beautypg.com

Setting up ha, Physical ha hardware setup – Amer Networks E5Web GUI User Manual

Page 705

background image

11.3. Setting Up HA

This section provides a step-by-step guide for setting up an HA Cluster. Setup is explained in the
following subsections:

Physical setup of the HA cluster and decisions about IP addresses is first discussed in
Section 11.3.1, “Physical HA Hardware Setup”.

Configuration of cOS Core is then discussed and this is divided into:

i.

Using the Web Interface wizard is discussed in Section 11.3.2, “Wizard cOS Core HA Setup”.

ii.

Performing cOS Core setup without the wizard is discussed in Section 11.3.3, “Manual cOS
Core HA Setup”.

Lastly, verifying HA operation is discussed in Section 11.3.4, “Verifying that the Cluster Functions
Correctly”.

11.3.1. Physical HA Hardware Setup

The steps for the setup of hardware in an HA cluster are as follows:

1.

Start with two physically identical Clavister Security Gateways. Both may be newly
purchased or an existing unit may have a new unit added to it to create the cluster.

2.

Both master and slave units must have valid cOS Core cluster licenses that have identical
capabilities and which have the HA cluster option enabled.

3.

Make the physical connections:

Connect the matching interfaces of master and slave through separate switches or
separate broadcast domains. It is important to keep the traffic on each interface pair
separated from other pairs.

Select one unique interface on the master and slave which is to be used by the units for
monitoring each other. This will be the sync interface. It is recommended that the same
interface is used on both master and slave, assuming they are similar systems.

Caution: The sync interface must be unique

With some hardware, an interface may be part of a switch fabric which joins a
set of interfaces together.

If such an interface is used as the HA sync interface then the other interfaces
connected to the same switch fabric cannot be used for other purposes.

Also keep in mind that there should be no cOS Core IP rules configured that include the
sync interface.

Connect together the sync interfaces. This can be done directly with a crossover cable or
through a separate switch (or broadcast domain).

4.

Decide on a shared IP address for each interface in the cluster. Some interfaces could have
shared addresses only while others could also have unique, individual IP addresses for each
interface specified in an IP4 HA Address object. The shared and individual addresses are used
as follows:

Chapter 11: High Availability

705

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: