Cisco Cisco Email Security Appliance C160 Mode D'Emploi
39-29
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 39 Centralized Management Using Clusters
Best Practices and Frequently Asked Questions
Q. I would like to reconfigure the IP address and hostname on one of my clustered appliances. If I do
this, will I lose my GUI/CLI session before being able to run the reboot command?
this, will I lose my GUI/CLI session before being able to run the reboot command?
Follow these steps:
a.
Add the new IP address
b.
Move the listener onto the new address
c.
Leave the cluster
d.
Change the hostname
e.
Make sure that oldmachinename does not appear in the
clusterconfig
connections list when
viewed from any machine
f.
Make sure that all GUI sessions are logged out
g.
Make sure that CCS is not enabled on any interface (check via
interfaceconfig
or Network >
Listeners)
h.
Add the machine back into the cluster
Q. Can the Destination Controls function be applied at the cluster level, or is it local machine level only?
It may be set at a cluster level; however, the limits are on a per-machine basis. So if you limit to 50
connections, that is the limit set for each machine in the cluster.
connections, that is the limit set for each machine in the cluster.
Planning and Configuration
Q. What can I do to maximize efficiency and minimize problems when setting up a cluster?
1.
Initial Planning
–
Try to configure as many things as possible at the cluster level.
–
Manage by machines only for the exceptions.
–
If you have multiple data centers, for example, use groups to share traits that are neither
cluster-wide nor necessarily machine-specific.
cluster-wide nor necessarily machine-specific.
–
Use the same name for Interfaces and Listeners on each of the appliances.
2.
Be aware of restricted commands.
3.
Pay attention to interdependencies among settings.
For example, the
listenerconfig
command (even at the cluster level) depends on interfaces that
only exist at a machine level. If the interface does not exist at the machine level on all machines in
the cluster, that listener will be disabled.
the cluster, that listener will be disabled.
Note that deleting an interface would also affect
listenerconfig
.
4.
Pay attention to your settings!
Remember that previously-configured machines will lose their independent settings upon joining a
cluster. If you want to re-apply some of these previously configured settings at the machine level,
be sure to take note of all settings before joining the cluster.
cluster. If you want to re-apply some of these previously configured settings at the machine level,
be sure to take note of all settings before joining the cluster.
Remember that a “disconnected” machine is still part of the cluster. When it is reconnected, any
changes you made while it was offline will be synchronized with the rest of the cluster.
changes you made while it was offline will be synchronized with the rest of the cluster.
Remember that if you permanently remove a machine from a cluster, it will retain all of the settings
it had as part of that cluster. However, if you change your mind and re-join the cluster, the machine
will lose all standalone settings.
it had as part of that cluster. However, if you change your mind and re-join the cluster, the machine
will lose all standalone settings.