Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Noah_T
Participant

Node in down state after vlan addition

Hi Team,

 

I have a Firewall Cluster with 2 gateway's with model SG 4800. An Interface ( eth3 ) was trucked with 3 VLAN's ( 2701,2702,2703) , My change was to add another vlan ( 2651)  to eth3. As soon as I added the vlan config via cli on active node it went to "down" state and the other node was in "active attention". Is it because I was trying to add a vlan number lower than what was already existing ?  After I backed out the configuration the cluster came to normal state.

 

How to overcome this problem ?

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

The lowest number VLAN is used for sync and you're changing that on the fly.
You need to create the VLAN on both appliances, most likely starting with the backup node.
Highly recommend doing this during an outage window just in case.
0 Kudos
Noah_T
Participant

Thank You for your reply. 

Would  below be the right procedure ? 

 

1) Add the vlan config via cli on standby node.

2) Add the vlan config via cli on Active  node.

3) Update the topology details and push policy 

 

a) Will above procedure still break the clusterxl ? 

b) should i stop clusterxl ( clusterxl_admin down)  on standy node and then start the above procedure ? Will this avoid cluster flip ?

0 Kudos
Vladimir
Champion
Champion

If you have a chance to try this during maintenance window:

1. change cluster object topology by defining two "Private" non-monitored interfaces on cluster members

2. push changes and install the policy

3. add interfaces in Gaia starting with standby

4. change cluster object properties by declaring interface as "Clustered" and define VIP

5. install the policy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events