这种模式只做负载分担,不能是主备备份,因为主备备份模式下,备设备会把vlan down掉,如果是主备备份模式,那在主挂后,备的状态在切换过程中先起vlan,再建立ospf邻接,那业务会断线较久,不推荐这样做。
FW1
hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.2
hrp mirror sessio enable //在负载分担模式下一般要开启快速会话备份功能
vlan 2
port g1/0/0
prot g1/0/1
hrp track action
hrp track standby
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.1 255.255.255.0
firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/1
firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0
firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2
security-policy //暂时全允许
default action permit
FW2:
hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.1
hrp mirror sessio enable //在负载分担模式下一般要开启快速会话备份功能
vlan 2
port g1/0/0
prot g1/0/1
hrp track standby
hrp track action
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.2 255.255.255.0
firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/1
firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0
firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2
security-policy
default action permit
查看
dis hrp state ver
推荐本站淘宝优惠价购买喜欢的宝贝:
本文链接:https://www.jinbel.cn/post/8196.html 非本站原创文章欢迎转载,原创文章需保留本站地址!
微信支付宝扫一扫,打赏作者吧~
