-INIT success: 1 CLUSTER-INIT fail: 0 CLUSTER-INIT dup: 0 CLUSTER-INIT abort: 0 CLUSTER-INIT timeout: 0 CLUSTER-UPDATE send: 1 CLUSTER-UPDATE recv: 0 CLUSTER-UPDATE success: 1 CLUSTER-UPDATE fail: 0 CLUSTER-UPDATE abort: 0 CLUSTER-UPDATE timeout: 0 CLUSTER-UPDATE pending: 0 CLUSTER-UPDATE max retry reached: 0 DPD send: 5 DPD send fail: 0 DPD ACK recv: 5 DPD ACK invalid seqno: 0 IPsec SA policy mismatch: 0 IPsec SA proposal mismatch: 0 KEK SA proposal mismatch: 0 Peer gateway: sub_server2, Peer IP: 192.168.1.113, Local IP: 192.168.1.111, VR: default, Role: Sub-server, Status: Active, CLUSTER-INIT send: 0 CLUSTER-INIT recv: 1 CLUSTER-INIT success: 1 CLUSTER-INIT fail: 0 CLUSTER-INIT dup: 0 CLUSTER-INIT abort: 0 CLUSTER-INIT timeout: 0 CLUSTER-UPDATE send: 1 CLUSTER-UPDATE recv: 0 CLUSTER-UPDATE success: 1 CLUSTER-UPDATE fail: 0 CLUSTER-UPDATE abort: 0 CLUSTER-UPDATE timeout: 0 CLUSTER-UPDATE pending: 0 CLUSTER-UPDATE max retry reached: 0 DPD send: 6 DPD send fail: 0 DPD ACK recv: 6 DPD ACK invalid seqno: 0 IPsec SA policy mismatch: 0 IPsec SA proposal mismatch: 0 KEK SA proposal mismatch: 0