Topology is as above. The firewall enables two OSPF processes. It enables process 1 with CMNET and enables process 2 with internal network. The process 2 learns CMNET default routing and it doesn’t force to issue the default routing. Two sets of firewall through process 2 learnt the cost of the default routing is less than the cost of the process 1. In testing we found the main firewall A doesn’t select the default routing issued by CMNET in process 2, but preferred select the default routing issued by the backup firewall which is learnt from process 1, causes the internet business flow round from firewall A to firewall B, leads to the business is interrupted.
Adjust the priority of the OSPF process to make the firewall select the right routing.
To the V3 version, when enabled OSPF multi-threaded process, the two processes learnt the default routing 0.0.0.0 which is sent from peer end at the same time, the priority of the two routings are the same, though the COST values are different, the routing manager RM would always select the routing which is added in at first and would not consider the COST values.