I manage MWG cluster (5xwg5500). It works in Proxy HA mode.
All of machines are connected to 2 different network segments (internal net and external net). These network segments are on two independent pair of switches.
Internal interfaces of all appliances are connected to internal network through 2 switches (2 mwg to one switch and 3 mwg to another switch)
also, external interfaces of all appliances are connected to external network through 2 switches (2 mwg to one switch and 3 mwg to another switch).
there is also additional network, dedicated to mwg flows and this network is connected to appliances through external switches (2 mwg to one switch, 3 mwg to second switch).
Two appliances are working also as directors. Virtual IP is an ip address of internal network. VRRP interface is interface connected to this third, additional network through external pair of switches.
Management ip addresses belongs to external network.
In this scenario, breakdown one of the internal switch causes a partially production outage, becouse active director can see all of scanners active(through external network) and directs flows to them.
I tested this scenario in test environment and behavior was similar.
mfend-lb -l shows that all scanners are OK. mfend-lb -s shows that some flows are directed to proxy which has internal network disconnected and all of these flows fails.
The question is that, is there any soloution to monitor multiple network segments, and turn off a service on appliance on which one of network interface goes down.
Message was edited by: shprot I have added some kind of diagram. i hope it could be helpful. on 5/9/13 2:06:57 AM CDT
Thank you for the details. I may need further clarification but I'll give it a shot.
Is there a reason to not have the VRRP interface / management IP be eth0 instead of the external interface (eth1/eth2)? Reason being is that the health check / VRRP communication would still be happening and the no new MWG needs to take over. This is why things failed on the client side (rather than external side).
Thank You for your suggestions. In test environment, I have moved VRRP interface on eth0 and changed ip addresses of management interfaces to eth0 network address pool.
In this scenario breakdown of switch-int-2 doesn't cause any production outage, hovewer breakdown of switch-ext-1 or switch-ext-2 does.
I think that very similar situation was described in this thread https://community.mcafee.com/message/260990#260990
Have you got any further solution to avoid production outage during network phisical layer problem in redundant environments ?
Message was edited by: shprot on 5/13/13 4:57:21 AM CDT