ElasticXL Important Notes

  • For the list of platforms that support ElasticXL, see the R82 Release Notes.

  • For ElasticXL requirements, see sk183513.

  • ElasticXL Cluster requires each platform to be after a Clean Install or restored to factory defaults.

  • ElasticXL Cluster supports a maximum of:

    • 3 ElasticXL Cluster Members on each ElasticXL Site.

    • 6 ElasticXL Cluster Members in total.

    Note - If more Security Group Members are required, then use Maestro (Introduction to Maestro).

  • ElasticXL Cluster requires at least 4 interfaces on each ElasticXL Cluster Member:

    • A dedicated management interface (the port "Mgmt" is selected automatically).

    • A dedicated sync interface (the port "Sync" is selected automatically).

      Important:

      • The "Sync" ports of all ElasticXL Cluster Members in the same ElasticXL Cluster must connect to the same Layer 2 broadcast domain (a dedicated Layer 2 switch, or a dedicated VLAN).

      • Only one ElasticXL Cluster is supported in the same Layer 2 broadcast domain (connecting Sync interfaces of different ElasticXL Clusters is not supported).

      • Configuring the Sync interface as VLAN Trunk is not supported.

      • ElasticXL Cluster sends all traffic over the Sync network in clear-text (non-encrypted).

      • ElasticXL Cluster automatically configures the IP address of the sync network to 192.0.2.0/24.

        If needed, later it is possible to change the IP address of the sync network.

    • An "external" interface (you select and configure this interface).

      ElasticXL Cluster assigns a unicast MAC Address to these data interfaces.

      ElasticXL Cluster does not rename these data interfaces.

    • An "internal" interface (you select and configure this interface).

      ElasticXL Cluster assigns a unicast MAC Address to these data interfaces.

      ElasticXL Cluster does not rename these data interfaces.

  • ElasticXL Cluster renames the physical interfaces on the appliances:

    • The "Mgmt" interface becomes a subordinate interface in the Bond called "magg1".

    • The "Sync" interface is renamed to "eth1-Sync" and becomes a subordinate interface in the Bond called "Sync".

    Notes - Gaia OS does not show the bond interface "Sync" (or its subordinate interfaces) in Gaia Portal and in the Gaia Clish "set" commands. This is to prevent any changes to this infrastructure interface.

  • On each ElasticXL Site, only one ElasticXL Cluster Member (the SMO) accepts all traffic and distributes this traffic to other ElasticXL Cluster Members (works like the Pivot member in the ClusterXL Load Sharing Unicast mode).

  • ElasticXL Cluster supports only the "General" Distribution Mode to assign incoming traffic to cluster members on each ElasticXL (the Gaia gClish command "set distribution configuration"). See Working with the Distribution Mode.

  • ElasticXL Cluster supports only the VSNext mode (the Traditional VSX mode is not supported). To configure the VSNext mode, you must enable it during the Gaia First Time Configuration Wizard on the first Security Appliance.