Hi guys, I'm starting to configure the failover functionality between two 6509 switches with a fwsm in both. I just had a hypothetical question.
Here's the scenario:
Connected to both of these 6509 switches I have a 3560 acting as a dmz zone. I have a link between the 3560 and both of the 6509 switches. I configured a vlan for this dmz. This vlan is being used by the both of the fwsm's as one of the interfaces. I configured failover so that if one interface fails then the fwsm as a whole fails. I then configured the fwsm's to monitor the dmz interface.
My question is what happens to the fwsm's if the dmz (3560) switch stops passing traffic and dies?
Both fwsm's will detect the dmz vlan as down. Will the active fwsm fail over to the standby even though the standby fwsm will be considered failed as well since its dmz vlan is also down?
Will this put both fwsm's in the failed state and prevent either one from passing legitimate traffic?
Thanks for any light somebody can shed on this for me.
With software release 8.3(1) and later releases, in redundant systems, the integrated 720-Gbps switch fabric supports a high-availability failover to the standby switch fabric. High availability must be enabled for the failover to work .enter the set system highavailability enable command).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...