cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

R77.30 High high availability cluster nodes synchronization problem

Hello!
I have a problem with high availability cluster.
After additing 2 gatewalls to cluster have this output cphaprob state on both nodes:
1.PNG2.PNG

There are a lot of solutions when both nodes are down, but i did not find any SK about up nodes.


SmartView monitor show same information about each node

3.PNG

Im sorry if any rules of community was broken by this post, but i really need a help

6 Replies
Highlighted

Re: R77.30 High high availability cluster nodes synchronization problem

Did you enable cluster mode in cpconfig?
Have you pushed policy to both cluster members?
Did you just install a new Jumbo fix?
Push policy again and reboot both members.
Regards, Maarten
0 Kudos
Highlighted
Pearl

Re: R77.30 High high availability cluster nodes synchronization problem

A bit more information is required for us to get an idea of what is going on.

Please describe if:

1. You are creating a cluster from the scratch and both gateways were preconfigured via FTW as a cluster members

2. If you are creating a cluster object and adding to it existing gateways

3. If you have any other check point clusters on the same VLAN

4. What is the cluster's network topology is defined as

Cheers,

Vladimir

0 Kudos
Highlighted

Re: R77.30 High high availability cluster nodes synchronization problem

"1. You are creating a cluster from the scratch and both gateways were preconfigured via FTW as a cluster members

 2. If you are creating a cluster object and adding to it existing gateways"

-I have tried both variants. Same problem each time

"3. If you have any other check point clusters on the same VLAN"

- No i have not

 

"4. What is the cluster's network topology is defined as"
-Simplified network plan:
План.PNG

 

 

 

 

 

0 Kudos
Highlighted

Re: R77.30 High high availability cluster nodes synchronization problem

Check this:

1) ping the cluster member on sync interface and check layer 2 via arp entry:

# ping 192.168.2.101

# arp -an | grep 192.168.2.101

If you see "incompleted" then you have a layer 2 issue.

2) check the cluster ID. It sould the same on both gateways:

# tcpdump -vvv -nn -e -i eth<x> port 8116

3) check CCP protocol

# tcpdump -vvv -nn -e -i eth<x> port 8116

 

Tags (1)
0 Kudos
Highlighted

Re: R77.30 High high availability cluster nodes synchronization problem

Sorry here are the protocol details:

Screenshot_20190406-222507_Chrome.jpg

Tags (1)
0 Kudos
Highlighted

Re: R77.30 High high availability cluster nodes synchronization problem

More infos to CCP protocol and cluster ID here: 

R80.x - cheat sheet - ClusterXL

Tags (1)
0 Kudos