Use same subnet addressing for all 3 interfaces.
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Anuska
Aragón Fernández
Sent: 26 May 2003 10:40
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Cluster interface and members interface question
Environment: RedHat Linux 7.3 / Fw1 NG FP3 HF2 / Cluster XL
As far as I know (reading the doc) it is possible to define members network
interface in a network and the cluster interface in another network. So, I
have defined, one of the cluster interfaces with real addressing and the
members interfaces with private address as:
Cluster interface 130.x.x.1
(in the member network tab, I have put 192.168.10.0)
Member node1 interface 192.168.10.1
Member node2 interface 192.168.10.2
At each member, I have defined a static route so that the 130.x.x.0 network
will be directed through the corresponding interface.
I have a cisco router conencted to the 130.x.x.0 network (address
130.x.x.2). At the router I have defined a static arp entry with the
multicast mac adress of the cluster
arp 130.x.x.1 0100.xxx.xxx ARPA
My problem comes when I try to connect to the router. The cluster send arp
request, but with the private address of the members :
11:33:45.110728 arp who-has 130.x.x.2 tell 192.168.10.2
And the router doesn't reply. I think because it doesn't known where this
network is.
Does it mean that the router (or any node connected to the network) needs to
know about the node members network? I don't think this should be like this.
I think the cluster should send the arp packets with the cluster address
instead of the member address.
Am I doing something wrong? Have I missed something? Any clue?
Thanks in advance.
--
A n u s k a A r a g ó n
Servicio Informático e-mail: anuska.aragon AT si.unirioja DOT es
Universidad de La Rioja Tf.: +34 941 299233
Av. de La Paz 93, 26004 Logroño Fax: +34 941 299180
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
