Hello,

Yes ,i know troubleshooting and i know that spare doesnt recieve vrrp message. I know regarding design but what i want to say if lan connection on primary mx fail, or switch or switches where primary connected, we dont have full failover. In the docuemntation it says when stop recieving heartbeats it will become active. It still becomes active, but also active one stays active because it has wan online. If i need to explain more please let me know 

VRRP only occurs on the LAN side of the MX. Do you have redundant links between the MXs and the Switch(es)? If you only have a single LAN link from each MX you'd want to add another to provide some redundancy.

Hello,

Yes i have redundant links, but  unplugg both lan links, and the situatiom is like i described above. Both mx is master because both have access to cloud, only one mx lose its lan cables. I am courios if there is mechanisam if lan communication is down,that mx goes in standby instead staying in master state

The only option at that point is to connect the MXs to each other directly so there's a remaining path for VRRP.

Example

Hello,

Need a little clarification regarding this please . If i provide directly path for VRRP on LAN 3 on both MXs (LAN 1 and LAN2 connected to the stack), when LAN 1 and LAN 2 is disconnected VRRP message will flow through LAN 3 and how failover in this case will be triggered?

VRRP is sent on all links and all VLANs. So yes, in that example of losing LAN 1 & 2 LAN 3 would still carry VRRP packets between the MXs and keep MX1 as primary and MX2 as spare.

Traffic flow of clients downstream would be from the switch up to MX2 then over to MX1 as that would still be the primary unit in the HA pair.

Hello,

Thank you for your answer. So if i understand good, secondary MX2 will start to answer on LAN virtual MAC address even it is in spare state? 

If the MXs are directly connected to each other MX1 would remain primary and therefore retain answering to the virtual MAC.

Hello,

Ok, but MX1 lose LAN connections to the stack. So traffic from client pointing on LAN virtual MAC address doesnt have path to the MX1 if i understand good.

Hello,

Both MXs redunandt cable to one of the stack member.

Hello,

I agree with designs for 2 simultaneouse failures. But in theory it is possible. Anyway maybe some people have just 1 switch for lan communication maybe in that case have more sense and want to avoid STP so they connect just one link.. Anyway when this scenario happend in the portal both HA member becomes muster.Spare member starty to reply on his LAN interface, but spoke communication going through AutoVPN stopped working when this happend (active lose LAN connections).