You have been asked to configure traffic to flow between two virtual routers (VRs) residing
on two unique logical systems (LSYSs) on the same SRX5800. How would you accomplish
this task?
A.
Configure an interconnect LSYS to facilitate a connection between LSYS1 and LSYS2
and relevant policies to allow the traffic.
B.
Configure a security policy that contains the context from VR1 to VR2 to permit the
relevant traffic.
C.
Configure a security policy that contains the context from LSYS1 to LSYS2 and relevant
match conditions in the rule set to allow traffic between the IP networks in VR1 and VR2.
D.
Configure logical tunnel interfaces between VR1 and VR2 and security policies that allow
relevant traffic between VR1 and VR2 over that link.
Communication between two LSYSs can be achieved either by a physical cable or via interconnect LSYS. No policy or logical tunnel can do that.
Correct answer: A
Correct Answer is D
http://www.juniper.net/techpubs/en_US/junos15.1×49/topics/concept/logical-systems-interfaces.html
For communication between logical systems on the device to occur, you must configure an lt-0/0/0 interface on each logical system that will use the internal switch, and you must associate it with its peer lt-0/0/0 interface on the interconnect logical system, effectively creating a logical tunnel between them. You define a peer relationship at each end of the tunnel when you configure the logical system’s lt-0/0/0 interfaces.
I believe Mike is right, the correct answer is A.
Look:
…. you must associate it with its peer lt-0/0/0 interface * on the interconnect logical system*.
External device or physical link would be required to interconnect LSYS. Logical tunnel can also be used, but with interconnect LSYS.
I agree correct is A
– KB21260 is for BRANCH device
https://kb.juniper.net/InfoCenter/index?page=content&id=KB21260&actp=search
Here we have an example for High END devices
(Figure 1: Logical Systems, Their Virtual Routers, and Their Interfaces):
http://www.juniper.net/documentation/en_US/junos12.1×47/topics/concept/logical-systems-flow-security.html
another link with similar picture
http://www.juniper.net/documentation/en_US/junos12.1×47/topics/concept/logical-systems-overview.html
Traffic traversed between a Logical System to/from Interconnected Logical System via Logical Tunnel (lt-0/0/0) interfaces. Without having lt-0/0/0 interfaces an interconnected logical system is useless.
Refer to the “network diagram” & configurations here at this document >> https://www.juniper.net/techpubs/en_US/junos12.1×47/topics/example/logical-systems-root-user-vpls-switch.html
Correct answer is D.
Correct answer is A,
Configure an interconnect LSYS—>yes between LSYS
Configure logical tunnel interfaces between VR1 and VR2—>and not between VR (Virtual routing instance)