Clusters, New and join, Configuration is replicated among master nvgs – Nortel Networks NN46120-104 User Manual
Page 36: Clustering over multiple subnets
36
Initial Setup
Clusters
All VPN Gateways are members of a cluster. A cluster can consist
of one single VPN Gateway or a group of NVGs that share the same
configuration parameters. There can be more than one NVG cluster in the
network, each with its own set of parameters and services. If the VPN
Gateway is used for SSL Acceleration, each cluster can be set up to serve
different real servers.
New and Join
Each time you perform an initial setup of an VPN Gateway and select
new
in the Setup menu, you create a new cluster which initially only has one
single member. You can add one or more VPN Gateways to any existing
cluster by performing an initial setup and select
join
in the Setup menu.
Configuration is Replicated among Master NVGs
The configuration parameters are stored in a database, which is replicated
among the VPN Gateways designated as masters in a cluster. By default,
the first four VPN Gateways in a given cluster are set up as masters.
Additional NVGs are automatically set up as slaves, which means they
depend on a master NVG in the same cluster for proper configuration.
However, even if three of the masters fail, the remaining NVG(s) are still
operational and can have configuration changes made to them. Note
that one master at a minimum has to be functional to be able to make
configuration changes. If all masters have failed, the slaves will still be
capable of processing SSL traffic.
Clustering Over Multiple Subnets
The SSL VPN software supports clustering over multiple subnets. If more
than one VPN Gateway is required and the VPN Gateway you wish to
join to the cluster is installed in a different subnet, the new NVG must be
configured as a slave. Master NVGs cannot exist on different intranet
subnets.
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.