Configuring Duration of Forced Failover in High Availability Mode

Description

In the ClusterXLClosed Cluster of Check Point Security Gateways that work together in a redundant configuration. The ClusterXL both handles the traffic and performs State Synchronization. These Check Point Security Gateways are installed on Gaia OS: (1) ClusterXL supports up to 5 Cluster Members, (2) VRRP Cluster supports up to 2 Cluster Members, (3) VSX VSLS cluster supports up to 13 Cluster Members. Note: In ClusterXL Load Sharing mode, configuring more than 4 Cluster Members significantly decreases the cluster performance due to amount of Delta Sync traffic. High AvailabilityClosed A redundant cluster mode, where only one Cluster Member (Active member) processes all the traffic, while other Cluster Members (Standby members) are ready to be promoted to Active state if the current Active member fails. In the High Availability mode, the Cluster Virtual IP address (that represents the cluster on that network) is associated: (1) With physical MAC Address of Active member (2) With virtual MAC Address. Synonym: Active/Standby. Acronym: HA. mode, you can force the current ActiveClosed State of a Cluster Member that is fully operational: (1) In ClusterXL, this applies to the state of the Security Gateway component (2) In 3rd-party / OPSEC cluster, this applies to the state of the cluster State Synchronization mechanism. cluster memberClosed Security Gateway that is part of a cluster. to fail over to the specified clusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. member for the specified number of miniutes.

After the specified duration ends, or after you manually disable the forced failoverClosed Transferring of a control over traffic (packet filtering) from a Cluster Member that suffered a failure to another Cluster Member (based on internal cluster algorithms). Synonym: Fail-over., the cluster recovers based on the mode you configured in the cluster object:

  • Primary Up - The cluster fails over to the cluster member that is configured as primary (if it is not currently Active).

  • Active Up - The current Active cluster member remains Active.

Syntax

Shell

Command

Gaia ClishClosed The name of the default command line shell in Check Point Gaia operating system. This is a restricted shell (role-based administration controls the number of commands available in the shell).

set cluster force_failover member_id <ID> {time <Minutes> on | off}

Expert mode

cphaconf force_failover member_id <ID> {time <Minutes> on | off}

Parameters

Parameter

Description
<ID>

Specifies the ID of the cluster member, to which the current Active cluster member must fail over.

See Viewing Cluster State.
off

Disables the forced failover.
on

Enables the forced failover.