Re: Monitor Physical Interfaces for Failover -Portchannel in multi con

adamgerber · ‎11-23-2022

Hi -

We have a multi context firewall with portchannel subinterfaces.

Is there a way to failover monitor the individual physical ethernets bundled into the portchannel?

So if one of the physical Ethernet links in the port-channel goes down, we want the firewall (all contexts) to fail over to the secondary firewall.

KR,

Adam

balaji.bandi · ‎11-23-2022

you have system/managment context access you can monitor that.

best we monitor switch side where they connected.

Monitor : i take it for utlisation - not failover monitor right ?

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

adamgerber · ‎11-23-2022

Hi - apologies if I was not clear. This is for failover monitoring. So if one of the physical Ethernet links in the port-channel goes down, we want the firewall to fail over to the secondary firewall.

balaji.bandi · ‎11-24-2022

The advantage of the port-channel is for the high availability,

take an example, if the port channel has 4 ports, even if 1 link goes down rest 3 work as expected.

for the sub-interface will not have that visibility. and work as expected.

until you context resource physically allocated and used in that context, you will not see a physical interface in the context at all.

good practice I have seen in the deployment is always monitor allocated interface (in your case sub interface to fail over)

Hope that helps you.

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Monitor Physical Interfaces for Failover -Portchannel in multi context