Difference between revisions of "Gaia VRRP setup guide"
From cpwiki.net
(→Add rule to allow vrrp adverstisements) |
|||
| Line 19: | Line 19: | ||
[[file:chkp_vrrp_rule.png]] | [[file:chkp_vrrp_rule.png]] | ||
| − | |||
| + | |||
| + | '''Checking your configuration''' | ||
[Expert@chkpfw1]# '''clish -c "show vrrp summary"''' | [Expert@chkpfw1]# '''clish -c "show vrrp summary"''' | ||
Revision as of 21:45, 13 September 2013
from clish prompt, create vrid, add backup-addresses, save config
Expert@chkpfw2]# clish chkpfw2> add mcvr vrid 100 priority 95 priority-delta 10 chkpfw2> add mcvr vrid 100 backup-address 172.16.31.1 chkpfw2> add mcvr vrid 100 backup-address 192.168.1.1 chkpfw2> save config
configure cluster object
File:chkp vrrp cluster config.png
Add rule to allow vrrp adverstisements
Failure to do so will cause master/master status.
Checking your configuration
[Expert@chkpfw1]# clish -c "show vrrp summary"
VRRP State VRRP Router State: Up Flags: On Interface enabled: 2 Virtual routers configured: 2 In Init state 0 In Backup state 0 In Master state 2
Verify your vrrp backup address is in effect. It will NOT show up in ifconfig output.
Expert@chkpfw1]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:d8:3e:56 brd ff:ff:ff:ff:ff:ff inet 172.16.31.9/28 brd 172.16.31.15 scope global eth0 inet 172.16.31.11/28 brd 172.16.31.15 scope global secondary flags 10 eth0 <<< this line is the vrrp backup-address
