06-06-2007 07:26 AM - edited 03-11-2019 03:25 AM
Hello.
I have two FWSMs, running in Failover Active/Standby mode. I would like to run OSPF on one of the FWSM's interface (int vlan2). I have two questions regarding that:
1) Will both FWSMs participate in the OSPF, even when the Primary is working ? I mean, will both FWSM's will be seen as ospf neighbors, and will receive/send LSAs as long as both up, or the primary FWSM will be the only one to participate in the OSPF process?
2) I have configured Failover as follows:
!
nameif vlan2 outside security0
!
ip address outside 10.235.2.1 255.255.255.240 standby 10.235.2.2
!
If both FWSMs participate in the OSPF, and I would like to configure the "router-id" for each. Which address should I take for that, assuming that I would like to use the ip address of vlan2 on both ? Should I take 10.235.2.1 as the router-id for the primary FWSM, and 10.235.2.2 for the secondary FWSM ?
Please advise,
Boaz.
06-11-2007 08:31 AM
hi,
i have two sets of 6513's (4) with fwsm (4) in active/standby mode and as far i can see the standby fwsm aren't doing anything but idle (and looking in the mirrow how beautiful they are)... so i think the standby unit will not participate. but since i don't have the same setup as yours i can't be sure.
bt
06-14-2007 11:28 AM
Hi,
Since you configure once and configuration is replicated to the standby unit, you cannot configure different ospf router-id - this is the answer for our second question. And, of course the standb unit does not participate in OSPF. That's why if you are using some kind of TACACS+ or other auth to log-in to the device and the route to it is learned over OSPF keep in mind to put one static route to the tacacs or you won't be able to log-in into the standby device:)
And one more advice - tune your OSPF timers - when switching from primary to standby this is critical, believ me:)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide