PIX Active/Standby Cable Failover with zero downtime?

Unanswered Question

Chaps,


We have a pair of 515e's with cable based failover running 8.0(2).


Apparently in the past when one of the PIX's was turned off the failover was almost instant, recently it's taken about 30 secs.  Any idea what could be wrong.


'show xlate' on the stanbdby shows that it's getting stateful connections.


There have been no significant changes to the or upgrades, just new a few new servers/services added.


Any help appreciated,


Jim

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Wed, 04/28/2010 - 06:01
User Badges:
  • Cisco Employee,

Here is the default failover timeout on PIX:

- unit failover: poll time: 15 seconds with hold time of 45 seconds:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/ef.html#wp1928426


- interface failover: poll time: 5 seconds with hold time 5 times the poll time: 25 seconds --> which is approximately 30 seconds:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/ef.html#wp1928586

Jennifer Halim Wed, 04/28/2010 - 06:16
User Badges:
  • Cisco Employee,

You are right. No, if it detects that the other unit is powered off, it should automatically fail over. Maybe the serial cable is faulty.

Actions

This Discussion

Related Content