cancel
Showing results for 
Search instead for 
Did you mean: 
layer0
Level 7

MWG IP cluster randomly down

Hello

We have a serious problem, we have two virtual nodes of McAfee web Gateway in HA, for some reason every 3 to 10 days the Virtual IP of the cluster goes down. When this happen we switch the director priority of the nodes and this resolves the problem or we simply reboot one node. In the moment of the outage each node work fine indepedently.

What can cause this outage?

Thanks

0 Kudos
3 Replies
McAfee Employee

Re: MWG IP cluster randomly down

Hi Layer0,

What version are you on? Also, what platform are you using (virtual or appliance)? Are the nodes in the same physical location, or spread out?

In 7.4.2.4+ improvements were added for very small periods of time where the VRRP packets were lost for whatever reason. The improvements included additional gratuitous ARPs to be sent by MWG in the case that a director needs to take over.

I have seen virtual machines have "blips" where the director node is dead to the rest of the network for 10-30 seconds and something like this happens. I have also seen similar behavior with nodes in different locations do the same thing (one node cant see the other for a short ammount of time, and a "split brain" of sorts is created).

What's your SR #? If you attached feedbacks to the case, we can see it in the logs. (dont post feedbacks here)

Best Regards,

Jon

0 Kudos
layer0
Level 7

Re: MWG IP cluster randomly down

Hello Jon

We are in version 7.4.2.10, there are virtual nodes.

It's only the virtual IP that is down, echa ip of each node is up during the outage.

We have to manually siwth the director priorities of both nodes or reboot one node to recover the virtual IP of the cluster.

The SR is 4-9655694760

Thanks

0 Kudos
McAfee Employee

Re: MWG IP cluster randomly down

Hi L0,

I'll be looking over the case with Andrew later today, I'll let you know what we find and email you through the case.

Did you have any comments on my other questions? Are these devices in the same location or separate? Also, do you have any sort of backup application that runs on the VM host?

Every time I ask that question about the "backup application" the first response is no, but later we find out the answer was yes (so please double/triple check). If you do have one, there is no need to have it run on a MWG if you are taking regular config backups.

Best Regards,

Jon

0 Kudos