IGMP Snooping

If Internet Group Management Protocol (IGMP) snooping is enabled, this can cause issues when HA is configured to use multicast packets (the default). With IGMP enabled, the switch intelligently detects which hosts belong to a multicast to restrict the number of hosts that receive the multicast. Typically it does not detect MOVEit WAF multicasts correctly. This can lead to one of two situations - either CARP packets flow one way or they do not flow at all. This is why we recommend disabling IGMP snooping when using HA with multicast CARP packets. (IGMP has no effect when using HA with broadcast CARP packets.).

PortFast

If you do not have PortFast enabled, the following issues may occur:

  • MOVEit WAF shows as Active/Active after one unit is rebooted
  • MOVEit WAF (MW1) allows a failover to the passive MOVEit WAF unit (MW2). When the port comes back up, MW1 takes over as active even when no preferred active is set.

When you enable PortFast on the switch, the spanning tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. By default, the spanning tree sends Bridge Protocol Data Units (BPDUs) from all ports regardless of whether PostFast is enabled.

Having PostFast enabled on a switch that MOVEit WAF unit is directly connected to is advisable. If a port goes down, MOVEit WAF unit is aware right away otherwise it performs the three states.

After the changes on the vSwitch, if there is still an Active-Active state, it means the he MOVEit WAF units are on separate hosts and switch setup must be performed on the hardware switch.