08-09-2022 03:16 AM
Assuming I have a service graph that redirects the traffic to a pair of HA firewalls.
Aside from the recommendation that the IP SLA timer (probe frequency x multiplier) for PBR Policy should be greater than the actual firewall failover timer, are there any "more specific" cases of which value for frequency and multiplier is recommended for production environment? (Firewall failover timer can be configured, with minimum being 600ms (200ms heartbeat x 3), currently set to failover within 1500ms (500ms x 3))
08-09-2022 04:16 AM
SLA Timers based on the requirement, if you increase to higher level than suggested you will not get optimum results or mislead to different outcome, they need to be tested and monitor (while you doing testing)
08-09-2022 06:54 AM
can I see doc. of recommend you mention in your post ?
08-14-2022 03:22 AM
Hi,
It should be mentioned under the "Multiple active/standby HA pairs design consideration" section, in the PBR White Paper.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: