All “true” clusters require that certain attributes are syncronised. So that in the event of a failover the newly promoted node can continue where the other node left off.
In order to ensure that the State Tables of all your nodes within your Check Point Cluster are syncronised you will need to check the #VALS of your State Table summary on each node.
Note :
- You may find that these figures aren`t identical but this is just down to the delay/latancy in which occurs between State Syncronisations. You should only be concerned if the values are hunreds or even thousands out.
- The best way to view the State Table summaries (on SPLAT based firewalls) is to run the command watch ‘fw tab -t connections -s’.
- Below is based on a R65 ClusterXL HA Cluster.
STEPS
Check the State Tables on both nodes, checking for the #VAL totals.
[Expert@fw1]# fw tab -t connections -s HOST NAME ID #VALS #PEAK #SLINKS localhost connections 8158 3624 36074 14234 [Expert@fw2]# fw tab -t connections -s HOST NAME ID #VALS #PEAK #SLINKS localhost connections 8158 3632 36073 14242
You can see here that the #VALS are fairly similar. With this we can safley say that the State Tables are syncronised.
Akshay TU 