The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
|
ClusterXL in High Availability mode starts passing traffic only if TCPdump is started
|
Technical Level
|
| Solution ID |
sk107496 |
| Technical Level |
|
| Product |
ClusterXL |
| Version |
All |
| Platform / Model |
All |
| Date Created |
27-Aug-2015
|
| Last Modified |
08-Feb-2017
|
Symptoms
Traffic does not pass through ClusterXL in High Availability mode in the following example topology:
Client --- (int.) [ClusterXL] (ext.) --- [Router] --- Server
Traffic capture (tcpdump) on the inbound interface (int.) of cluster members (pointing to the Client) showed that the traffic enters the cluster.
Connections between the Client and the Server were established as soon as TCPdump was started on the outbound interface (ext.) of cluster members (pointing to the Server).
The moment the TCPdump on the outbound interface was stopped, the connections were broken.
Traffic capture (tcpdump) on the outbound interface (ext.) of cluster members (pointing to the Server) with addition of "-e" flag (to see the MAC addresses) showed that the next hop Router replied to the physical MAC address of Standby cluster member instead of MAC address associated with ClusterXL Virtual IP address:
[Expert@HostName]# tcpdump -nei <Interface_Name> <IP_Address_of_Server>
Cause
The next hop Router has the wrong route and/or ARP entry defined.
Note: Running tcpdump on an interface puts the interface in promiscuous mode - the interface will accept all traffic it receives on the network.
Solution
|
Note: To view this solution you need to
Sign In
.
|
