State Link; Intra- And Inter-Chassis Module Placement; Intra-Chassis Failover - Cisco 7604 Configuration Manual
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 14
Configuring Failover
The failover link uses a special VLAN interface that you do not configure as a normal networking
interface; rather, it exists only for failover communications. This VLAN should only be used for the
failover link (and optionally for the state link). Sharing the failover link VLAN with any other VLANs
can cause intermittent traffic problems and ping and ARP failures. For inter-chassis failover, use
dedicated interfaces on the switch for the failover link.
On systems running in multiple context mode, the failover link resides in the system context. This
interface and the state link, if used, are the only interfaces that you can configure in the system context.
All other interfaces are allocated to and configured from within security contexts.
The IP address and MAC address for the failover link do not change at failover.
Note
State Link
To use Stateful Failover, you must configure a state link to pass all state information. This link can be
the same as the failover link, but we recommend that you assign a separate VLAN and IP address for the
state link. The state traffic can be large, and performance is improved with separate links.
The state link interface is not configured as a normal networking interface; it exists only for Stateful
Failover communications and, optionally, for the failover communication if you share the state and
failover links.
In multiple context mode, the state link resides in the system context. This interface and the failover
interface are the only interfaces in the system context. All other interfaces are allocated to and configured
from within security contexts.
The IP address and MAC address for the state link do not change at failover.
Note
All information sent over the failover and Stateful Failover links is sent in clear text unless you secure
Caution
the communication with a failover key.
Intra- and Inter-Chassis Module Placement
You can place the primary and secondary FWSMs within the same switch or in two separate switches.
The following sections describe each option:
•
•
Intra-Chassis Failover
If you install the secondary FWSM in the same switch as the primary FWSM, you protect against
module-level failure. To protect against switch-level failure, as well as module-level failure, see the
"Inter-Chassis Failover" section on page
Even though both FWSMs are assigned the same VLANs, only the active module takes part in
networking. The standby module does not pass any traffic.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Intra-Chassis Failover, page 14-3
Inter-Chassis Failover, page 14-4
14-4.
Understanding Failover
14-3
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
