Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
1
Replies

ASA5540 failover traffic not passing

damrut5763
Level 1
Level 1

‎04-02-2009 05:56 AM - last edited on ‎03-25-2019 05:42 PM by Community Manager

I have ASA5540 running in failover mode. When on the primary firewall all is well however when it failover to the backup can't pass traffic to the internet configs are exact. Also see this in my internet router logg: Apr 2 11:03:50: %OSPF-5-ADJCHG: Process 100, Nbr 10.1.1.2 on GigabitEthernet0/0 from LOADING to FULL, Loading Done

Apr 2 11:05:46: %OSPF-5-ADJCHG: Process 100, Nbr 10.1.1.2 on GigabitEthernet0/0 from LOADING to FULL, Loading Done. Is this a normal condition?

Labels:
0 Helpful
1 Reply 1

vmoopeung
Level 5
Level 5

‎04-08-2009 03:09 PM

The error %OSPF-5-ADJCHG: Process ID , Nbr [ip-address] on GigabitEthernet 1/0/3 from FULL to DOWNis caused due to Bidirectional Forwarding Detection (BFD) errors. BFD can potentially generate false alarms-signaling a link failure when one does not exist.

The timers used for BFD are so intensive CPU cycle, or a brief interval of data corruption or queue congestion could potentially cause BFD to miss enough control packets to allow the detect-timer to expire. The Minimum Transmit Interval, Minimum Receive Interval and Multiplier are recommended to be set as 100 100 3 respectively. Configuring process-max-timer 50 is also recommended to prevent unpredictable CPU unavailability.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card