ASA5540 failover traffic not passing

Unanswered Question
Apr 2nd, 2009

I have ASA5540 running in failover mode. When on the primary firewall all is well however when it failover to the backup can't pass traffic to the internet configs are exact. Also see this in my internet router logg: Apr 2 11:03:50: %OSPF-5-ADJCHG: Process 100, Nbr 10.1.1.2 on GigabitEthernet0/0 from LOADING to FULL, Loading Done

Apr 2 11:05:46: %OSPF-5-ADJCHG: Process 100, Nbr 10.1.1.2 on GigabitEthernet0/0 from LOADING to FULL, Loading Done. Is this a normal condition?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmoopeung Wed, 04/08/2009 - 15:09

The error %OSPF-5-ADJCHG: Process ID , Nbr [ip-address] on GigabitEthernet 1/0/3 from FULL to DOWNis caused due to Bidirectional Forwarding Detection (BFD) errors. BFD can potentially generate false alarms-signaling a link failure when one does not exist.

The timers used for BFD are so intensive CPU cycle, or a brief interval of data corruption or queue congestion could potentially cause BFD to miss enough control packets to allow the detect-timer to expire. The Minimum Transmit Interval, Minimum Receive Interval and Multiplier are recommended to be set as 100 100 3 respectively. Configuring process-max-timer 50 is also recommended to prevent unpredictable CPU unavailability.

Actions

This Discussion