ClusterXL Configuration Commands

Description

These commands let you configure internal behavior of the Clustering Mechanism.

Important:

We do not recommend that you run these commands. These commands must be run automatically only by the Security Gateway or the Check Point Support.
In a Cluster, you must configure all the Cluster Members in the same way.

Syntax

Notes:

In Gaia Clish:

Enter the set cluster<ESC><ESC> to see all the available commands.
In Expert mode:

Run the cphaconf command see all the available commands.

You can run the cphaconf commands only from the Expert mode.
Syntax legend:
1. Curly brackets or braces { }:
  
  Enclose a list of available commands or parameters, separated by the vertical bar |, from which user can enter only one.
2. Angle brackets < >:
  
  Enclose a variable - a supported value user needs to specify explicitly.
3. Square brackets or brackets [ ]:
  
  Enclose an optional command or parameter, which user can also enter.
You can include these commands in scripts to run them automatically.

The meaning of each command is explained in the next sections.

Table: ClusterXL Configuration Commands
Description of Command	Command in Gaia Clish	Command in Expert Mode
Configure how to show the Cluster Member in local ClusterXL logs - by its Member ID or its Member Name (see Configuring the Cluster Member ID Mode in Local Logs)	`set cluster member idmode {id \| name}`	`cphaconf mem_id_mode {id \| name}`
Register a single Critical Device (Pnote) on the Cluster Member (see Registering a Critical Device)	`N / A`	`cphaconf set_pnote -d <Name of Device> -t <Timeout in Sec> -s {ok\|init\|problem} [-p] [-g] register`
Unregister a single Critical Device (Pnote) on the Cluster Member (see Unregistering a Critical Device)	`N / A`	`cphaconf set_pnote -d <Name of Device> [-p] [-g] unregister`
Report (change) a state in a single Critical Device (Pnote) on the Cluster Member (see Reporting the State of a Critical Device)	`N / A`	`cphaconf set_pnote -d <Name of Device> -s {ok\|init\|problem} [-g] report`
Register several Critical Devices (Pnotes) from a file on the Cluster Member (see Registering Critical Devices Listed in a File)	`N / A`	`cphaconf set_pnote -f <Name of File> [-g] register`
Unregister all Critical Devices (Pnotes) on the Cluster Member (see Unregistering All Critical Devices)	`N / A`	`cphaconf set_pnote -a [-g] unregister`
Configure the Cluster Control Protocol (CCP) Encryption on the Cluster Member (see Configuring the Cluster Control Protocol (CCP) Settings)	`set cluster member ccpenc {off \| on}`	`cphaconf ccp_encrypt {off \| on}` `cphaconf ccp_encrypt_key <Key String>`
Configure the Cluster Forwarding Layer on the Cluster Member (controls the forwarding of traffic between Cluster Members) Note - For Check Point use only.	`set cluster member forwarding {off \| on}`	`cphaconf forward {off \| on}`
Print the current cluster configuration as loaded in the kernel on the Cluster Member (for details, see sk93306)	`N / A`	`cphaconf debug_data`
Start internal failover between subordinate interfaces of specified bond interface - only in Bond High Availability mode (for details, see sk93306)	`N / A`	`cphaconf failover_bond <bond_name>`
Configure what happens during a failover after a Bond already failed over internally (for details, see sk93306)	`N / A`	`cphaconf enable_bond_failover <bond_name>`
Initiate manual cluster failover (see Initiating Manual Cluster Failover)	`set cluster member admin {down \| up}`	`clusterXL_admin {down \| up}`
Configure the minimal number of required subordinate interfaces for Bond Load Sharing (see Configuring the Minimal Number of Required Subordinate Interfaces for Bond Load Sharing)	`N / A`	`cphaconf bond_ls {set <Bond Name> <Value> \| remove <Bond Name>}`
Configuring Link Monitoring on the Cluster Interfaces (see Configuring Link Monitoring on the Cluster Interfaces)	`N / A`	`N / A`
Configuring the Multi-Version Cluster Mechanism (see Configuring the Multi-Version Cluster Mechanism)	`N / A`	`cphaconf mvc {off \| on}`

List of the Gaia Clish set cluster member commands

set cluster member admin {down | up} [permanent]

set cluster member ccpenc {off | on}

set cluster member forwarding {off | on}

set cluster member idmode {id | name}

set cluster member mvc {off | on}

List of the cphaconf commands

Note - Some commands are not applicable to 3rd party clusters.

cphaconf [-D] <options> start

cphaconf stop

cphaconf [-t <Sync IF 1>...] [-d <Non-Monitored IF 1>...] add

cphaconf clear-secured

cphaconf clear-non-monitored

cphaconf debug_data

cphaconf delete_link_local [-vs <VSID>] <IF name>

cphaconf set_link_local [-vs <VSID>] <IF name> <Cluster IP>

cphaconf mem_id_mode {id | name}

cphaconf failover_bond <bond_name>

cphaconf [-s] {set | unset | get} var <Kernel Parameter Name> [<Value>]

cphaconf bond_ls {set <Bond Name> <Value> | remove <Bond Name>}

cphaconf set_pnote -d <Device> -t <Timeout in sec> -s {ok | init | problem} [-p] [-g] register

cphaconf set_pnote -f <File> [-g] register

cphaconf set_pnote -d <Device> [-p] [-g] unregister

cphaconf set_pnote -a [-g] unregister

cphaconf set_pnote -d <Device> -s {ok | init | problem} [-g] report

cphaconf ccp_encrypt {off | on}

cphaconf ccp_encrypt_key <Key String>