Changing clustering configuration

Clustering is usually configured when you install the proxy. You can, however, configure clustering afterward, or at any time, in the Content Gateway manager.

Steps

  1. Go to the Configure > My Proxy > Basic > Clustering tab.
  2. Under Cluster > Type:
    • Select Management Clustering to include this proxy in a cluster.
    • Select Single Node if this node is not part of a cluster.
  3. Under Interface, enter the name of the network interface. This is the interface used by Content Gateway to communicate with other nodes in the cluster.
    • It is recommended that you use a dedicated secondary interface.
    • Node configuration information is multicast, in plain text, to other Content Gateway nodes on the same subnet. Therefore, as a best practice, clients should be located on a separate subnet from Content Gateway nodes (multicast communications for clustering are not routed).
    • On Forcepoint appliances, P1 is the recommended interface. You may also use P2, however, if you are not using it for Internet egress traffic and want to isolate cluster management traffic.
  4. In the Cluster Multicast Group Address area, enter the multicast group address that all members of the cluster share (224.0.1.37 by default).
    Warning: Ensure that the multicast IP address does not conflict with the address used by any other application or service.

    If there is a conflict and the Content Gateway node is allowed to restart, it will fail to initialize the interface and the Content Gateway instance will shut down. You can verify the condition by examining /var/log/messages and looking for a message similar to:

    [LocalManager::initCCom] Unable to find network interface eth2.#011 Exiting

    To correct the problem, identify a unique multicast IP address that will work for all members of the cluster and do one of the following:

    • If Content Gateway is on an appliance, see the Forcepoint Appliances CLI Guide.
    • If Content Gateway is installed on a Linux server:
      1. Log on to the server and go to /opt/WCG/config.
      2. Edit (vi) records.config.
      3. Find proxy.config.cluster.mc_group_addr and assign it the value of the multicast IP address.
      4. Save and close the file.
      5. Check each member of the cluster to ensure that they are all using the same multicast IP address.
      6. Restart the node.
  5. Click Apply.
  6. Select the General tab and click Restart.
    Important: Content Gateway does not apply the clustering mode change to all of the nodes in the cluster. You must change the clustering mode on each node individually.