Example High Availability Setup; How Rapid Failover Is Accomplished - D-Link DFL-1600 User Manual
Network security firewall
Hide thumbs
Also See for DFL-1600:
- Quick manual (22 pages) ,
- User manual (552 pages) ,
- Log reference manual (476 pages)
Table of Contents
Advertisement
29.2. How Rapid Failover is Accomplished
29.1.3
Example High Availability setup
All the interfaces of the primary firewall need to be present on the back-up
firewall, and connected to the same networks. As previously mentioned,
failover is not done unnecessarily, so either firewall may maintain the active
role of the cluster for an extended period of time. Hence, connecting some
equipment to only the "master" or only the "slave" firewall is bound to
produce unwanted results.
As you can see in figure 29.1, both firewalls are connected to the internal as
well as the external network. If there are more networks, for instance one or
more demilitarized zones, or internal network segments, both firewalls will
also have to be connected to such networks; just connecting the "master" to
a network will most likely lead to loss of connectivity for extended periods
of time.
29.2
How Rapid Failover is Accomplished
This section includes the following topics:
The shared IP address and the failover mechanism
Cluster heartbeats
The synchronization interface
Figure 29.1: Example HA Setup.
D-Link Firewalls User's Guide
303
Advertisement
Table of Contents
