Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

FWSM Failover times

Hi Folks

I have 2 6509's with fwsm in them. They are xconfigured in active standby failover.... default values

the 6500's are OSPF routers also. Everything is redundant HSRP, FWSM etc.

when we reboot one of the 6500's it takes approximately 45 seconds for the standby FWSM to become active.

Is this normal? can the time be shortened?

any comments appreciated.

  • Firewalling
4 REPLIES
Red

FWSM Failover times

Can you share the output of "show run failover" ????

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
New Member

FWSM Failover times

failover config

failover

failover lan unit secondary

failover lan interface fover Vlan595

failover polltime unit 5 holdtime 15

failover polltime interface 5

failover replication http

failover link fstate Vlan596

failover interface ip fover 10.252.123.1 255.255.255.252 standby 10.252.123.2

failover interface ip fstate 10.252.123.5 255.255.255.252 standby 10.252.123.6

no asdm history enable

Red

FWSM Failover times

Hi,

The initial 15 seconds detection time can be reduced to 3 seconds, by tuning failover polltime and holdtime to the following:

"failover polltime unit 1 holdtime 3"

Also keep in mind after  switchover new active will establish nbr relation with nbr router. At any point of time standby does  not participate in OSPF process.  so in short new active have to  re-establish adjacencies.

Hope that helps.

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
New Member

FWSM Failover times

I have to ask does the default settings account for the 45 sec + failover time?

396
Views
0
Helpful
4
Replies
This widget could not be displayed.