How to enable the NSRP dynamic route synchronisation feature in netscreen firewalls

 Network  Add comments
Mar 152010
 

This article describes the prerequisites and steps needed to replicate dynamic routing protocol routes (OSPF, BGP, RIP) to your passive firewall in an NSRP cluster

Procedure to follow

Starting in ScreenOS 6.0.0r1, you can use the command from ssh terminal of your firewall

set nsrp rto-mirror route

Which will replicate all dynamic routes from the active primary member to the backup NSRP member.  Without this command, if a fail over occurs, it may take several seconds for the dynamic adjacencies to re-establish, and sessions can be interrupted or dropped as a result.

Related content:

  1. Fix for Unable to delete static routes in Cisco catalyst switch
  2. How to determine what device mac address is on what port on your Cisco switch
  3. Howto fix SSH connection to the netscreen firewall does not work
  4. Network Interface Configuration Using ifconfig
  5. Ddclient - Update IP addresses at dynamic DNS service
Share
 Posted by Admin at 4:04 pm

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

   
© 2011 Debian Admin