Cisco Cisco Email Security Appliance C190 Guía Del Usuario
35-2
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 35 Centralized Management Using Clusters
Cluster Requirements
Cluster Requirements
•
Machines in a cluster must have resolvable hostnames in DNS. Alternatively, you can use IP
addresses instead, but you may not mix the two.
addresses instead, but you may not mix the two.
See
. Cluster communication is normally initiated using
the DNS hostnames of the machines.
•
A cluster must consist entirely of machines in the same series (X-Series and C-Series are
compatible).
compatible).
For example, Cisco X1000, C60, C600, C30, C300, and C10 appliances can be in the same cluster;
however, C60 and A60 appliances cannot be in the same cluster. If you attempt to add an
incompatible appliance to an existing cluster, an error message explaining why that appliance cannot
be added to the cluster will be displayed.
however, C60 and A60 appliances cannot be in the same cluster. If you attempt to add an
incompatible appliance to an existing cluster, an error message explaining why that appliance cannot
be added to the cluster will be displayed.
•
A cluster must consist entirely of machines running the same version of AsyncOS.
See
for how to upgrade members of a cluster.
•
Machines can either join the cluster via SSH (typically on port 22) or via the Cluster Communication
Service (CCS).
Service (CCS).
See
•
Once machines have joined the cluster, they can communicate via SSH or via Cluster
Communication Service. The port used in configurable. SSH is typically enabled on port 22, and by
default CCS is on port 2222, but you can configure either of these services on a different port.
Communication Service. The port used in configurable. SSH is typically enabled on port 22, and by
default CCS is on port 2222, but you can configure either of these services on a different port.
In addition to the normal firewall ports that must be opened for the appliance, clustered machines
communicating via CCS must be able to connect with each other via the CCS port. See
communicating via CCS must be able to connect with each other via the CCS port. See
.
•
You must use the Command Line Interface (CLI) command
clusterconfig
to create, join, or
configure clusters of machines.
Once you have created a cluster, you can manage non-cluster configuration settings from either the
GUI or the CLI.
GUI or the CLI.
See
and
•
Machines in a cluster must have one of the following SSHD ciphers—3des-cbc or blowfish-cbc, to
establish connection. For instructions to set SSHD ciphers and methods, see
establish connection. For instructions to set SSHD ciphers and methods, see
Cluster Organization
Within a cluster, configuration information is divided into 3 groupings or levels. The top level describes
cluster settings; the middle level describes group settings; and the lowest level describes
machine-specific settings.
cluster settings; the middle level describes group settings; and the lowest level describes
machine-specific settings.