Chassis Cluster Dual Fabric Links
This topic explains how dual fabric links eliminate a single point of failure in a chassis cluster configuration. If one fabric link fails while the other remains operational, all sessions are preserved between the two nodes and the chassis cluster remains functional.
Use Feature Explorer to confirm platform and release support for specific features.
Review the Platform-Specific Interfaces Behavior section for notes related to your platform.
Dual Fabric Links
You can configure two fabric links between each device in a chassis cluster to provide fabric link redundancy and eliminate a single point of failure. If one fabric link fails, the remaining link continues to carry all traffic, preserving session synchronization and cluster operation.
In a dual fabric link configuration, runtime objects (RTOs) and probe traffic are transmitted on one fabric link, while fabric-forwarded and flow-forwarded traffic is transmitted on the other. If either fabric link fails, the remaining fabric link handles all traffic types including RTOs, probes, and data forwarding. The system selects the physical interface with the lowest slot, PIC, or port number on each node for transmitting RTOs and probes.
All Firewalls support the use of dual fabric links between cluster nodes, which significantly reduces the risk of fabric link failure.
On most Firewalls operating in a chassis cluster, you can configure any pair of Gigabit Ethernet interfaces or any pair of 10-Gigabit Ethernet interfaces as fabric links between nodes.
When configuring dual fabric links, ensure that both child interfaces are of the same interface type.
For example:
-
Both interfaces must be Gigabit Ethernet, or
-
Both interfaces must be 10-Gigabit Ethernet
Using matching interface types is required for the configuration to function correctly.
See Also
Example: Configure Chassis Cluster Dual Fabric Links with Matching Slots and Ports
This example shows how to configure the chassis cluster fabric using dual fabric links with matching slots and ports. The fabric is the back-to-back data connection between cluster nodes. Traffic that must be processed on the peer node, or that exit through an interface on the peer node, is forwarded across the fabric. Session state information also exchanged over the fabric.
Requirements
Before you begin, set the chassis cluster ID and chassis cluster node ID. See Example: Setting the Chassis Cluster Node ID and Cluster ID.
Overview
You cannot configure filters, policies, or services on the fabric interface, and fragmentation is not supported on the fabric link. The fabric link supports MTU size of 8984 bytes. It is recommended that no interface in the cluster be configured with an MTU larger than this value. Jumbo frame support on the fabric member links is enabled by default.
A typical dual
fabric link configuration
uses matching
slots and ports on each node. For example,
ge-3/0/0
on node 0
corresponds to
ge-10/0/0 on node
1, and
ge-0/0/0
on node 0
corresponds to
ge-7/0/0
on node 1, where
the FPC
slot offset is
7.
Only interfaces
of the same type
can
be configured as fabric
child
interfaces,
and
an
equal number of child links
must be
configured for fab0 and
fab1.
If the fabric links are connected through a switch, you must enable jumbo frame support on the corresponding switch ports. If both fabric links are connected through the same switch, the RTO and probe traffic must be placed in one VLAN and the data traffic must be placed in a different VLAN. In both cases, jumbo frame support feature must be enabled on the associated switch ports.
Configuration
Procedure
CLI Quick Configuration
To quickly configure this example, copy the
following commands, paste them into a text file, remove any line breaks,
change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
{primary:node0}[edit]
set interfaces fab0 fabric-options member-interfaces ge-0/0/0
set interfaces fab0 fabric-options member-interfaces ge-3/0/0
set interfaces fab1 fabric-options member-interfaces ge-7/0/0
set interfaces fab1 fabric-options member-interfaces ge-10/0/0
Step-by-Step Procedure
To configure the chassis cluster fabric using dual fabric links with matching slots and ports on each node:
Specify the fabric interfaces.
{primary:node0}[edit] user@host# set interfaces fab0 fabric-options member-interfaces ge-0/0/0 user@host# set interfaces fab0 fabric-options member-interfaces ge-3/0/0 user@host# set interfaces fab1 fabric-options member-interfaces ge-7/0/0 user@host# set interfaces fab1 fabric-options member-interfaces ge-10/0/0
Results
From configuration mode, confirm your configuration
by entering the show interfaces command. If the output
does not display the intended configuration, repeat the configuration
instructions in this example to correct it.
For brevity, this show command output includes only
the configuration that is relevant to this example. Any other configuration
on the system has been replaced with ellipses (...).
{primary:node0}[edit]
user@host# show interfaces
...
fab0 {
fabric-options {
member-interfaces {
ge-0/0/0;
ge-3/0/0;
}
}
}
fab1 {
fabric-options {
member-interfaces {
ge-7/0/0;
ge-10/0/0;
}
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Verify the Chassis Cluster Fabric
Purpose
Verify the chassis cluster fabric.
Action
From operational mode, enter the show interfaces
terse | match fab command.
{primary:node0}
user@host> show interfaces terse | match fab
ge-0/0/0.0 up up aenet --> fab0.0
ge-3/0/0.0 up up aenet --> fab0.0
ge-7/0/0.0 up up aenet --> fab1.0
ge-10/0/0.0 up up aenet --> fab1.0
fab0 up up
fab0.0 up up inet 10.17.0.200/24
fab1 up up
fab1.0 up up inet 10.18.0.200/24
Example: Configure Chassis Cluster Dual Fabric Links with Different Slots and Ports
This example shows how to configure the chassis cluster fabric using dual fabric links with different slots and ports. The fabric is the back-to-back data connection between the cluster nodes. Traffic that must be processed on the peer node, or that must exit through an interface on the peer node, traverses the fabric. Session state information is also exchanged over the fabric.
Requirements
Before you begin, set the chassis cluster ID and chassis cluster node ID. See Example: Setting the Chassis Cluster Node ID and Cluster ID.
Overview
This example explains how to configure the fabric link with dual fabric links with different slots and ports on each node.
Ensure that the RTO-and-probes link on one node is physically connected to the RTO-and-probes link on the peer node. Likewise, ensure that the data link on one node is physically connected to the data link on the peer node.
Specifically, physically connect the following two pairs:
-
The node 0 RTO-and-probes link ge-2/1/9 to the node 1 RTO-and-probes link ge-11/0/0
-
The node 0 data link ge-2/2/5 to the node 1 data link ge-11/3/0
Only interfaces of the same type can be configured as fabric child interfaces, and you must configure an equal number of child links for fab0 and fab1.
If each fabric link is connected through a switch, you must enable jumbo frame support on the corresponding switch ports. If both fabric links are connected through the same switch, the RTO-and-probes pair must be placed in one virtual LAN (VLAN) and the data pair must be placed in a different VLAN. In all cases, jumbo frame support must be enabled on the associated switch ports.
Configuration
Procedure
CLI Quick Configuration
To quickly configure this example, copy the
following commands, paste them into a text file, remove any line breaks,
change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
{primary:node0}[edit]
set interfaces fab0 fabric-options member-interfaces ge-2/1/9
set interfaces fab0 fabric-options member-interfaces ge-2/2/5
set interfaces fab1 fabric-options member-interfaces ge-11/0/0
set interfaces fab1 fabric-options member-interfaces ge-11/3/0
Step-by-Step Procedure
To configure the chassis cluster fabric with dual fabric links with different slots and ports on each node:
Specify the fabric interfaces.
{primary:node0}[edit] user@host# set interfaces fab0 fabric-options member-interfaces ge-2/1/9 user@host# set interfaces fab0 fabric-options member-interfaces ge-2/2/5 user@host# set interfaces fab1 fabric-options member-interfaces ge-11/0/0 user@host# set interfaces fab1 fabric-options member-interfaces ge-11/3/0
Results
From configuration mode, confirm your configuration
by entering the show interfaces command. If the output
does not display the intended configuration, repeat the configuration
instructions in this example to correct it.
For brevity, this show command output includes only
the configuration that is relevant to this example. Any other configuration
on the system has been replaced with ellipses (...).
{primary:node0}[edit]
user@host# show interfaces
...
fab0 {
fabric-options {
member-interfaces {
ge-2/1/9;
ge-2/2/5;
}
}
}
fab1 {
fabric-options {
member-interfaces {
ge-11/0/0;
ge-11/3/0;
}
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Verify the Chassis Cluster Fabric
Purpose
Verify the chassis cluster fabric.
Action
From operational mode, enter the show interfaces
terse | match fab command.
{primary:node0}
user@host> show interfaces terse | match fab
ge-2/1/9.0 up up aenet --> fab0.0
ge-2/2/5.0 up up aenet --> fab0.0
ge-11/0/0.0 up up aenet --> fab1.0
ge-11/3/0.0 up up aenet --> fab1.0
fab0 up up
fab0.0 up up inet 30.17.0.200/24
fab1 up up
fab1.0 up up inet 30.18.0.200/24
Platform-Specific Interfaces Behavior
Use Feature Explorer to confirm platform and release support for specific features.
Use the following table to review platform-specific behaviors for your platform.
|
Platform |
Interfaces |
|---|---|
|
SRX Series |
|