Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2239
Views
0
Helpful
2
Replies

Memory Upgrade ASA 5520 with 8.2.4 - Active/Standby Election Question

malmgren
Level 1
Level 1

‎03-01-2011 11:43 AM - edited ‎03-11-2019 12:59 PM

Hey all, I have a quick question WRT the memory upgrade process on our Active/Standby pair running 8.2.4.

We plan on following the Cisco method of upgrading memory, by performing the upgrade first on the standby, powering on and failing over to it, then performing the upgrade on the old-active, powering it on, then failing back to normal state.

I know that mismatched memory is ok during the upgrade, but my question is with the active/standby election that takes place.  If we put the ASA that was previously standby back into the rack, connect the cables, and power on - will there be a new election for active ASA, or will the current Active ASA stay as active, and the standby will remain as standby?  And does it matter which one is configured: "failover lan unit secondary|primary"

Is there any problem in powering on the Standby ASA, checking that the memory is ok, and THEN plugging in the connections, including the FO link?  Or is it advisable to power on the Standby ASA with all connections attached?

Thanks, Matt

Labels:
0 Helpful
2 Replies 2

malmgren
Level 1
Level 1

‎03-01-2011 12:03 PM

I saw this on another site:

If one of the security Cisco ASA boots up and detects an active failover  unit, it goes into the standby state regardless of its primary or  secondary designation.

But - that's assuming that all ethernet cables are attached, including the FO state cable.   What if we power on the box (to verify the memory has been seen) and THEN plug in the ethernet cables including the FO state cable?   What happens then?  If the newly-upgraded standby ASA is previously configured as the primary, does it become new-active even though the real active is already running on the network?

Thanks, Matt

0 Helpful

jubetz
Level 1
Level 1
In response to malmgren

‎03-01-2011 06:31 PM

This is true:

If one of the security Cisco ASA boots up and detects an active failover  unit, it goes into the standby state regardless of its primary or  secondary designation.

What if we power on the box (to verify the memory has been seen) and  THEN plug in the ethernet cables including the FO state cable?   What  happens then?  If the newly-upgraded standby ASA is previously  configured as the primary, does it become new-active even though the  real active is already running on the network?

At that point, two active units see each other on the failover link.  Primary wins if both have all their interfaces up, even if it wasn't passing any traffic.  Plug everything in before you boot.

Thanks!

-jb

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card