This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
TomShanti
Collaborator
‎2019-10-24 08:22 AM

CCP packets sent to network address instead of broadcast address

Hi,

my GW cluster is R80.10. I captured the following CCP traffic on one interface:

Network: 192.168.60.64/27

VIP: 192.168.60.65/27

Member1:  192.168.60.66/27

Member2:  192.168.60.67/27

 

Packets captured:

Source: 0.0.0.0 -> Destination: 192.168.60.64 - Port UDP8116

 

From all SKs and infos I read about CCP the packets should go to the broadcast IP 192.168.60.95, right ?

 

Regards Tom

 

Reply
2 Replies
HeikoAnkenbrand
Champion
Champion
‎2019-10-24 09:20 AM

Hi @TomShanti 

That's all correct.

With Broadcast CCP the network IP address is always used as destination. In your case 192.168.60.64. It's not layer 3 broadcast, it's layer 2  broadcast.

Here only the broadcast MAC ff:ff:ff:ff:ff:ff is used.

Screenshot_20191024-183816_Edge.jpg

Here I describe the important broadcast and multicast CCP parameters in a picture. More read here. 

R80.x - cheat sheet - ClusterXL

 

0 Kudos
Reply
TomShanti
Collaborator
‎2019-10-31 09:20 AM
In response to HeikoAnkenbrand

Hi Heiko,

still not sure if this is correct 🙂

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

Cause

Check Point CCP packets are not able to pass through the switch when CCP is working in multicast mode (by default, the destination IP address of CCP packets is broadcast IP address for the relevant subnet).

 

All my readings say "broadcast IP" not "network IP".

 

Regards 

Tom

0 Kudos
Reply