Technical data

ManualsBrandsCheck Point Software Technologies ManualsNetworkingVSX-1 3070

131

132

133

134

135

136

137

138

139

140

Working with Link Aggregation

Check Point VSX Administration Guide NGX R67 | 134

 Up to eight interfaces can be defined in a Link Aggregation deployment.

Configuring Link Aggregation for High Availability

This section explains how to create a new High Availability Link Aggregation deployment. A new deployment

contains no VSX gateways, cluster objects or Multi-Domain Security Management Domains. Do these

procedures in sequence:

Deployment Tasks

Creating a New Deployment 134

Upgrading an Existing Deployment 135

Creating a New Deployment

Deployment Tasks:

Defining the Interface Bond 134

Defining Slave Interfaces as Disconnected 134

Verifying that the Bond is Functioning Properly 135

Creating the Cluster. 135

Defining the Interface Bond

When the slave interfaces are without IP addresses, define the bond:

1. Start the SecurePlatform configuration utility:

sysconfig

2. Select Network Connections.

3. Select Add new connection.

4. Select Bond.

5. For each interface to be enslaved under the bond, type its number in the list, and press Enter.

6. Enter n to go to the next step.

7. Select High Availability.

8. Choose whether to use default parameters (recommended) or to customize them.

9. Choose whether to set a primary slave interface, or not (recommended).

A primary slave interface, after failing and coming back up, automatically returns to Active status, even if

failover to the other interface occurred. If there is no primary interface, failover causes the other interface

to become active and remain so until it fails.

10. Define the IP address and network mask of the new interface bond.

11. Exit the SecurePlatform configuration utility.

Defining Slave Interfaces as Disconnected

In a bond, slave interfaces should be configured as disconnected. Disconnected interfaces are cluster

member interfaces that are not monitored by the ClusterXL mechanism. If a disconnected interface fails,

failover does not occur.

To define a slave interface as disconnected in SecurePlatform:

1. On the cluster member machine, open the file named discntd.if in the directory $FWDIR/conf/ in a text

editor. If this file does not yet exist, you need to create it.

2. Enter the name of each physical interface contained in the bond on a separate line, as shown in the

following example: