Configuring Network DHCP and Interface Settings

When Active/Active Clustering is enabled, the SonicOS internal DHCP server is turned off and cannot be enabled. Networks needing a DHCP server can use an external DHCP server. The SonicOS DHCP server should be disabled in the management interface before enabling Active/Active Clustering, and all DHCP server lease scopes deleted.

On the Network > Interfaces page, you can configure additional virtual IP addresses for interfaces in a Virtual Group, and redundant ports for interfaces.

For information about performing these tasks, see the following sections:

•	Disabling the SonicOS DHCP Server

•	Configuring Virtual IP Addresses

•	Configuring Redundant Ports

Disabling the SonicOS DHCP Server

To disable the SonicOS DHCP server and delete all DHCP server lease scopes, perform the following steps:

1	Login to the Primary unit of the Cluster Node and navigate to the Network > DHCP Server page.

2	Clear the Enable DHCP Server checkbox.

3	Under DHCP Server Lease Scopes, select the checkbox at the top left corner of the table heading to select all lease scopes in the table.

4	Click the Delete All button.

5	Click OK in the confirmation dialog box.

6	Click Accept at the top of the Network > DHCP Server page.

Configuring Virtual IP Addresses

When Active/Active Clustering is enabled for the first time, the configured IP addresses for the interfaces on that firewall are automatically converted to virtual IP addresses for Virtual Group 1. Thus, Virtual Group 1 will include virtual IP addresses for X0, X1, and any other interfaces which are configured and assigned to a zone.

Active/Active Clustering requires additional configuration of virtual IP addresses for additional Virtual Groups. You can assign multiple virtual IP addresses to each interface, one per Virtual Group. Each additional virtual IP address is associated with one of the other Virtual Groups in the cluster. Each interface can have up to a maximum of four virtual IP addresses. VLAN interfaces can also have up to four virtual IP addresses.

NOTE: A packet cannot be forwarded on an interface if a virtual IP address is not configured on it for the Virtual Group handling that traffic flow.

To configure a virtual IP address on an interface:

1	Login to the Primary unit of the Cluster Node and navigate to the Network > Interfaces page.

2	In the Interface Settings table, click the configure icon for the interface you want to configure.

3	In the Edit Interface window, type the virtual IP address into the IP Address (Virtual Group X) field, where ‘X’ is the virtual group number.

NOTE: The new virtual IP address must be in the same subnet as any existing virtual IP address for that interface.

4	Click OK. The configured virtual IP address appears in the Interface Settings table.

Configuring Redundant Ports

Redundant ports can be used along with Active/Active Clustering. You can assign an unused physical interface as a redundant port to a configured physical interface called the “primary interface”. If there is a physical link failure on the primary interface, the redundant interface can continue processing traffic without any interruption. One advantage of this feature is that in case of a physical link failure, there is no need to do a device failover.

You can configure a redundant port on the Advanced tab of the Edit Interface window. The Redundant Port field is only available when Active/Active Clustering is enabled.

NOTE: Because all Cluster Nodes share the same configuration, each node must have the same redundant ports configured and connected to the same switch(es).

For information about physically connecting redundant ports and redundant switches, see the Active/Active Clustering Full Mesh Deployment Technote.

To configure a redundant port for an interface:

1	Login to the Primary unit of the Cluster Node and navigate to the Network > Interfaces page.

2	In the Interface Settings table, click the Configure icon for the primary interface for which you want to create a redundant port.

For example, click the Configure icon for X2.

The Edit Interface dialog displays.

3	Click the Advanced tab.

4	From the Redundant Port drop-down menu, select the redundant port. Only unused interfaces are available for selection.

For example, select X4 for the redundant port.

5

Click OK.

The selected interface will be greyed-out in the Interface Settings table. A note indicates that it is a redundant Port and lists the primary interface. The interface also appears in the Redundant Port field in the Edit Interface dialog of the primary port.

NOTE: The primary and redundant ports must be physically connected to the same switch, or preferably, to redundant switches in the network.

6	On each Cluster Node, replicate the redundant physical connections using the same interface numbers for primary and redundant ports. All Cluster Nodes share the same configuration as the Master node.