Single FE Link for State/Link PIX Failover

Discussion in 'Cisco' started by Matthew Melbourne, Jan 9, 2005.

  1. Are there any disadvantages to using the same physical FastEthernet link
    for the LAN-based Failover "link status" and the stateful synchronisation
    link on a fairly lightly loaded PIX 515E pair?

    Is the issue the possibility of the LAN-based failover 'keepalives' not
    arriving in a timely fashion if the traffic associated with stateful
    replication starts to monopolise the link?

    Cheers,

    Matt
     
    Matthew Melbourne, Jan 9, 2005
    #1
    1. Advertisements

  2. Matthew Melbourne

    AJN Guest

    Hi,

    Indeed, it's possible to share the LAN-based failover interface with
    statefull failover interface under lightly loaded configuration, but Cisco
    recommend to use a dedicated LAN-based failover interface (with dedicated
    switch) , because if all connectivity between PIX's is lost both could
    become active.



    Another advantage of the LAN-based failover is distance limitation, and the
    weakness is the delayed detection of its peer power loss, consequently
    causing a relatively longer period for failover to occur (intermediate
    switches delays + cable delay).
     
    AJN, Jan 10, 2005
    #2
    1. Advertisements

  3. I could not experience any difference or delays in failover when using
    dedicated LAN connections compared to serial failover-cable. At least
    that is true when directly connecting PIX 525 or 535 over dedicated
    66-MHz SX gigabit ethernet cards.

    Cheers,
    Alexander
     
    Alexander Apathy, Jan 10, 2005
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.