FWSM inter-chassi stateful a/a failover

Unanswered Question
May 23rd, 2007


I have configured failover the following way:

* Stateful

* active/active

* inter-chassi (2 c6500, each with 1 FWSM)

* failover link and stateful link on the same link (vlan 40, a dedicated link between chassies (switchport access vlan 40))

Here is the relevant configuration:


failover lan unit primary

failover lan interface Vlan40 Vlan40

failover link Vlan40 Vlan40

failover interface ip Vlan40 standby

failover group 1

failover group 2


However, when deploying Cisco Security Manager (CSM) it suggest the following change in configuration:

no failover link Vlan40 vlan 40

Is this correct? What happens when the failover link command is removed from the configuration?

Best regards

Jimmy Larsson

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
a-vazquez Tue, 05/29/2007 - 09:56

The failover link uses a special VLAN interface that you do not configure as a normal networking interface; rather, it exists only for failover communications. This VLAN should only be used for the failover link (and optionally for the state link). Sharing the failover link VLAN with any other VLANs can cause intermittent traffic problems and ping and ARP failures. For inter-chassis failover, use dedicated interfaces on the switch for the failover link.

On systems running in multiple context mode, the failover link resides in the system context. This interface and the state link, if used, are the only interfaces that you can configure in the system context. All other interfaces are allocated to and configured from within security contexts.



This Discussion