FWSM inter-chassi stateful a/a failover

jilahbg · ‎05-23-2007

Hello

I have configured failover the following way:

* Stateful

* active/active

* inter-chassi (2 c6500, each with 1 FWSM)

* failover link and stateful link on the same link (vlan 40, a dedicated link between chassies (switchport access vlan 40))

Here is the relevant configuration:

failover

failover lan unit primary

failover lan interface Vlan40 Vlan40

failover link Vlan40 Vlan40

failover interface ip Vlan40 192.168.200.253 255.255.255.252 standby 192.168.200.254

failover group 1

failover group 2

secondary

However, when deploying Cisco Security Manager (CSM) it suggest the following change in configuration:

no failover link Vlan40 vlan 40

Is this correct? What happens when the failover link command is removed from the configuration?

Best regards

Jimmy Larsson

a-vazquez · ‎05-29-2007

The failover link uses a special VLAN interface that you do not configure as a normal networking interface; rather, it exists only for failover communications. This VLAN should only be used for the failover link (and optionally for the state link). Sharing the failover link VLAN with any other VLANs can cause intermittent traffic problems and ping and ARP failures. For inter-chassis failover, use dedicated interfaces on the switch for the failover link.

On systems running in multiple context mode, the failover link resides in the system context. This interface and the state link, if used, are the only interfaces that you can configure in the system context. All other interfaces are allocated to and configured from within security contexts.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080602f98.html