Virtual Switches in a VSX Cluster

In a VSXClosed Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing., Virtual Switches are also clustered for redundancy and are defined as Active/Active.

The physical interface connected to the Virtual SwitchClosed Virtual Device on a VSX Gateway or VSX Cluster Member that functions as a physical switch. Acronym: VSW. is monitored by means of the Cluster Control Protocol (CCP).

In the event of a failover, all Virtual Systems on the Standby VSX Cluster MemberClosed Security Gateway that is part of a cluster. become Active, and send Gratuitous ARP Requests from the warp interface between the Virtual SystemClosed Virtual Device on a VSX Gateway or VSX Cluster Member that implements the functionality of a Security Gateway. Acronym: VS. and the Virtual Switch.

Item

Description

1

Active VSX Cluster Member

2

Standby VSX Cluster Member

3

Virtual Switch Cluster

4

Active Virtual Switch

5

Virtual System 1

Physical Link

Warp LinkClosed Logical interface that is created automatically in a VSX topology between: (1) Virtual System and Virtual Switch (2) Virtual System and Virtual Router. Acronym: WRP.

In the above figure, a simplified VSX Cluster contains two VSX Cluster Members, one Active, and the other Standby.

The Virtual Switches within each VSX Cluster are Active/Active.

When the physical interface connected to either Virtual Switch fails to respond, a failover occurs.