Up to 4 configuration cluster nodes can be combined into a HA cluster that supports the Active-Active or Active-Passive operation modes. You can build several HA clusters. To create a HA cluster using UGMC, the following conditions must be met:
|
Name |
Description |
|---|---|
|
Configuration cluster present |
A configuration cluster must already be created and display correctly in the managed device list. |
|
UGMC-managed interfaces present |
On UserGate devices, interfaces created and managed from UGMC must be present. Virtual IP addresses can only be assigned to interfaces that were created in UGMC templates. |
|
HA cluster requirements met |
All requirements applicable to the nodes of an HA cluster being created without using UGMC must be met. For more details on HA clusters, see the section Clustering and High Availability of UserGate 7. Administrator Guide. |
To create an HA cluster, follow these steps:
|
Task |
Description |
|---|---|
|
Step 1. Configure zones whose interfaces will participate in the HA cluster. |
In a UGMC template where zones are configured for managed devices, allow the VRRP service in the Zones section for all zones where you plan to add a virtual cluster IP address. |
|
Step 2. Create a new HA cluster. |
In one of the UGMC templates, go to the Device management --> HA cluster section, click Add, and configure the settings for the new HA cluster. |
|
Step 3. Specify a virtual IP address for the auth.captive, logout.captive, block.captive, and ftpclient.captive hosts. |
If captive-portal authorization is to be used, the system host names auth.captive and logout.captive used by the authorization procedures in the captive portal must resolve to the IP address assigned as the virtual cluster address. These settings can be configured in the General settings section of a UGMC template. They are described in more detail in the section Device Setup of UserGate 7. Administrator Guide. |
The settings for a HA cluster are listed below:
|
Name |
Description |
|---|---|
|
Enabled |
Enable or disable the HA cluster. |
|
Name |
The name of the HA cluster. |
|
Description |
A description of the HA cluster. |
|
Mode |
The HA cluster operating mode:
|
|
Sessions sync |
Enables user session synchronization mode between all nodes in the HA cluster. When enabled, this option makes switching users between devices transparent to the users themselves but adds significant load on the UserGate platform. The option is only relevant for the Active-Passive cluster mode. |
|
HA cluster multicast ID |
Multiple HA clusters can be created in a single configuration cluster. Session synchronization uses a specific multicast address defined by this parameter. A unique ID must be assigned to each group of HA clusters that requires session synchronization support within the group. |
|
Virtual router ID (VRID) |
The VRID must be unique to each VRRP cluster in the local network. If there are no 3rd party VRRP clusters in the network, it is recommended to keep the default setting. |
|
Nodes |
Select the configuration cluster nodes to combine into an HA cluster. The cluster nodes are represented by the IDs assigned to the nodes of the configuration cluster when it was created. |
|
Virtual IPs |
Assign virtual IP addresses and map them to the interfaces of the cluster nodes. Only interfaces created in a UGMC template can be used here. |