Active/Passive Cluster ID and the Virtual MAC Address
If you configure more than one active/passive FireCluster on the same subnet, it is important to know how to set the Cluster ID to avoid a possible virtual MAC address conflict. The default Cluster ID is 50.
You must reboot the Firebox after you change the Cluster ID.
How the Virtual MAC Address is Calculated
The virtual MAC addresses for interfaces on an active/passive FireCluster are Virtual Router Redundancy Protocol (VRRP) virtual MAC addresses. VRRP virtual MAC addresses start with 00:00:5E:00:01. The sixth octet of the MAC address is set to a value that is the hexadecimal equivalent of the interface number plus the Cluster ID.
For example, for a FireCluster with the Cluster ID set to 50, the virtual MAC addresses are:
Interface 0: 00:00:5E:00:01:32
Interface 1: 00:00:5E:00:01:33
Interface 2: 00:00:5E:00:01:34
If you add a second FireCluster to the same subnet, you must make sure to set the Cluster ID to a number that is different enough from the Cluster ID of the first FireCluster to avoid a virtual MAC address conflict. For example, if the first FireCluster has 5 interfaces, you must set the Cluster ID of the second FireCluster at least 5 higher than the Cluster ID for the first FireCluster.
For example, if the second FireCluster has the Cluster ID set to 56, the virtual MAC addresses are:
Interface 0: 00:00:5E:00:01:38
Interface 1: 00:00:5E:00:01:39
Interface 2: 00:00:5E:00:01:40
For more information about VRRP, go to RFC 3768.