04-02-2008 06:32 AM - edited 03-03-2019 09:22 PM
Okay guys so I'm sort of in a predicament. I currently have a set of firewalls in active standby configuration running an ospf process injecting a default route into the rest of my network.
I noticed when i was testing the failover that the asa's do not actually pass the route tables on failover, thus forcing the need to wait for routes to converge and for the default route to be advertised back into the network. This of course is not acceptable.
Is there a way around this or do I have to setup static default routes on every device in my network. I am trying to avoid setting up default routes on all of the devices because due to the setup of my network I have equal cost links configured in the event of hardware or link failure. So the devices then see an advertised default route from multiple paths.
Any help would be appreciated.
04-11-2008 06:04 AM
In a failover configuration, the two units must have the same hardware configuration They must be the same model, have the same number and types of interfaces, and the same amount of RAM.
Note The two units do not have to have the same size Flash memory. If using units with different Flash memory sizes in your failover configuration, make sure the unit with the smaller Flash memory has enough space to accommodate the software image files and the configuration files. If it does not, configuration synchronization from the unit with the larger Flash memory to the unit with the smaller Flash memory will fail.
06-13-2011 09:47 PM
you are right - you will have to setup static routes.
Dynamic Route tables are not stateful and OSPF will have to reconverge after Failover to the Standby node.
HTH
06-13-2011 09:48 PM
EIGRP will converge faster but than OSPF and EIGRP comparison is a total different topic which might point OSPF as a better choice
05-17-2012 09:58 PM
With 8.4.1 there is a new high-availability feature for OSPF and EIGRP:
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/intro_intro.html
Stateful Failover with Dynamic Routing Protocols: Routes that are learned through dynamic routing protocols (such as OSPF and EIGRP) on the active unit are now maintained in a Routing Information Base (RIB) table on the standby unit. Upon a failover event, traffic on the secondary active unit now passes with minimal disruption because routes are known.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide