Hello Experts

The below features are supported in centralized clustering mode. Does it mean that all other types of traffic are handled equally in both cluster units? Does it matter if any node is active or standby in the cluster, as long as both take interface traffic? This would mean that the control plane is in active/standby role but the forwarding plane interfaces are in active/active.

********************************************************************************

The following features are only supported on the primary unit, and are not scaled for the cluster. For example, you have a cluster of three units. The Other VPN license allows a maximum of 20,000 site-to-site IPsec tunnels. For the entire cluster of three units, you can only use 20,000 tunnels; the feature does not scale.

Note

Traffic for centralized features is forwarded from member units to the primary unit over the cluster control link. If you use the rebalancing feature, traffic for centralized features may be rebalanced to non-master units before the traffic is classified as a centralized feature; if this occurs, the traffic is then sent back to the primary unit. For centralized features, if the primary unit fails, all connections are dropped, and you have to re-establish the connections on the new primary unit.

• Site-to-site VPN

• The following application inspections:

  • DCERPC

  • NetBIOS

  • RSH

  • SUNRPC

  • TFTP

  • XDMCP

• Dynamic routing

• Static route monitoring

********************************************************************************