Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

High Availability

  • Dual-path ICL for MNHA in cloud environments (vSRX)—You can configure dual-path interchassis links (ICLs) with aggregated Ethernet and loopback (lo0) interfaces for public and private cloud Multinode High Availability (MNHA). We recommend loopback interfaces in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) because of aggregated Ethernet interface limitations. In private clouds with kernel-based virtual machine (KVM) or VMware EXSi, configure aggregated Ethernet interfaces for flexible traffic distribution. Use five-tuple hashing for optimal load balancing across Packet Forwarding Engines. This approach improves efficiency and reliability in MNHA.

    [See Multinode High Availability Support for vSRX Virtual Firewall Instances.]

  • Selective session synchronization for MNHA (SRX1600, SRX2300, SRX4100, SRX4120, SRX4200, SRX4300, SRX4600, SRX4700, SRX5400, SRX5600, SRX5800, and vSRX 3.0)—Use selective session synchronization for Multinode High Availability (MNHA) during cold and hot synchronization to optimize performance, reduce redundant state replication, and maintain fine-grained control over synchronization durations. Disable synchronization for short‑lived traffic or defer synchronization with a minimum age. You can configure selective session synchronization using default or user-defined flow profiles. You can disable session synchronization for short-lived sessions by setting session-sync disabled or delay synchronization based on session age by adjusting session-sync-min-age.

    [See Selective Session Synchronization for Multinode High Availability.]