Hello Rob,
something is not right here looks like. The test case is below.
TEST CASE - Reload standby firewall and make sure connectivity to workloads behind HA pair is not impacted. Testing on FTD version 7.2.5
- we have two vFTD Devices in HA pair managed by vFMC.
- FW-1 is active and FW-2 is standby.
"Show failover" command confirms the status and all good.
Then I run continuous pings to test workloads sitting behind this firewall pair. After that I reload the FW-2 and I monitor the live reload of FW-2 via vCenter Console as these are virtual firewalls. When FW-2 comes back up and seen by FW-1, then at the same time I see pings going down for 2 minutes. Not sure why this is happening and it is kind of very weird as active FW(FW-1) should be non-disruptively passing the traffic while configuration replication and sync happens with the rebooted standby FW(FW-2). I also tried with HA suspend on the secondary firewall FW-2 and then doing a reload on it but no luck and same issue occurs where pings are lost for 2 minutes.
Then I did a failover from FW-1 to FW-2 and FW-2 became active. Then I did a reload on FW-1 and once it comes up after reboot same issue encountered where pings are lost for 2 minutes. We are running version 7.2.5
Any information provided here will be much appreciated.
