This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
dinkoctlui
Explorer
‎2020-06-02 06:46 AM

R80.40 southbound Geo Cluster hide nat in AWS environment

Hello

We've deployed a R80.40 southbound Geo Cluster in AWS environment for dealing with east-west and egress Internet traffics.

We don't want to hide nat AWS east-west traffics but only hide nat Internet egress traffics.

My nat policy is in attachment

02-06-2020 15-37-18.png

Every thing works well until I test failover 😞

After the geo cluster failover, egress Internet traffics always match nat rule#4, so making no access to Internet ...

Some one can help ...

0 Kudos
Reply
2 Replies
HeikoAnkenbrand
Champion
Champion
‎2020-06-02 08:36 AM

Hi @dinkoctlui,

You can test the following!

A) Check the cluster failover:

  1) Run the script with this command (do not change the syntax):
  # $FWDIR/scripts/azure_ha_test.py
  2) If all tests were successful, this shows: All tests were successful!
      Otherwise, an error message is displayed with information to troubleshoot the problem.
  3) Simulate a cluster failover. For example, shut down the internal interface of the active cluster member:
      # ip link set dev eth1 down/up
      or
      # clusterXL_admin down/up

B) Use an automatic hide NAT rule on the cluster object!
Hide_NAT.JPG

0 Kudos
Reply
vivekanand
Explorer
‎2020-06-24 12:07 PM

Hello,

Did you find a solution to your problem? I am currently trying to deploy a similar architecture and curious to know if your issue is fixed.

 

Regards,

Vivek

 

 

0 Kudos
Reply