Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Enabling Configuration Synchronization Between Aggregation Devices in a Junos Fusion

A Junos Fusion using multiple aggregation devices often requires that the configuration of a feature—for example, an extended port, and entities such as routing instances and VLANs that include the extended port—must match on all aggregation devices. If a configuration statement for the feature—in this case, the extended port—is specified differently on one aggregation device, the statement on that aggregation device might be implemented in an unpredictable manner or might not be implemented at all.

Configuration synchronization can be used to ensure that configuration done in a configuration group is applied on all aggregation devices when committed. Configuration synchronization simplifies administration of a Junos Fusion by allowing users to enter configuration statements in a configuration group and apply the configuration group to all aggregation devices rather than repeating a configuration procedure manually on each aggregation device. Configuration synchronization also ensures configuration consistency in that the same configuration is applied to all aggregation devices.

We strongly recommend using configuration synchronization for software features that must be configured exactly the same on all aggregation devices.

The available group configuration options are beyond the scope of this document; see Understanding MC-LAG Configuration Synchronization and Synchronizing and Committing MC-LAG Configurations for additional information on using group configurations in an MC-LAG topology.

To enable configuration synchronization between aggregation devices in a Junos Fusion.

Note:

For the sake of brevity, the examples in this procedure show the configuration on only two aggregation devices. Unless specifically called out, the examples for two aggregation devices also apply to topologies with four aggregation devices.

  1. Ensure the aggregation devices are reachable from one another:

    Aggregation device 1:

    Aggregation device 2:

    If the devices cannot ping one another, try statically mapping the hostnames of each device’s management IP address and retry the ping.

    Aggregation device 1:

    Aggregation device 2:

    If the devices cannot ping one another after the hostnames are statically mapped, see Connecting and Configuring an EX9200 Switch (CLI Procedure) or the Installation and Upgrade Guide for EX9200 Switches.

  2. Enable configuration synchronization:

    Aggregation device 1:

    Aggregation device 2:

  3. Configure each aggregation device so that the other aggregation devices are identified as configuration peers. Enter the authentication credentials of each peer aggregation device to ensure group configurations on one aggregation device are committed to the other aggregation devices.
    Best Practice:

    Configure a system master password to provide stronger encryption for configuration secrets using the master-password CLI statement. For more information on hardening shared secrets, see Master Password for Configuration Encryption.

    Warning:

    The password password is used in this configuration step for illustrative purposes only. Use a more secure password in your device configuration.

    Note:

    This step assumes a user with an authentication password has already been created on each Juniper Networks switch acting as an aggregation device. For instructions on configuring username and password combinations, see Connecting and Configuring an EX9200 Switch (CLI Procedure).

    Aggregation device 1:

    Aggregation device 2:

  4. Enable the Network Configuration (NETCONF) protocol over SSH:

    Aggregation device 1:

    Aggregation device 2:

  5. Commit the configuration:

    Aggregation device 1:

    Aggregation device 2:

  6. (Optional) Create a configuration group for testing to ensure configuration synchronization is working.

    Example for Junos Fusion Enterprise with aggregation devices that have one Routing Engine:

    Aggregation Device 1:

    Aggregation Device 2:

  7. (Optional) Configure and commit a group on aggregation device 1, and confirm it is implemented on aggregation device 2:
    Note:

    This step shows how to change one interface configuration using groups. Interface ranges cannot be specified within groups and synchronized between configuration peers in a Junos Fusion to configure multiple interfaces simultaneously.

    Aggregation device 1:

    Aggregation device 2:

    Perform the same procedure to verify configuration synchronization from aggregation device 2 to aggregation device 1, if desired.

    Delete the test configuration group on each aggregation device.

    Aggregation device 1:

    Aggregation device 2:

    See Enabling Junos Fusion Enterprise on an Enterprise Campus Network for a sample Junos Fusion Enterprise topology configured largely using configuration synchronization.

Related Documentation