Technical data

Working with Link Aggregation
Check Point VSX Administration Guide NGX R67 | 139
b) Enter 2 and configure the following settings as required:
MII Monitoring Interval: Specifies the MII link monitoring frequency in milliseconds. This
determines how often the link state of each slave is inspected for link failures. A value of zero
disables MII link monitoring. The default value of 100 ms is a good starting point.
Up Delay: This option is only valid for MII link monitoring. Specifies the time, in ms, before
enabling a slave interface upon link recovery. The value should be a multiple of the MII
Monitoring Interval value. If not, it is automatically rounded down to the nearest multiple
(default = 200 ms).
Down Delay: This option is only valid for MII link monitoring. Specifies the time, in ms, before
enabling a slave interface upon link failure. The value should be a multiple of the MII
Monitoring Interval value. If not, it is automatically rounded down to the nearest multiple.
(default = 200 ms)
LACP Rate: Transmission frequency of LACPDU packets in 802.3ad mode (Default = Slow - 30
seconds).
10. To assign an IP address at this time. Enter n to continue. You assign the IP address using
SmartDashboard at a later stage.
New connection 'bond0' has been created!
Do you want to assign an IP address to this bond? (y/n)
[y]: n
11. Repeat this procedure for each member.
Defining Slave Interfaces as Disconnected
In a bond, slave interfaces should be configured as disconnected. Disconnected interfaces are cluster
member interfaces that are not monitored by the ClusterXL mechanism. If a disconnected interface fails,
failover does not occur.
To define a slave interface as disconnected in SecurePlatform:
1. On the cluster member machine, open the file named discntd.if in the directory $FWDIR/conf/ in a text
editor. If this file does not yet exist, you need to create it.
2. Enter the name of each physical interface contained in the bond on a separate line, as shown in the
following example:
pimreg
eth5
eth6
3. Repeat this process for each member.
Setting Critical Required Interfaces
A bond in Load Sharing mode is considered to be down when fewer than a critical minimum number of slave
interfaces remain up.
When not explicitly defined, the critical minimum number of interfaces in a bond of n interfaces is n-1.
Failure of a second interface will cause the entire bond to be considered down, even if the bond contains
more than two interfaces.
If a smaller number of interfaces will be able to handle the expected traffic, you can increase redundancy by
explicitly defining the number of critical interfaces. Divide your maximal expected traffic speed by the speed
of your interfaces and round up to a whole number to determine an appropriate number of critical interfaces.
To explicitly define the number of critical interfaces, create and edit the following file:
$FWDIR/conf/cpha_bond_ls_config.conf
Each line of the file should be of the following syntax:
<bondname> <critical#>
For example, if bond0 has seven interfaces and bond1 has six interfaces, file contents could be:
bond0 5