Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

services-redundancy-group

Syntax

Hierarchy Level

Description

Configure a service redundacy group (SRG). An SRG includes and manages a collection of resources on both nodes of a Multinode High Availability and it fails over between the two devices. You can configure upto 20 SRGs in a Multinode Highavailability setup.

Options

name

Services redundancy group identifier.

  • Range: 0 through 20
active-signal-route

IP address used for route preference advertisement. You must specify the active signal route along with the route-exists policy in the policy-options statement.

Signal route required for active role enforcement. When you configure the active-signal-route with if-route-exists condition, the HA module adds this route to the routing table.

  • ip-address—IP address for active signal route

  • routing-instance—Routing instance of the active signal route.
activeness-priority

Specify priority for the SRG1 in a node to take up the active role in a case where both nodes initialize at the same time. The node where SRG1 is in active state is considered as active node.

If you prefer a certain node to take over as the active node on boot, you can do one of the followings:

  • Configure the upstream routers to include preferences for the path where the node is located.
  • Configure the activeness priority for SRG1 on the SRX Series device (higher activeness priority). You can configure a priority for each node. As long as the nodes can communicate with each other through the ICL, the priority is honored.
  • Allow the node with higher node ID (in case above two options not configured) to take the active role.

  • Range: 1 through 254
activeness-probe

Specify the probe destination IP address for activeness determination.
backup-signal-route

Specify the backup signal route to advertise a route with a medium priority. When the HA link is down or the current active node relinquishes active role after any failure, the active signal route is removed from the routing table. The backup overwrites the default routing preference toward the old active node with the medium priority.

  • ip-address—IP address for backup signal route

  • routing-instance—Routing instance of the backup signal route.
deployment-type

Deployment type of the Services Redundancy Group.

  • cloud—Cloud deployment

  • hybrid—Hybrid deployment

  • routing—Routing deployment

  • switching—Switching/default gateway deployment
install-on-failure-route Divert the traffic by changing the route in a Multinode High Availability setup during a software upgrade. In this case, traffic still traverses through the node and interface remains up.

  • ip-address—IP address of the route. Mutinode High Availability installs this route to divert the traffic during the upgrade.

  • routing-instance routing-instance—Routing instance. You must create a dedicated custom virtual router for the route used for diverting traffic during the upgrade.
managed-services Enable set of services for the specified SRG.
monitor

Specify to configure the BFD and IP monitoring options.
peer-id

Allows you to choose a specific peer when multiple HA peers are configured globally to the service redundancy group.
preemption

Allow preemption of activeness based on priority. When you configure the activeness priority (1-254) for the SRG1 and enable the preemptive behavior on both nodes, the preempt option ensures that the node with higher activeness priority always remains active after a failover.
prefix-list Define a named set of address prefixes. Associate the IP prefix list to the SRG. A prefix list is a listing of IP prefixes that include the local address of IKE gateway. A prefix list is given a name and is configured within the [edit policy-options] configuration hierarchy.
process-packet-on-backup

Enable packet forward engine to forward packets on backup node for the corresponding service redundancy group. When you configure the process packet on back up option, the Packet Forwarding Engine forwards packets on backup node for the corresponding SRG. This configuration processes VPN packets on the backup node even when the node is not active.
services

Enable IPsec VPN service on a particular SRG.
shutdown-on-failure

Configure one or multiple Interfaces which are required to be shut down to isolate the node in case of internal failures or during software upgrades. During software upgrades, you can divert the traffic by closing down interfaces on the node.
virtual-ip

IP address used for activeness determination and enforcement on the switching side. Required for hybrid and default gateway deployments.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

interface

Release Information

Statement introduced in Junos OS Release 20.4R1.

Multi SRG1s (SRG1+) support is added in Junos OS Release 22.4R1.

install-on-failure-route option is added in Junos OS Release 22.4R2.

Related Documentation