Technical data

ManualsBrandsCheck Point Software Technologies ManualsNetworkingVSX-1 11060

111

112

113

114

115

116

117

118

119

120

Managing VSX Clusters

Check Point VSX Administration Guide NGX R67 | 119

command enables the action and the next occurrence disables it. These options his allow you to efficiently

debug very long configuration files by displaying or logging only suspicious sections of the data.

Command

Action

!comments

Sequentially displays comment lines (those preceded with the '#' character)

contained in the configuration file. You can insert comments into the configuration

file to indicate which virtual systems are currently being processed or to provide

status information as the parser processes the data.

!verbose

Displays whether or not each data line has been successfully verified and the

configuration parameters for each Virtual System.

!log

Saves !comments and !verbose information in the vsx_util.log file.

Importing a VSLS configuration

To import a VSLS configuration from a text file:

1. From the VSLS menu, select "5. Import configuration from a file".

2. Enter the file name, include its fully qualified path, for example:

/home/admin/MyConfiguration

3. At the "Save & apply configuration ?" prompt, enter "y" to continue.

During the import process, the parser reads the configuration file and attempts to validate the contents.

Errors are displayed on the screen together with the offending line number. If either the !comments or

!verbose processing options are enabled, the appropriate information appears on the screen.

The process update process may take several minutes or longer to complete, depending on the quantity of

Virtual Systems, Domain Management Servers and cluster members.

Configuring Virtual Systems in Bridge Mode

This section presents configuration information and procedures for Virtual Systems in the Bridge mode. By

implementing native layer-2 bridging instead of IP routing, you can add Virtual Systems without affecting the

existing IP structure.

When in the Bridge mode, Virtual System interfaces do not require IP addresses. You may optionally assign

an IP address to the Virtual System itself (not the interfaces) to enable layer-3 monitoring. This feature

enhances network fault detection.

VSX supports the following Bridge mode models:

 STP Bridge Mode: Provides redundancy while preventing undesirable loops between redundant

switches.

 Active/Standby Bridge Mode: Provides path redundancy and loop prevention, while offering seamless

support for Virtual System Load Sharing and overcoming many of the limitations of STP.

Overview

STP Bridge Mode

This section presents the procedures for enabling and configuring the STP Bridge mode for Virtual Systems

and VSX gateways.

Defining the Spanning Tree Structure

Define and configure the Spanning Tree structure according to your network requirements. Please refer to

your hardware documentation for the specific procedures for your network deployment.