R80.40 southbound Geo Cluster hide nat in AWS environment
We've deployed a R80.40 southbound Geo Cluster in AWS environment for dealing with east-west and egress Internet traffics.
We don't want to hide nat AWS east-west traffics but only hide nat Internet egress traffics.
My nat policy is in attachment
Every thing works well until I test failover 😞
After the geo cluster failover, egress Internet traffics always match nat rule#4, so making no access to Internet ...
Some one can help ...
You can test the following!
A) Check the cluster failover:
1) Run the script with this command (do not change the syntax):
2) If all tests were successful, this shows: All tests were successful!
Otherwise, an error message is displayed with information to troubleshoot the problem.
3) Simulate a cluster failover. For example, shut down the internal interface of the active cluster member:
# ip link set dev eth1 down/up
# clusterXL_admin down/up
B) Use an automatic hide NAT rule on the cluster object!
➜ CCSM Elite, CCME, CCTE