ClusterXL – New HA mode

Posted on February 28, 2013

0



It is just a quick note for fast knowledge recovery about ClusterXL for me :-)
There are 4 ClusterXL modes:
-Load Sharing Multicast Mode
-Load Sharing Unicast Mode
-New High Availability Mode -> This is what is under magnifier now.
-High Availability Legacy Mode

Sniffered packet

Command used:
# tcpdump -i bond1 -evvxn udp 8116

13:24:40.487490 00:00:00:00:fe:01 > 01:00:5e:18:0c:01, ethertype IPv4 (0x0800), length 83: (tos 0x0, ttl 255, id 0, offset 0, flags [none], proto: UDP (17), length: 69) 0.0.0.0.cp-cluster > 172.24.12.0.cp-cluster: [udp sum ok] UDP, length 41
        0x0000:  4500 0045 0000 0000 ff11 0390 0000 0000
        0x0010:  ac18 0c00 1fb4 1fb4 0031 3511 1a90 08a3
        0x0020:  464f 0001 0012 0efb 0001 fffe 4e52 0000
        0x0030:  000a 0001 0002 0003 0004 0000 0402 0400
        0x0040:  0400 0002 00
13:24:40.831417 00:00:00:00:fe:00 > 01:00:5e:18:0c:01, ethertype IPv4 (0x0800), length 83: (tos 0x0, ttl 255, id 0, offset 0, flags [none], proto: UDP (17), length: 69) 0.0.0.0.cp-cluster > 172.24.12.0.cp-cluster: [udp sum ok] UDP, length 41
        0x0000:  4500 0045 0000 0000 ff11 0390 0000 0000
        0x0010:  ac18 0c00 1fb4 1fb4 0031 c065 1a90 08a3
        0x0020:  464f 0001 0012 7fa9 0000 fffe 4e52 0000
        0x0030:  000a 0001 0002 0003 0004 0000 0402 0400
        0x0040:  0400 0000 04

Destination MAC
The destination MAC is a mutlicast MAC. See the part “01:00:5e:” in the destination MAC.
Source:
http://de.wikipedia.org/wiki/Multicast

Example from sniffer: 01:00:5e:18:0c:01

Source MAC
Cluster members communicate with each other using the Cluster Control Protocol (CCP). CCP packets are
distinguished from ordinary network traffic by giving CCP packets a unique source MAC address.
– The first four bytes of the source MAC address are all zero: 00.00.00.00
– The fifth byte of the source MAC address is a !magic number!. Its value indicates its purpose

Default value of fifth byte | Purpose
———————————————————-
0xfe                 |     CCP traffic
0xfd                 |    Forwarding layer traffic

– The sixth byte is the ID of the sending cluster member (see abowe 00 or 01 in Source MAC)

Example from sniffer: 00:00:00:00:fe:01

Source and Destionation IP
The Source IP is full zero and the Destination IP is a network IP:
Example from sniffer: 0.0.0.0.8116 > 172.24.12.0.8116

Virtual IP
The Virtual IP has the MAC as the active member physical MAC. What happens if the member fails? The another unit sends a gratious arp with the new mac or what?

More information in ClusterXL administration guide.

Troubleshooting notes

The clusterxl checking commands can be found in the link below:
https://itsecworks.wordpress.com/2010/11/25/checkpoint-and-ipso-useful-commands/

Clusterxl debugging start:

1.
# fw ctl debug -x
or
# fw ctl debug 0
2.
fw ctl debug -buf 4096
3.
fw ctl debug -m cluster all
or just
# fw ctl debug -m cluster + timer
4.
# fw ctl kdebug -T -f > clusterxl_deb.txt

Clusterxl debugging stop:

1.
[ctrl + c]
2.
# fw ctl debug -x
or
# fw ctl debug 0

Example for stopping debugging (defaulting or disabling? I would disable all):

[Expert@inwcfw01a57-zug]# fw ctl debug 0
Defaulting all kernel debugging options
[Expert@inwcfw01a57-zug]# fw ctl debug -x
Disabling all kernel debugging options

More info:
http://www.checkpoint.com/services/enterprise/docs/Troubleshooting_and_Debugging.pdf

Advertisements