1. Manuals
  2. Brands
  3. Huawei Manuals
  4. Switch
  5. S9700 Series
  6. Configuration manual

Configuring Dual-System Hsb; Establishing The Configuration Task - Huawei S9700 Series Configuration Manual

Terabit routing switches spu
Hide thumbs Also See for S9700 Series:
Table of Contents

Advertisement

S9700 Core Routing Switch
Configuration Guide - SPU
l
l
l
Status Information Synchronization in Batches
l
l
l
l
l
l
l
Dual-System HSB Duration
l
l
l
l

7.3 Configuring Dual-System HSB

This section describes the application and configuration of dual-system HSB.

7.3.1 Establishing the Configuration Task

Before configuring dual-system HSB, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the required data. This helps you complete the
configuration task quickly and accurately.
Issue 01 (2012-03-15)
The interval for sending heartbeat packets and the number of times for retransmitting
heartbeat packets can be set on the TCP channel.
TCP connections can be set up between the active and standby firewalls.
The VRRP module supports smooth switchback.
After the channel through which dual-system HSB data is synchronized is set up, firewalls
synchronize the status information in batches.
Only the status information associated with the VRRP master device of the active firewall
needs to be synchronized to the standby firewall. The active firewall instructs batch backup
at the forwarding layer.
The remote backup protocol of firewalls is supported.
The upper-layer information between firewalls can be backed up.
The active and standby modules of a firewall monitor the VRRP status.
The forwarding backup module can back up the traffic forwarding table to the peer firewall.
When the peer firewall receives the synchronized status information,
– it generates the local status information.
– it updates the number of TCP, UDP, and ICMP connections for the source and
destination IP addresses.
– it updates the NAT address allocation table.
A firewall is powered on; the VRRP management group selects the master and backup
devices; the traffic between security zones is filtered by the firewall. This process takes
less than 10s.
The VRRP management group is switched; the traffic between security zones is filtered by
the firewall and user sessions are not interrupted. This process takes less than 2s.
The process of firewalls synchronizing all the status information in batches takes less than
15s.
The delay in synchronizing the status information between two HSB firewalls is less than
1s.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
7 Dual-System HSB Configuration
300

Advertisement

Table of Contents
loading

Related Manuals for Huawei S9700 Series

Related Content for Huawei S9700 Series

Table of Contents