Thanks, Chip. So am I basically up the creek for manual proxy ARPs? I want
to avoid using automatic NATs until I have a chance to properly review the
policy and NAT rules for this cluster.
Mike Feetham
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Chris
'Chipper' Chiapusio
Sent: Wednesday, November 03, 2004 1:17 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Virtual MAC for ClusterXL
On Wed, 3 Nov 2004, Mike Feetham wrote:
> That's what I would have thought, Matt. However, these are all reporting
> the MAC address for the active server in the cluster. I was under the
> impression that ClusterXL in HA used a separate Virtual MAC address.
>
> I know the Nokias do for VRRP, but I'm using ClusterXL on SPLAT.
SPLAT R55 (at least after HFA08) gratuitously ARP's using the primary
members MAC address. CheckPoint HA does not use a seperate
virtual/cluster MAC address.
Chip
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
