Compare USG9100 to USG5300, what are the differences about two-node cluster hot backup?

Publication Date:  2012-09-10 Views:  214 Downloads:  0
Issue Description
Compare USG9100 to USG5300, what are the differences about two-node cluster hot backup?
Alarm Information
Null
Handling Process
1. USG9100 doesn’t support firewall composite-hrp permit-backupforward
USG9100 is same as E8000E, configure in vlan to enable permit-backupforward. It means that execute “hrp track master” on master firewall and “hrp track slave” on slave firewall in the same vlan.

2. USG9100 support that main control board interface work as assistant heartbeat interface.
The packets of main control board between master firewall and slave firewall need to transmit by service board. Long process affects the stability of two-node cluster hot backup and out-of order packets affect the VRP processing performance. On USG9100, main control board interface work as assistant heartbeat interface to backup the backup data of main control board, such as: configuration command, the entry of main control board.
Notice: It can’t build up two-node cluster hot backup by only using main control board interface as heartbeat interface.

3. USG9100 doesn’t support transfer-only.
USG9100 doesn’t support transfer-only. But it can do it by the method as follow:
Configure VRRP (or hrp track master/slave) that can affect the priority, and vice versa.

4. USG9100 could not be configured VRRP backup group.
USG5000 have to be configured VRRP backup group, but USG9100 didn’t. And you have to choose one between VRRP backup group and hrp track master/slave.
Root Cause
Null
Suggestions
Null

END