03-29-2008 03:14 AM
Hi,
My Question is:
What will happen a active interface is 'shut' adminitratively in the active HA Router - my set up is using HSRP for redundancy.
To my knowledge the expected behavior is when the interface is shut the standby router need to take the action of the active router.
But in my case, when the active interface is shut administratively in active router , the router is reloaded- is this is expected behavior?
But the switch over happens without any problem and even the IPsec tunnel are active in the standby when it comes up.
Please add your comments whether the reloading of the active is right?
Regards,
Kesavamurthy Palani
03-29-2008 10:59 AM
Yes, this is the "expected" behavior. Are
you using IPSec stateful failover, IPC and/or
SSO? This is one of many "weird" behaviors
that you will find.
You can open a TAC case with Cisco and they
will tell you.
If you're going to use stateful IPSec,
Pix/ASA is a better solution since they
do not have this weirdness associate with
them.
CCIE Security
04-18-2008 01:52 AM
Hi David,
I m using IPSec stateful failover,configuring IPC zone for SSO
Are you sure this is not seen in ASA/pix,
when the interface is shut in the active box(configured sso with ipc) -will not undergo reload?
Regards,
Kesavamurthy Palani
04-18-2008 04:48 AM
Hi there,
Yes, to my knowledge, you will NOT see this
behavior in Pix because:
1- Pix does not use HSRP. In Pix Active/Standby
configuration, there are only 2 ip addresses
whereas in HSRP you have 3 ip addresses.
2- This is confirmed by my lab test and by
Cisco TAC that Pix does not have this
behavior. Pix does not use HSRP and IPC/SSO.
04-21-2008 07:15 AM
Thanks!! fyi
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide