Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
101102103104105106107108109110
1-71
Overview
HA Clusters
The master manages the cluster, has an IP address on each TMS VLAN, and
receives all traffic for data processing. The participant stands by in case the
master fails. It has a virtual IP address on each TMS VLAN, which matches the
real IP address for those VLANs on the master.
HA VLAN
HA cluster members communicate on the HA VLAN, which is configured on
the each member’s internal port 2. Each member has its own IP address on
the HA VLAN.
The default HA VLAN is VLAN 1. However, it is recommended that you set the
HA VLAN to a VLAN not otherwise used in your network. Otherwise, the
TMS zl Module might receive broadcast traffic on the HA VLAN that the
firewall must drop—which can cause an undue number of log messages.
Note, however, that you must extend the HA VLAN between the two modules
in the cluster.
Note Because the TMS zl Module receives the broadcast traffic on the HA VLAN
whether or not you configure HA, you should change the HA VLAN even when
you do not want to use HA.
HA Operation—Active-Standby
The two TMS zl Modules operate in active-standby mode. In other words, the
cluster master handles data processing, and the participant acts as a passive
backup to the master. The participant becomes active only when the master
fails. It then becomes the new master module.
Because all traffic must go through the master session manager, the firewall
throughput of the cluster is the same as the master throughput. However, the
cluster throughput for IDS/IPS is increased due to the sharing between the
members.
Figure 1-21 shows active-standby mode.