The Dual-system Hot Backup (master/slave) Fails When the Save Firewall Starts Before the Master One

Publication Date:  2012-07-25 Views:  362 Downloads:  0
Issue Description

1.          Two firewalls of the same model implement dual-system hot backup in master/slave mode. They are connected to a core switch for traffic diversion.

2.          After a simulated shutdown, the slave firewall is started. The master firewall is not powered off at this time, but the service network cable is removed. The heartbeat link between the master firewall and the slave firewall is still up.

3       Policy-based routing of the core switch fails to be recovered, and the slave firewall fails to forward packets normally.
Alarm Information
None.
Handling Process
Remove the heartbeat cable too when you remove the service cable of the master firewall, and then start the slave firewall.
Root Cause
When the dual-system hot backup works in master/slave mode, the master firewall works. After the master firewall is down, the slave firewall takes over the work of the master firewall. Because the master firewall is still powered on and the heartbeat link is on, the slave firewall can detect that the master firewall is online through the heartbeat link. However, because the service cable is removed from the master firewall, the core switch regards that the master firewall is down, and policy-based routing on the core switch does not take effect.
Suggestions
When you perform an off-line test on firewalls implementing dual-system hot backup in master/slave mode, remove the heartbeat cable if you simulate a master firewall shutdown by removing the service cable rather than powering off the master firewall.  

END