Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Enyi_Ajoku
Collaborator
Jump to solution

SYNC SET-UP

Hello Folks,

I have 2 Data Centers that are about to be built, consultant is recommending having 2 15400 in DC1 and another 2 in DC2. They intend to have VSX configured on both Data Centers, which we would be one cluster with four cluster members.

DC1 and DC2 are miles apart probably 50 miles apart. 

My question is with regards to VSX and sync interface on the 15400.

Consultant intends to take fiber interfaces on the 15400 and use them as SYNC Interfaces/Network. 

Can this be done?

Thank You

1 Solution

Accepted Solutions
Danny
Champion Champion
Champion

Some documents you might want to read regarding max. allowed latency (100ms) and packet loss rate (5%) on your sync network.

ClusterXL R80.10 (Part of Check Point Infinity) Administration Guide 

Synchronizing Connection Information Across the Cluster 

ClusterXL R77 Versions Administration Guide

View solution in original post

0 Kudos
7 Replies
JozkoMrkvicka
Mentor
Mentor

The best would be to use fiber ports. Even better to create bond interface with 1G fibers.

As both nodes are 50 miles apart, switch-in-between needs to be used.

Kind regards,
Jozko Mrkvicka
0 Kudos
Enyi_Ajoku
Collaborator

How do i configure bond for SYNC interface. I can't find this option in vsx_util?

0 Kudos
JozkoMrkvicka
Mentor
Mentor

By using clish commands as is described in Gaia Administration Guide - Chapter "Network Management" - Network Interfaces - Bond Interfaces (Link Aggregation).

How to view details about the bond interface 

Sync Redundancy in ClusterXL 

Kind regards,
Jozko Mrkvicka
0 Kudos
Danny
Champion Champion
Champion

Some documents you might want to read regarding max. allowed latency (100ms) and packet loss rate (5%) on your sync network.

ClusterXL R80.10 (Part of Check Point Infinity) Administration Guide 

Synchronizing Connection Information Across the Cluster 

ClusterXL R77 Versions Administration Guide

0 Kudos
Vladimir
Champion
Champion

While it is not impossible, I question the reason behind this design.

Consider: you will not only have to use Sync between sites, but shuttle internal and external traffic as well, if the cluster is failing over to another site.

So you'll saturate the link with normal site-2-site traffic, sync and everything that normally traversing local VS's.

Depending on link or interface buffer saturation, sync may get deprioritized.

Can someone tell me if I'm off in my assumptions? 

0 Kudos
Colin_Campbell1
Contributor

Hi,

As long as you have reliable layer 2 connectivity between the sites meeting the ClusterXL requirements for timeouts, rtt, packet loss etc, you should be fine. I was running a cluster with one member in LA and the other in Dallas, which is about 2000km.

Enyi_Ajoku
Collaborator

Yes i do, my layer 2 devices are fiber ports and the native sync port on the 15400 are Ethernet ports. Based on the test i've done and to my knowledge the only time this will works is in a fresh install. I tried to change or create a SYNC in my existing VSX infrastructure and that didnt work. But i could assign a different port when i tried it on my fresh out of the box 15400.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events