Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Imperva DBF - Cluster IP for Cluster Configuration

    Posted 20 days ago

    Hello folks, i am currently research about Gateway Cluster and have a question about it. So, let's say i want to:

    + Configured the Gateway Cluster to run as a Single Network Cluster (One subnet for all of communication between Gateways, Management Server and Agents). 

    + A total of 2 Gateways (Active Cluster Manager & Backup Cluster Manager), which one of them will also be select to become the Redundant Gateway. I have plan to expand the Gateway Cluster in the near future, which would contain more Gateway.

    My question is, with this setup, which Gateway IP should i select to configure the Cluster IP. The Active Gateway, the Backup Gateway or any other IP else. Thank you and much appreciated.


    #DatabaseActivityMonitoring

    ------------------------------
    Chau Vo Ba
    Technical Support
    Misoft
    Ho Chi Minh
    ------------------------------


  • 2.  RE: Imperva DBF - Cluster IP for Cluster Configuration

    Posted 3 days ago

    Hi,

    Cluster GW is clustering mechanism not single IP address.

    I always configure GW Cluster using a separate network -> agent network. The first VLAN is for management, and the second VLAN is for the agents.

    Then, I set the management VLAN for the Cluster network (VLAN). After that, you can build a cluster. The most important information is that there is no single IP that is a cluster IP. Any listener IP works as a Cluster IP. The master GW is a load balancer, and it decides where the Agent will connect. You should also remember about agent routing in impcfg.



    ------------------------------
    Karol Gruszczynski
    IT Security Expert
    Trafford IT Sp. z o.o.
    Warszawa
    ------------------------------



  • 3.  RE: Imperva DBF - Cluster IP for Cluster Configuration

    Posted 3 days ago

    Hi mister Gruszczynski
    Thank you very much for your reply.
    I have another question, also about Clustering. 
    + When i setup Cluster Gateway with Single Network architecture, i can configure my 2 Gateways to use the same IP listener and it will work fine, the failover work normally when 1 Gateway fail 
    + When i setup Cluster Gateway with Dual Network (Separate Agent Network), however when i use the same IP listener for 2 Gateways it will encounter error and will only work if i setup 1unique IP listener for each gateway. 
    Is this normal mister because i cant seem to find any documentation about how to setup IP listener properly ? Thank you and much appreciated



    ------------------------------
    Chau Vo Ba
    Technical Support
    Misoft
    Ho Chi Minh
    ------------------------------