Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Satya2021
Contributor

Traffice passing through one SGM not second SGM under Maestro Setup

We have implemented Maestro Setup with R81.10 jhf take 94 and put in production and checked that everything was working fine and after 4 hours we have rebooted both SGM (Module 6600) after came Active/Active internet was very slow as not able to browser properly  after troubleshooting i found that I get cpstop or clusterXL_admin -b 1_01 down then internet is working properly as expected.

it means internet and all application are working excellent with one SGM if both SGM comes Actove/Active then everything slow.

 

please provide any solution  

0 Kudos
8 Replies
Yair_Shahar
Employee
Employee

Hi,

 

Do you see any drops?

Do you have high traffic volume?

Do you have NAT?

Traffic Distribution is set by policy (default config)?

 

Yair

0 Kudos
Satya2021
Contributor

Hi Yair,

No high traffic volume...very less traffic

Only Hide behind NAT using to go on internet 

[Global] HO-GW-ch01-02> show distribution interface bond2 configuration
1_01:
Member 192.0.2.1 is down. See "/var/log/messages".

1_02:
policy-external

[Global] HO-GW-ch01-02>

0 Kudos
Satya2021
Contributor

[Global] HO-GW-ch01-02> show distribution status
distribution:
l4_mode: 'on'
mode: per-port
matrix:
actual_size: '512'
ports:
eth1-06: policy-external
eth1-07: policy-external
eth2-06: policy-external
eth2-07: policy-external

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Have you tested without L4 distribution?

https://community.checkpoint.com/t5/Maestro/Layer-4-Distribution-Yes-or-No/m-p/154974

CCSM R77/R80/ELITE
0 Kudos
Yair_Shahar
Employee
Employee

No internal interfaces set in topology?

0 Kudos
Satya2021
Contributor

No internal interfaces set in topology because we have only three interfaces( 2 ISP(External), one Management) interface) and it took automatically external distribution

[Global] HO-GW-ch01-02> show distribution l4-mode
1_01:
Member 192.0.2.1 is down. See "/var/log/messages".

1_02:
L4 Distribution: Enabled

[Global] HO-GW-ch01-02> show distribution interface bond2 configuration
1_01:
Member 192.0.2.1 is down. See "/var/log/messages".

1_02:
policy-external

[Global] HO-GW-ch01-02> show distribution configuration
Distribution Mode: auto-topology (per-port)

 

 
0 Kudos
Yair_Shahar
Employee
Employee

Was this one resolved?

0 Kudos
Satya2021
Contributor

Yes, issue was resolved.

We have created 3 interface Magg1(User are sitting- for going internet), bond2(ISP-External) and Bond3(ISP-External)

now if user sitting on Magg interface on Maestro then Internet traffic will not  distribute between both SGM and if we want to forward data traffic on Magg1so we have to follow below sk179005

g_fw -a ctl set int fwha_data_mgmt_connection 1

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

 
Upcoming Maestro Events