CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


I'd like to thank everyone involved for making "The CPUG Challenge" a great success.
We helped a lot of people see and learn a bit more about R80.10, while having some fun.
We will be using this success to try and bring more events to more locations soon. -E

 

Results 1 to 3 of 3

Thread: Clusterxl and mc-lag

  1. #1
    Join Date
    2013-10-15
    Posts
    7
    Rep Power
    0

    Default Clusterxl and mc-lag

    Hi,

    We are planning to buy a new core switch(ex9208) so we have a pair of Core Switch. Right now we have clusterxl of 2 checkpoint 12000 connect to one core switch and there's no problem With the current topology(1 core switch), the core know/have the standby/active/vip mac so the core know where to forward the traffic. In switch theres a feature mc-lag allow 1 device/switch/server connect to pair of core switch and have a active/active link. What i want is, it is possible to do clusterxl active/standby with mc-lag to pair of core switch ? Can i just config lacp/bond in the gateway and mc-lag in the core ?

    Thx.

  2. #2
    Join Date
    2007-06-04
    Posts
    3,229
    Rep Power
    15

    Default Re: Clusterxl and mc-lag

    If understood then MC-LAGG on Juniper EX9208 is Multichassis Link Aggregation.

    Not an expert on Junipers however from reading then I don't see where this would be a problem with the Check Point. Just make sure that create the Bond on the Check Point using LACP/802.3ad as opposed to the defaults.

    You then use the MC-LAGG feature to create bonded interface between two interfaces on the separate Core Switches so that the Check Point see's a bonded link as well.

    The MC-LAGG should then permit the Switch to handle having the MAC etc seen on both switches etc which is the purpose of MC-LAGG.

    Would expect this to be transparent to the Check Point in reality.

  3. #3
    Join Date
    2013-10-15
    Posts
    7
    Rep Power
    0

    Default Re: Clusterxl and mc-lag

    Quote Originally Posted by mcnallym View Post
    If understood then MC-LAGG on Juniper EX9208 is Multichassis Link Aggregation.

    Not an expert on Junipers however from reading then I don't see where this would be a problem with the Check Point. Just make sure that create the Bond on the Check Point using LACP/802.3ad as opposed to the defaults.

    You then use the MC-LAGG feature to create bonded interface between two interfaces on the separate Core Switches so that the Check Point see's a bonded link as well.

    The MC-LAGG should then permit the Switch to handle having the MAC etc seen on both switches etc which is the purpose of MC-LAGG.

    Would expect this to be transparent to the Check Point in reality.
    Thx, thats what i think too. Hope this right

Similar Threads

  1. FIB and ClusterXL
    By cciesec2006 in forum Dynamic Routing
    Replies: 9
    Last Post: 2011-02-27, 16:11
  2. ClusterXL is not responding
    By jiehong in forum SmartView Monitor
    Replies: 3
    Last Post: 2011-01-07, 10:24
  3. Need help with ClusterXL problem
    By cciesec2006 in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 6
    Last Post: 2007-12-12, 23:19
  4. NGX HA *without* ClusterXL
    By brixo in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2007-05-30, 09:50
  5. ClusterXL is for FW-1 and VPN-1?
    By ppnair@gmail.com in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2007-01-30, 14:57

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •