Configuring a Unique IP address per Chassis (UIPC)

Description

In dual-Chassis deployment:

• A heavy load on the active Chassis can prevent you from making a network connection to the SMO and implementing management tasks.
• You may also require direct access to the standby Chassis to trouble-shoot a problem, such as an SGM that is down. (You cannot use the SMO to connect to the standby Chassis).

These two scenarios can be solved by assigning a unique IP address to each Chassis. Assigning a unique IP address to each chassis adds an extra alias IP to the management interfaces on all SGMs in the chassis.

• If there is a high load on the SMO, connect using the unique IP assigned to the standby chassis. The SGMs on the standby chassis are always UP and available to run gclish management commands.
• When you need to connect directly to the standby chassis, use the standby chassis’ unique IP.

  Notes

• Similar to the SMO mechanism, only one SGM owns the UIPC task
• The UIPC feature is disabled by default
• If the 61000/41000 Security System is not managed by a management port, the unique IP can be added to one of the data ports.

Syntax set chassis id <Chassis_id> general unique_ip <ip_addr>

delete chassis id <Chassis_id> general unique_ip

show chassis id <Chassis_id> general unique_ip

In gclish, run:

Manual configuration

Although the UIPC feature is automatically enabled when you run the configuration commands, you can also manually enable or disable it:

• To manually enable UIPC, run: g_fw ctl set int fwha_uipc_enabled 1
• To manually disable UIPC run: g_fw ctl set int fwha_uipc_enabled 0

Example 1 set chassis id 1 general unique_ip 172.16.6.186

Output

>set chassis id 1 general unique_ip 172.16.6.186

Adding alias IP: 172.16.6.186 to chassis 1

Alias IP was added successfully

Example 2 delete chassis id 1 general unique_ip

Output

>delete chassis id 1 general unique_ip

Deleting alias IP 172.16.6.186 of chassis 1

Alias IP was deleed successfully