Overview
Chapter 8: Configuring High Availability 243
Chapter 8
This chapter describes how to configure High Availability (HA) for two or more UTM-1
appliances.
This chapter includes the following topics:
Overview..................................................................................................243
Configuring High Availability on a Gateway...........................................246
Sample Implementation on Two Gateways..............................................250
Overview
You can create a High Availability (HA) cluster consisting of two or more UTM-1
appliances. For example, you can install two UTM-1 appliances on your network, one
acting as the “Master”, the default gateway through which all network traffic is routed, and
one acting as the “Backup”. If the Master fails, the Backup automatically and transparently
takes over all the roles of the Master. This ensures that your network is consistently
protected by a UTM-1 appliance and connected to the Internet.
The gateways in a HA cluster each have a separate IP address within the local network. In
addition, the gateways share a single virtual IP address, which is the default gateway
address for the local network. Control of the virtual IP address is passed as follows:
1. Each gateway is assigned a priority, which determines the gateway's role: the
gateway with the highest priority is the Active Gateway and uses the virtual IP
address, and the rest of the gateways are Passive Gateways.
2. The Active Gateway sends periodic signals, or “heartbeats”, to the network via
a synchronization interface.
The synchronization interface can be any internal network or bridge existing on both
gateways, except the WAN interface.
3. If the heartbeat from the Active Gateway stops (indicating that the Active
Gateway has failed), the gateway with the highest priority becomes the new
Active Gateway and takes over the virtual IP address.
Configuring High Availability
To Next Page
Loading...
