Nokia Network Voyager for IPSO 4.0 Reference Guide 215
change ARP global parameters” in the information about configuring interfaces for
instructions about how to configure a Nokia appliance to accept these replies.
Note
If there is no router between the cluster and host systems (PCs or workstations), the
hosts must be able to accept ARP replies with multicast MAC addresses. You can avoid
this requirement by adding a static ARP entry to each host that includes the cluster IP
address and multicast MAC address of the internal cluster interface.
If you use a multicast mode, the switches connected to the cluster nodes must be able to
forward packets destined for a single (multicast) MAC address out multiple switch ports
simultaneously. Many switches do this by default.
If you use a two-node cluster, use switches (recommended) or hubs to connect the cluster
protocol networks. This will ensure proper failover in the event that one of the nodes drops
out of the cluster. Do not directly connect the cluster protocol interfaces using a crossover
cable.
For performance purposes, Nokia recommends that you do not use hubs to connect a cluster
to user data networks. If possible, use switches for these connections. (If you need to
troubleshoot a cluster that uses a multicast mode, you might want to temporarily replace
switches with hubs to simplify your configuration.)
You can create multiple clusters in the same LAN or VLAN (broadcast domain). The
clusters are distinguished by their cluster IDs.
Other Considerations
If a cluster will be in service as soon as it is activated, you should configure and enable NGX
on each node before they become part of the cluster. Add nodes to the Check Point cluster
(using Check Point software) after they have successfully joined the IPSO cluster.
Transparent mode is not supported on cluster nodes.
Router services are not supported, with the exception of NTP client.
An IPSO system cannot participate in more than one cluster at one time.
IPSO clusters support:
Multiple internal and external network connections
10/100 mb or gigabit Ethernet LAN connections
The primary and secondary cluster protocol networks should have bandwidth of at least 100
mbps.
IPSO clusters do not support network types other than Ethernet.
All of the interfaces on a cluster node do not have to participate in the cluster. Interfaces that
do not participate in the cluster can be network types other than Ethernet.
All the nodes must have the same number of interfaces participating in the cluster, and the
cluster interfaces must be connected to the same networks.
If you configure Gigabit Ethernet interfaces on different IP cluster nodes with different
MTU values and also run OSPF in the cluster, OSPF routes are lost if a failover occurs