Hi CheckMates,

We're having a pair of CheckPoint running in ClusterXL HA mode. Each node is connecting to the external Ethernet switches using a two-interface bond, with VLAN interfaces configured on firewall's side (to allow multiple VLANs on this very same bond).

I just want to ask what would be CheckPoint's default behaviour if only one interface of the bond fails on Active device (let's say CP01)? Would that suffice to initiate a failover (to CP02)?

Or, since the VLAN is still active, VLAN monitoring (for lowest and highest VLAN ID) would not detect a failure on CP01 and would not cause a failover?

Given that if the above case causes the Standby unit (CP02) to become Active. If then one interface of the bond on CP02 fails, would it failover back to CP01? (I suppose no)

Both units are CP5600 running R77.30

Thanks in advance.

Best regards