Bond Load Sharing Mode in Cluster

In Bond Load Sharing A redundant cluster mode, where all Cluster Members process all incoming traffic in parallel. For more information, see "Load Sharing Multicast Mode" and "Load Sharing Unicast Mode". Synonyms: Active/Active, Load Balancing mode. Acronym: LS. mode:

• All subordinate interfaces are active State of a Cluster Member that is fully operational: (1) In ClusterXL, this applies to the state of the Security Gateway component (2) In 3rd-party / OPSEC cluster, this applies to the state of the cluster State Synchronization mechanism., and connections are balanced between the bond subordinate interfaces, similar to the way ClusterXL Cluster of Check Point Security Gateways that work together in a redundant configuration. The ClusterXL both handles the traffic and performs State Synchronization. These Check Point Security Gateways are installed on Gaia OS: (1) ClusterXL supports up to 5 Cluster Members, (2) VRRP Cluster supports up to 2 Cluster Members, (3) VSX VSLS cluster supports up to 13 Cluster Members. Note: In ClusterXL Load Sharing mode, configuring more than 4 Cluster Members significantly decreases the cluster performance due to amount of Delta Sync traffic. Load Sharing balances connections between Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. Members.

• Each connection is assigned to a specific subordinate interface. For the individual connection, only one subordinate interface is active. On failure A hardware or software problem that causes a Security Gateway to be unable to serve as a Cluster Member (for example, one of cluster interface has failed, or one of the monitored daemon has crashed). Cluster Member that suffered from a failure is declared as failed, and its state is changed to Down (a physical interface is considered Down only if all configured VLANs on that physical interface are Down). of that interface, the bond fails over the connection to one of the other subordinate interfaces, which adds the failed interface connection to the connections it is already handling.

• All the subordinate interfaces of a bond must be connected to the same switch. The switch itself must support and be configured for Bonding, by the same standard (for example, 802.3ad, or XOR) as the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. bond.

Important - Bond Load Sharing mode requires SecureXL Check Point product on a Security Gateway that accelerates IPv4 and IPv6 traffic that passes through a Security Gateway. to be enabled on each Cluster Member Security Gateway that is part of a cluster. (this is the default).