Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1633
Views
5
Helpful
4
Replies

CCL Link in a 2 member cluster - Failure considerations

Go to solution
Juan Perez
Level 1
Level 1

‎08-13-2021 08:14 AM

Hi,

 

I have a very basic question here however I am not being able to get a clue about it anywhere. We have a 2 x 4100 Firepower device cluster which has a 4x10G CCL link between the two appliances connected via 2 intermediate switches as per CISCO´s design recommendation:

 

"For a 2-member inter-chassis cluster, do not directly connect the cluster control link from one chassis to the other chassis. If you directly connect the interfaces, then when one unit fails, the cluster control link fails, and thus the remaining healthy unit fails. If you connect the cluster control link through a switch, then the cluster control link remains up for the healthy unit."

 

 

We are in the process of replacing one of the intermediate switches and would like to know if the switch "B" that connects to 4100 "B" is powered offf (causing the CCL interface on 4100 "B" to go down while data interfaces are still up and 4100 "A" CCL and data interface UP) will cause a split brain scenario or if 4100 "B" will detect the CCL link failure, shutdown its data interfaces and will get removed from the cluster?

 

As per CISCO documentation:

 

"If units cannot reach each other over the cluster control link because of a network failure and not because a unit has actually failed, then the cluster may go into a "split brain" scenario where isolated data units will elect their own control units."

 

To me this means that a split brain will occur if something in between is malfunctioning, preventing the heartbeats to be received by the cluster members (no CCL interface down detected whatsoever), however I am not sure if the scenario described earlier will cause the same split brain situation. Any help will be higly appreciated.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni
In response to Juan Perez

‎08-16-2021 11:06 PM

When CCL goes down, FPR removes itself from the cluster too.

BR,

Milos

View solution in original post

4 Replies 4

Go to solution
Ilkin
Cisco Employee
Cisco Employee

‎08-14-2021 08:41 AM

For a cluster the state of the CCL port-channel interface matters. As long as it is up, meaning there are 1 or more member interfaces in up/up state, CCL status is considered healthy. Failure of 1 or more members, while there's at least 1 healthy interface, should not cause a problem. However, the throughput of the CCL link changes when a member interface fails, so this case should be considered as well.

0 Helpful

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni

‎08-15-2021 02:18 AM

Hi @Juan Perez,

Some network diagram would be really helpful here.

If doable, you should connect each FPR4100 to each switch, assuming that you have some stack/VSS/vPC technlogy between switches.

If you are connecting one FPR to one switch only, as soon as that switch goes off, CCL and data links will go down too, causing FPR connecting to it to disable itself out of cluster. As in cluster (even with just 2 members), each connection has its backup owner, no traffic interruption should happen (nor split brain). Upon recovery of CCL and data links, that FPR will try too re-join cluster.

BR,

Milos

0 Helpful

Go to solution
Juan Perez
Level 1
Level 1
In response to Milos_Jovanovic

‎08-16-2021 07:50 AM

Hi,

 

Thanks for the replies. My scenario is the one you described, however you state that when both CCL and data links goes down FPR will be removed from the cluster, in my case the FPR-B is connected to Switch-B with its CCL link only (data interfaces are between 2 layer 3 switches) thus in case of Switch-B failure the only interfaces down are the CCL ones, does it still gets removed from the cluster in this case? I can provide a basic diagram if this is still necessary.

0 Helpful

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni
In response to Juan Perez

‎08-16-2021 11:06 PM

When CCL goes down, FPR removes itself from the cluster too.

BR,

Milos

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card