This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
I have maestro security group (R81.10, one site, dual MHO) with shared uplink ports feature disabled; It is using two 4-port LACP bonds. Now I learned about shared uplinks and of course would like my uplinks to be shared - can I somehow convert existing interface configuration to shared one without breaking everything and starting from scratch?
I can't see my scenario there... There is very detailed description what to do if someone is just to create new bond interfaces and security groups, but what if I have my security group already operational and I only want to enable shared links?
Not exactly, the difference is I already have my interfaces configured; Do I have to delete all my interfaces and virtual systems and create them again to enable this feature? it's kind of a nuisance to do in production environment
I have tried this in lab (one mho-140 and two SGs, with R81.10 and old T79 jumbo, and it seems that you dont need to reboot all gateways at once. I have started with one SG with non-shared uplinks (two physical ports, bundled in LACP bond), than set shared-uplinks to enabled for this SG, (still alive!), rebooted one of two gateways, than the second, and everything worked fine, without any traffic interruption/link flap. Second SG was than able to use the same uplinks without any problem.
Of course, it was just my lab - your mileage may vary ; -). But it would be nice if Check Point remembered about the poor admins when writing docs, not like "reboot -b all, what's the problem, do you use our hardware for any serious purpose?"
.png "Wolfgang"){kind=avatar}
