Frequently Asked Questions Regarding State Synchronization
The following section details various issues that come up when employing State Synchronization on your firewalls, regardless of the underlying HA mechanism.
13.1. How Do I Know State Synchronization Is Working?
FireWall-1 4.1 and earlier used a TCP connection to synchronize information about the connections table. This meant you could use netstat to determine whether or not synchronization was taking place. In FireWall-1 NG, the State Synchronization method cannot be tracked in this way. You could do a snoop or a tcpdump to witness the synchronization packets, but this doesn't necessarily mean State Synchronization is doing the job.
The “correct” way to check the status of synchronization ...
Get Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
