Virtual Router/ Firewall/ VPN

Reply
New Contributor
Posts: 3
Registered: ‎03-09-2017

need a checklist to know the list of parameters that should be verified before and after failover

Hi All,

 

 We are thinking to write a script to checks the parameters that are required to be verified before and after the firewall failover.

 

Can someone please help me with the checklist for this. I am new to firewall and not sure on what all we need to check during the failover.

Frequent Contributor
Posts: 103
Registered: ‎04-07-2011

Re: Hi.. Can someone please help me in getting the checklist during failover in vyatta firewall.

Hello @anu neni

 

I spoke with a TAC representative regarding your question and this was his response:

 

"I’m not 100% sure what he means by “list of parameters”. We normally use the firewall together with VRRP for redundancy and configure the synchronization to make sure that both firewalls are in-sync.

 

One can issue command show vrrp to make sure that both firewall routers are working properly after failover and show config-sync status to check if configuration has become out-of-sync."

 

We hope this helps! If you have any follow-up questions about this, please let us know.

 

Best Regards,

 

Denise K.

Brocade Community Team

@DeniseK

 

Brocadian
Posts: 21
Registered: ‎06-17-2015

Re: need a checklist to know the list of parameters that should be verified before and after failover

At least, you need to verify that the size of the session table and the volume of traffic are about the same before and after the failover, by using "show session-table statistics" and "show interfaces dataplane <interface_name>" for all interfaces and look at bitrates and packet rates for the last 1, 5, and 15 minutes.

Depending on the size of the session table, you might also want to check all entries and see if there are major differences and if there are any sessions missing, which timeout was not due to expire during the failover.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook