This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Tuannnnnnnnn
Participant
‎2019-12-17 07:09 AM

ClusterXL HA Bond Monitoring

Hi CheckMates,

We're having a pair of CheckPoint running in ClusterXL HA mode. Each node is connecting to the external Ethernet switches using a two-interface bond, with VLAN interfaces configured on firewall's side (to allow multiple VLANs on this very same bond).

I just want to ask what would be CheckPoint's default behaviour if only one interface of the bond fails on Active device (let's say CP01)? Would that suffice to initiate a failover (to CP02)?

Or, since the VLAN is still active, VLAN monitoring (for lowest and highest VLAN ID) would not detect a failure on CP01 and would not cause a failover?

Given that if the above case causes the Standby unit (CP02) to become Active. If then one interface of the bond on CP02 fails, would it failover back to CP01? (I suppose no)

Both units are CP5600 running R77.30

Thanks in advance.

Best regards

0 Kudos
1 Reply
G_W_Albrecht
Legend
Legend
‎2019-12-17 07:20 AM

Find the details here sk43730: Failover in Bond interface can cause failover in ClusterXL and here sk129672: ClusterXL Bond interface is in "down" state, while CCP works properly !

CCSE CCTE CCSM SMB Specialist
0 Kudos