Clustering modes for firewalls

You can configure traffic to be directed to the cluster using several modes.

There are several modes for how traffic can be directed to the cluster. The modes are explained in the following table. If necessary, see the documentation for the router, hub, or switch you are using for information about which mode is best in your environment:

Table 1. Clustering modes
Mode Description

Packet dispatch

Packet dispatch is the recommended clustering mode. One node per physical interface is the dispatcher that handles the distribution of traffic between the different nodes for all CVIs on that physical interface. The assigned node handles the traffic processing.

No additional switch configuration is needed.

This mode can also be used with hubs but it is not the optimal clustering mode with hubs.

Unicast MAC

Unicast MAC is the recommended mode when hubs are used. This mode cannot be used with most switches.

All nodes in the cluster share unicast MAC address for the CVI. All nodes in the cluster see all packets

Multicast MAC

The nodes share multicast MAC address for the CVI. All nodes in the cluster see all packets.

Do not use this mode instead of the packet dispatch mode except in special cases, for example, if MAC address of the network interface cards cannot be changed.

Multicast MAC with IGMP

The clustering works otherwise the same as in the Multicast MAC mode except that the engine answers to IGMP membership queries.

This mode allows limiting multicast flooding when the switch does not support static MAC address forwarding tables.

All CVIs on the same physical interface must use the same mode. It is possible to set different cluster modes for CVIs that are defined for different physical interfaces.