Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL

Subject:	Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL
From:	Sergio Alvarez <seralvar AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Sat, 27 Jan 2007 11:30:24 -0600

Something you could do is change that crossover between enforcement modules
for a hub or switch (you can use a VLAN with just 2 ports).

It is a good practice not to use a crossover because if the cable fails or
causes small connectivity issues, there is no reference point for the two
boxes to figure out which is the one supposed to be active as both loose
link.

I'm not sure if this particular issue could be causing the problem you have
right now, but it would make things a little more clean and if you are
seeing all those messages generated only by the secondary box, then the
primary seems not be experiencing or identifying problems, which means it
could be the secondary has problems to "see" the primary.

Hope this helps.

Regards

On 1/27/07, Erik Gielow <epgielow AT gmail DOT com> wrote:


I sugest you to try to run   the commands  "cphastop/cphastart" in both
machines, some times these commands put "some order" in the clusterxl.
Check the state with
"cphaprob state" ,  if everything looks ok after this, try change de
priority of the cluster members to they swap the state  (active/standby|
standby/active)  and check again with the "cphaprob state" if they are ok.

sorry for my bad english.

Erik Gielow.

On 1/26/07, Crist Clark <Crist.Clark AT globalstar DOT com> wrote:
>
> >>> On 1/26/2007 at 3:19 PM, Hugo van der Kooij <
hvdkooij AT VANDERKOOIJ DOT ORG>
> wrote:
> > On Fri, 26 Jan 2007, Crist Clark wrote:
> >
> >> I've got two ClusterXL pairs managed from a single
> >> SmartCenter. One of the pairs is causing me some pain.
> >> Looking at "Control" messages in the logs, I see the
> >> secondary firewall (gcc1fw2) claiming that the member 1
> >> is down, so it comes up, then it goes back to standby.
> >> I presume, although it doesn't log it, it goes back to
> >> standby when it realizes that member 1 is still up.
> >
> > Check the $FWDIR/log/*.elg files. They propably are a better source of
> > information.
>
> No luck. Nothing there.
>
> B¼information contained in this e-mail message is confidential, intended
> only for the use of the individual or entity named above. If the reader
of
> this e-mail is not the intended recipient, or the employee or agent
> responsible to deliver it to the intended recipient, you are hereby
notified
> that any review, dissemination, distribution or copying of this
> communication is strictly prohibited. If you have received this e-mail
in
> error, please contact postmaster AT globalstar DOT com
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================




--
Sergio Alvarez
(506)8301342

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Crist Clark Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Hugo van der Kooij Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Crist Clark Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Erik Gielow Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Sergio Alvarez <= Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Crist Clark

Previous by Date:	Re: [FW-1] BSOD - help needed, Bunyan Christopher (Shetland Health Board)
Next by Date:	Re: [FW-1] BSOD - help needed, Neil Pike
Previous by Thread:	Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Erik Gielow
Next by Thread:	Re: [FW-1] Secondary Keeps Reporting Primary Down in ClusterXL, Crist Clark
Indexes:	[Date] [Thread] [Top] [All Lists]