Trouble with ClusterXL loadsharing multicast mode

[mannyz]

Dear list,
I am in trouble with a ClusterXL cluster of 2 nodes running in multicast mode.

OS: Sun Solaris 8
Fw-1: R55, HFA 17

Randomly Cluster seems to stop forwarding traffic.

The command "cphaprob state" shows no problem on the cluster:

Cluster Mode: Load Sharing (Multicast)

Number Unique Address Assigned Load State

1 (local) 172.16.29.1 50% active
2 172.16.29.2 50% active

I don't know if this is normal, but when the cluster is experiencing this problem, the "OLD-BROADCAST" traffic comes on all interfaces and not only on the sync interface.

The only way to overcome the issue is doing "cphastop" on a member and
lets the remaining node to switch all the traffic.

Checkpoint support is investingating (poorly) the issue while my boss call me every minute....

Any idea ?

Kind regards

[chelleshame]

Hi,

Are you running smartdefense ?

I have a similar problem on ipso 3.9 NGX(R60) HFA_03 (load sharing) - For me seems to be related to smartdefense.

I encounter many issues (web pages not responding) as soon as I turn on any instant Messaging defenses and/or P2P defenses. Smart tracker does not show anything.

[seanmac1904]

Hi Our cluster has been much more stable since adding the following to the bottom of the /etc/system file

we run Solaris 9

set fw:fwsm_prevent_dangerous_send=2

also make sure that IGMP snooping is off on all interfaces

in cisco world

no ip igmp snooping

hope it helps

Sean