Deploying vSRX Chassis Cluster Nodes Across Different ESXi Hosts Using dvSwitch
Before you deploy the vSRX chassis cluster nodes for ESXi 6.0 (or greater) hosts using distributed virtual switch (dvSwitch), ensure that you make the following configuration settings from the vSphere Web Client to ensure that the high-availability cluster control link works properly between the two nodes:
In the dvSwitch switch settings of the vSphere Web Client, disable IGMP snooping for Multicast filtering mode (see Multicast Snooping on a vSphere Distributed Switch).
In the dvSwitch port group configuration of the vSphere Web Client, enable promiscuous mode (see Configure the Security Policy for a Distributed Port Group or Distributed Port).
This chassis cluster method uses the private virtual LAN (PVLAN) feature of dvSwitch to deploy the vSRX chassis cluster nodes at different ESXi hosts. There is no need to change the external switch configurations.
On the VMware vSphere Web Client, for dvSwitch, there are two PVLAN IDs for the primary and secondary VLANs. Select Community in the menu for the secondary VLAN ID type.
The configurations described above must reside at an external switch to which distributed switch uplinks are connected. If the link at the external switch supports native VLAN, then VLAN can be set to none in the distributed switch port group configuration. If native VLAN is not supported on the link, this configuration should have VLAN enabled.
You can also use regular VLAN on a distributed switch to deploy vSRX chassis cluster nodes at different ESXi hosts using dvSwitch. Regular VLAN works similarly to a physical switch. If you want to use regular VLAN instead of PVLAN, disable IGMP snooping for chassis cluster links.
However, use of PVLAN is recommended because:
PVLAN does not impose IGMP snooping.
PVLAN can save VLAN IDs.
When the vSRX cluster across multiple ESXi hosts communicates
through physical switches, then you need to consider the other Layer
2 parameters at: https://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/NT21/