Difference between revisions of "Gaia VRRP setup guide"
From cpwiki.net
(→Add rule to allow vrrp adverstisements) |
(→Add rule to allow vrrp adverstisements) |
||
| Line 21: | Line 21: | ||
| − | + | ||
| + | == Checking your configuration == | ||
| + | |||
[Expert@chkpfw1]# '''clish -c "show vrrp summary"''' | [Expert@chkpfw1]# '''clish -c "show vrrp summary"''' | ||
| Line 33: | Line 35: | ||
In Master state 2 | In Master state 2 | ||
| − | Verify your vrrp backup address is in effect. It will NOT show up in ifconfig output. | + | Verify your vrrp backup address is in effect. It will NOT show up in ifconfig output. Also, you cannot ping the backup-addresses in Gaia like you could in ipso. |
Expert@chkpfw1]# '''ip addr show eth0''' | Expert@chkpfw1]# '''ip addr show eth0''' | ||
Revision as of 21:46, 13 September 2013
Contents |
from clish prompt, create vrid, add backup-addresses, save config
Expert@chkpfw2]# clish chkpfw2> add mcvr vrid 100 priority 95 priority-delta 10 chkpfw2> add mcvr vrid 100 backup-address 172.16.31.1 chkpfw2> add mcvr vrid 100 backup-address 192.168.1.1 chkpfw2> save config
configure cluster object
File:chkp vrrp cluster config.png
Add rule to allow vrrp adverstisements
Failure to do so will cause master/master status.
Checking your configuration
[Expert@chkpfw1]# clish -c "show vrrp summary"
VRRP State VRRP Router State: Up Flags: On Interface enabled: 2 Virtual routers configured: 2 In Init state 0 In Backup state 0 In Master state 2
Verify your vrrp backup address is in effect. It will NOT show up in ifconfig output. Also, you cannot ping the backup-addresses in Gaia like you could in ipso.
Expert@chkpfw1]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:d8:3e:56 brd ff:ff:ff:ff:ff:ff inet 172.16.31.9/28 brd 172.16.31.15 scope global eth0 inet 172.16.31.11/28 brd 172.16.31.15 scope global secondary flags 10 eth0 <<< this line is the vrrp backup-address
