Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
OSPF routes are not synchronized with the standby PIX 500 Series Firewall with software version 6.x
This problem occurs due to the presence of Cisco bug ID CSCeb23798
The PIX Firewall stateful failover does not synchronize Open Shortest Path First (OSPF) states until version 6.3.x. This means that when the failover occurs, the routing information in the link-state database is not replicated to the secondary PIX. This does not mean that all connections are broken. It means that connections must wait until prefixes are installed back in the routing table before data traffic can resume.
Since the configurations are identical, the OSPF route is ultimately installed in the active unit. Once the failover occurs, the new active unit recalculates the feasible path that runs the OSPF process.
In order to resolve this issue, perform either of these steps:
Configure floating static routes that replace the OSPF routes.
Download and upgrade the PIX software version to the latest version available.