Although CCP mode is set to Broadcast, Delta Sync packets are sent over Sync interface(s) as multicast

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk101132
Technical Level
Product	ClusterXL, Cluster - 3rd party
Version	R75.40VS, R75.45, R75.46, R75.47, R76, R77, R77.10, R77.20
OS	Gaia, SecurePlatform 2.6
Platform / Model	All
Date Created	02-Jun-2014
Last Modified	22-May-2017

Symptoms

Although CCP mode is set to Broadcast, Delta Sync packets are sent over Sync interface(s) as multicast.

Example of traffic capture:

23:59:07.048746 00:00:00:00:fe:01 > 01:00:5e:07:07:fa, ethertype IPv4 (0x0800), length 82: 0.0.0.0.cp-cluster > 7.7.7.0.cp-cluster: UDP, length 40
23:59:07.048805 00:00:00:00:fe:01 > 01:00:5e:07:07:fa, ethertype IPv4 (0x0800), length 82: 0.0.0.0.cp-cluster > 7.7.7.0.cp-cluster: UDP, length 40
23:59:07.120890 00:00:00:00:88:00 > 01:00:5e:07:07:fa, ethertype IPv4 (0x0800), length 76: 0.0.0.0.cp-cluster > 7.7.7.0.cp-cluster: UDP, length 34

Connections initiated from the Standby member (e.g., SSH, FTP) in ClusterXL High Availability might time out when the value of kernel parameter "fwha_sync_broadcast_ack" is set to "1" per sk20576 (at least on the Active member).
SSH connection fails (times out) in the following topology:
Host --> (int)[Active](ext) --> [switch] --> (ext)[Standby]
Traffic capture and cluster debug ('fw ctl debug -m cluster + forward') show that the SSH packet reaches the Active member and forwarded to the Standby over the Sync network (as designed).
However, Standby does not respond to this SSH connection.

Cause

By the current design, setting CCP mode to Broadcast is not applied to Sync interfaces.

Solution

Note: To view this solution you need to Sign In .