Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HA IPSec reload

I have an HA IPSec router pair that has HSRP between them. In a normal senario when a link fails it causes the router to reload.

I would like to delay the reload up to 5 seconds after a link failure to prevent erronious reloads.

does anyone know if there is a configuration to delay the reload? this is the section that I believe the delay would be configured.

ipc zone default

association 1

no shutdown

protocol sctp

local-port 5555

local-ip 10.10.10.1

retransmit-timeout 500 15000

path-retransmit 10

remote-port 5555

remote-ip 10.10.10.2

3 REPLIES
New Member

Re: HA IPSec reload

try

standby [group-number] priority

priority [preempt [delay [minimum |

sync] delay]]

New Member

Re: HA IPSec reload

Thanks but no cigar.

It did not delay te reload upon link failure.

I thought that the reload was a function of SCTP. and the ha redundandcy scheme inter-device.

any other ideas?

Re: HA IPSec reload

Hello,

afaik there is no "reload delay timer". So the only option I can think of would be to experiment with interface keepalive timers to overcome short link flaps. This will of course depend on the type of interface and L2 protocol in place.

Hope this helps! Please rate all posts.

Regards, Martin

123
Views
4
Helpful
3
Replies
CreatePlease to create content