ClusterXL Load Sharing mode is available in R80.20 and above, as follows:
- ClusterXL in Load Sharing mode is not supported with IPSec VPN blade enabled (this limitation does not apply to VSX in VSLS mode)
- Jumbo Hotfix has to be installed both on Security Gateway and Security Management/Multi-Domain Management server.
- Starting from R80.20, the ccl_force_sticky kernel parameter must be set to 1 (in fwkern.conf) on all cluster members.
- Note: The flag is on by default in versions:
R80.40 since Jumbo Hotfix take 26
R80.30 since Jumbo Hotfix take 169
R80.20 since Jumbo Hotfix 146
How to unblock ClusterXL Load Sharing mode on the Security Management:
Client side (Windows):
- Open system properties.
- In Advance tab click on "Environment Variables".
- Change ENABLE_CLUSTER_LOAD_SHARING_R80_20 variable to 1.
- Note: Exactly the same variable is used for versions R80.20 and above.
- Save changes.
- Restart your computer.
Server side (Management):
- Edit the cpm.sh file:
Go to the end of the file and find the last line with exec command: "exec $JAVA_HOME/bin/java ..."
Before that line add: export ENABLE_CLUSTER_LOAD_SHARING_R80_20=1
Save the change of the script
- For Security Management server file location is: $FWDIR/scripts/cpm.sh
- For Multi-Domain Management server file location is: $MDS_FWDIR/scripts/cpm.sh
Note: Both the environment variables, on the Windows client and on the Management server must be set.
sk101539 - ClusterXL Load Sharing mode limitations and important notes
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.