|
|
|
ClusterXL supports Dynamic Routing (Unicast and Multicast) protocols as an integral part of Gaia. As the network infrastructure views the clustered Security Gateway as a single logical entity, failure of a Cluster Member will be transparent to the network infrastructure and will not result in a ripple effect.
All Cluster Members use the cluster IP address(es).
Routing information is synchronized among the Cluster Members using the Forwarding Information Base (FIB) Manager process. This is done to prevent traffic interruption in case of failover, and used for Load Sharing and High Availability modes. The FIB Manager is the responsible for the routing information.
The FIB Manager is registered as a critical device (Pnote), and if the slave goes out of sync, a Pnote will be issued, and the slave member will go down until the FIB Manager is synchronized.
Dynamic Routing on ClusterXL avoids creating a ripple effect upon failover by informing the neighboring routers that the router has exited a maintenance mode. The neighboring routers then reestablish their relationships to the cluster, without informing the other routers in the network. These restart protocols are widely adopted by all major networking vendors. The following table lists the RFC and drafts compliant with Check Point Dynamic Routing:
Protocol |
RFC or Draft |
|---|---|
OSPF LLS |
draft-ietf-ospf-lls-00 |
OSPF Graceful restart |
RFC 3623 |
BGP Graceful restart |
draft-ietf-idr-restart-08 |
The components listed above function "behind-the-scenes". When configuring Dynamic Routing on ClusterXL, the routing protocols automatically relate to the cluster as they would to a single device.
When configuring the routing protocols on each cluster member, each member is defined identically, and uses the cluster IP address(es) (not the member physical IP address). In the case of OSPF, the router ID must be defined and identical on each cluster member. When configuring OSPF restart, you must define the restart type as signaled or graceful. For Cisco devices, use type signaled.
The same configuration has to be applied to each cluster member.
For detailed information regarding Dynamic Routing, see the R80.10 Gaia Advanced Routing Administration Guide.
