Design Principle for Monitoring Interfaces

To enable a complete failover solution, you need a monitor command on all the interfaces, in all contexts. The monitor command in FWSM in multiple context mode needs to follow the network symmetry. There are also scenarios where monitoring of all interfaces may cause failover issues, if the FWSM failover concept is not symmetric to the network.

In certain deployments of multiple context mode, the interfaces across all the contexts in the primary and secondary FWSMs situated in two separate chassis will not be symmetric.

In Figure 12-3, Department A is in context A and Department B is in context B. With failover configured with interface monitoring in both contexts, when Switch B's connection to Cat6k1 goes to a down/down state and the FWSM failover threshold is reached, the FWSM switches over to the secondary FWSM. However, Switch A for Department A will lose the connectivity to the FWSM. When you plan redundancy for the FWSM, the Layer 2 symmetry is very important. In this case, the FWSM failover is configured, and the context interfaces are not monitored. Because all interfaces are not monitored, this is not a recommended design. This type of failover will also not support a complete failure scenario.

If the EtherChannel trunks between the switches are destined to carry the failover link and state VLANs, it is desirable to have at least two Gigabit Ethernet interfaces in the channel/ trunk mode.

Figure 12-3 Design Principle for Monitoring Interfaces

Figure 12-3 Design Principle for Monitoring Interfaces

Was this article helpful?

0 0

Post a comment