R81.10 ClusterXL Administration Guide

ClusterXL Mode Comparison

This table summarizes the similarities and differences between the ClusterXL Cluster of Check Point Security Gateways that work together in a redundant configuration. The ClusterXL both handles the traffic and performs State Synchronization. These Check Point Security Gateways are installed on Gaia OS: (1) ClusterXL supports up to 5 Cluster Members, (2) VRRP Cluster supports up to 2 Cluster Members, (3) VSX VSLS cluster supports up to 13 Cluster Members. Note: In ClusterXL Load Sharing mode, configuring more than 4 Cluster Members significantly decreases the cluster performance due to amount of Delta Sync traffic. modes.

Feature	High Availability	Load Sharing Multicast	Load Sharing Unicast	Active-Active
High Availability A redundant cluster mode, where only one Cluster Member (Active member) processes all the traffic, while other Cluster Members (Standby members) are ready to be promoted to Active state if the current Active member fails. In the High Availability mode, the Cluster Virtual IP address (that represents the cluster on that network) is associated: (1) With physical MAC Address of Active member (2) With virtual MAC Address. Synonym: Active/Standby. Acronym: HA.	Yes	Yes	Yes	No
Load Sharing A redundant cluster mode, where all Cluster Members process all incoming traffic in parallel. For more information, see "Load Sharing Multicast Mode" and "Load Sharing Unicast Mode". Synonyms: Active/Active, Load Balancing mode. Acronym: LS.	No	Yes	Yes	No
Performance	Good	Excellent	Very Good	Good
State Synchronization Technology that synchronizes the relevant information about the current connections (stored in various kernel tables on Check Point Security Gateways) among all Cluster Members over Synchronization Network. Due to State Synchronization, the current connections are not cut off during cluster failover.	Optional	Mandatory	Mandatory	Optional
Hardware Support	All routers	Not all routers are supported	All routers	All routers
Number of members that deal with network traffic	1	N	N	N
Number of members that receive packets from router	1	N	1	N
How cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. answers ARP requests for a MAC address	Unicast	Unicast	Unicast	N / A
VLAN Tagging Support	Yes	Yes	Yes	Yes

24 January 2025

© 2021 - 2025 Check Point Software Technologies Ltd.