09-02-2021 06:42 AM
I have tested the FPR 2100 HA pair switching time in lab, it took 10 sec.
For our production environment, it is too long.
I remember that ASA 55xx A/S switching is immediately.
Do you have the same time?
Maybe there are some specific settings for optimisation, please let it know.
My HA settings are default at this time.
09-02-2021 07:57 AM
09-02-2021 08:48 AM
I did it using FDM GUI and click switch mode.
09-02-2021 09:08 AM - edited 09-02-2021 09:10 AM
Hello @h.dam ,
Usually i test failover by rebooting the active unit/shutdown switch interface for the link monitored by FDM.
For the manual switch mode it triggered real time, what FDM version are you using ?
Try to switch mode from GUI and verify the show failover state from cli in same time, did it switch real time ?
09-02-2021 12:27 PM
FTD version is 6.7.0
As I said I used FDM GUI HA switch mode. Tomorrow I'll try CLI command.
I got another issue:
from FDM GUI, the reboot works but not the shutdown.
Did you try this?
09-07-2021 07:47 AM
I found out finally that it is the OSPF convergence that took time.
The failover works almost immediately.
I configured OSPF with BFD on ASA before. But FPR doesn't support it.
So after remplacement, the time is longer.
I also tried to modify the SPF timers but the result isn't what I expected.
Do anyone have an alternative solution to use on FPR instead of BFD?
09-11-2021 03:08 AM
Hi @h.dam ,
Make sure the secondary has the routes replicated from the primary.
Does your directly connected took time to re-establish the ospf neighborship or the route convergence are slow ?
Try to enable the NSF (Non stop forwarding) and let us know your experience!
Hope that helps!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: