This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Pathy
Participant
‎2018-09-12 04:16 AM

vrrp high availability topology

Is there any procedure to add or remove an interface in vrrp high availability topology without cause fail-over?

0 Kudos
6 Replies
Danny
Champion
Champion
‎2018-09-12 04:43 AM

Sure. First stop the standby member (or disconnect / shut down it's network interfaces) so that it cannot become active. Then remove the interface on the active and stopped standby member. Finally start the standby member again. Adjust the cluster topology within your SmartCenter as well and push policy.

Pathy
Participant
‎2018-09-12 04:50 AM
In response to Danny

Thank you for the reply

To stop the standby, is there an equivalent cmd like for clusterXL mode (clusterXL_admin up/down)?

0 Kudos
Danny
Champion
Champion
‎2018-09-12 05:07 AM
In response to Pathy

Not that I know of. I'd simply use cpstop/cpstart.

Maarten_Sjouw
Champion
Champion
‎2018-09-12 11:20 AM
In response to Pathy

On the backup gateway use the command:

set vrrp disable-all-virtual-routers on

Now make the changes you want, if you need to remove an interface from the list, first do it from the backup, then you don't need the above command either. Once your done just send the same command with off at the end.

Regards, Maarten
Pathy
Participant
‎2018-09-13 07:27 AM

Thanks all for your contributions

I was able to add a new interface without any issue. I used finally clusterXL_admin command 

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2018-09-13 10:16 AM
In response to Pathy

Just so you know, VRRP will only take notice of that state if FW monitor is on. set vrrp disable-all-virtual-routers will really make sure VRRP will be admin down and clusterXL_admin doen will only put that system in problem state not in down state.

Regards, Maarten

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫