Load balancing

In load-balanced clustering, traffic is balanced between the nodes dynamically.

In a Firewall Cluster configuration, the recommended way to cluster the nodes is load-balanced clustering, where traffic is balanced between the nodes dynamically. Load-balanced clustering provides both fault tolerance and performance benefits.

The traffic arriving at the Firewall Cluster is balanced across the nodes according to the settings of the cluster’s load-balancing filter. This filtering process distributes packets between the firewall nodes and keeps track of packet distribution. The Firewall determines the packet ownership of the nodes by comparing the incoming packet with node-specific values based on the packet headers. The load-balancing filter is preconfigured for optimal performance and is not meant to be adjusted independently by the system administrators.

The Firewall Cluster keeps track of which node is handling each ongoing connection. As a result, all packets that are part of a given connection can be handled by the same node. Some protocols use multiple connections, which are sometimes handled by different nodes, but this distribution does not usually affect the processing of the traffic.