cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Checkpoint cluster query

Hi all

If we have a firewall in cluster with multicast mode and active/active setup.

If some how sync interface will disconnected.

In this scenario traffic will pass with which gateway.

Will it use pivate number or any other thing it will decide to pass the packet?

Please explain the same.

0 Kudos
4 Replies
Danny
Pearl

Re: Checkpoint cluster query

In the event of a sync failure on a Load Sharing cluster it’s very likely that only the pivot will remain in ‚active attention‘ while the others are in ‚problem‘ state. Depending on the type of issue also all cluster nodes could be ‚active attention‘. Without sync you‘ll then have network issues. Therefore make sure to read sk92804 for sync redundancy options.

JozkoMrkvicka
Platinum

Re: Checkpoint cluster query

And what about ClusterXL HA in active/standby mode? In case sync between nodes is managed by single cable from one node to another ? Once the cable is broken/unplugged, it should cause both members to become Active (split brain), or?

Kind regards,
Jozko Mrkvicka
0 Kudos

Re: Checkpoint cluster query

In your scenario your Active Firewall become in Active and in cluster status your it will show active attention and secondary device will show in down state.

it will never become Active/active after disconnecting sync cable

0 Kudos

Re: Checkpoint cluster query

But I guess Pivot table works in Unicast only, correct me if I am wrong

0 Kudos