Benutzer-Werkzeuge
Seitenleiste
Dies ist eine alte Version des Dokuments!
Inhaltsverzeichnis
Cluster XL
ClusterXL Modes
- Load Sharing Multicast Mode (multicast MAC-address)
- Load Sharing Unicast Mode (highest prio member = pivot)
- New High Availability Mode (VIP, gratuitous ARP)
- High Availability Legacy Mode (shared IP and shared MAC)
Mode Comparison
| Legacy High Availability | New High Availability | Load Sharing Multicast | Load Sharing Unicast | |
|---|---|---|---|---|
| High Availability | yes | yes | yes | yes |
| Load Sharing | no | no | yes | yes |
| Performance | good | good | excellence | very good |
| Hardware Support | all | all | not all routers are supported | all |
| SecureXL Support | yes | yes | yes, with Performance Pack or SecureXL Turbocard | yes |
| State Sync Mandatory | no | no | yes | yes |
| VLAN Tagging Support | yes | yes | yes | yes |
Befehele
cphaprob –a if - Zeigt an, welche Interfaces für synchromisation konfiguriert wurden, ob broadcast oder multicast mode gewählt ist.
cphaprob state - Zeigt den Status der State-Synchronization und den Status der Cluster-Knoten an.
cphaprob list - Zeigt den Status der vom Cluster überwachten 'Devices' detailliert, zum Beipiel der Prozesse.
cpstat ha –f all | more - Zeigt den Status der vom Cluster überwachten 'Devices' in einer Übersicht, zum Beipiel der Prozesse.
fw ctl pstat - Übersiucht der State Sync Kommunikation. (sk34476)
cphaconf set_ccp broadcast|multicast - To change the CCP mode between broadcast and multicast.
ClusterXL und VRRP
Erlauben, dass Mnitoring auch passive Knoten über VPN abfragen kann:
Forward Cluster incoming traffic to cluster members IP Address
Ping auf Standby Knoten
Ping auf VIP und physikalische IP gleichzeitig erlauben:
fw ctl set int fw_allow_simultaneous_ping 1.
Sticy Descission Function
A connection is considered sticky when all of its packets are handled, in either direction, by a single cluster member. This is the case in High Availability mode, where all connections are routed through the same
cluster member, and hence, sticky. This is also the case in Load Sharing mode when there are no VPN
peers, static NAT rules or SIP.
In Load Sharing mode, however, there are cases where it is necessary to ensure that a connection that
starts on a specific cluster member will continue to be processed by the same cluster member in both
directions. To that end, certain connections can be made sticky by enabling the Sticky Decision Function.
Note - For the latest information regarding features that require sticky connections, refer to the
The Sticky Decision Function has the following limitations:
- Sticky Decision Function is not supported when employing either Performance Pack or a hardware-based accelerator card. Enabling the Sticky Decision Function disables these acceleration products.
- When the Sticky Decision Function is used in conjunction with VPN, cluster members are prevented from opening more than one connection to a specific peer. Opening another connection would cause another SA to be generated, which a third-party peer, in many cases, would not be able to process.
Seiten-Werkzeuge
