HP VPN Firewall Appliances Network Management Configuration Guide
340
1.1.6.1/32 Direct 0 0 127.0.0.1 InLoop0
# Use the ping command on Host B to test the reachability of Host A (Windows XP runs on the two
hosts).
C:\Documents and Settings\Administrator>ping 1.1.2.2
Pinging 1.1.2.2 with 32 bytes of data:
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Ping statistics for 1.1.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
# Use the tracert command on Host B to test the reachability of Host A.
C:\Documents and Settings\Administrator>tracert 1.1.2.2
Tracing route to 1.1.2.2 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 1.1.6.1
2 <1 ms <1 ms <1 ms 1.1.4.1
3 1 ms <1 ms <1 ms 1.1.2.2
Trace complete.
BFD for static routes configuration example (direct next hop)
The following matrix shows the configuration example and hardware compatibility:
Hardware Com
p
atibilit
y
F1000-A-EI/F1000-S-EI No
F1000-E No
F5000 Yes
F5000-S/F5000-C No
VPN firewall modules No
20-Gbps VPN firewall modules No
Network requirements
In Figure 242, configure a static route to subnet 120.1.1.0/24 on Firewall A, and configure a static route
to subnet 121.1.1.0/24 on Firewall B. Enable BFD for both routes. Configure a static route to subnet
12 0 .1.1.0 / 24 a n d a s t a t i c ro u t e t o s u b n e t 121.1.1.0 / 24 on Router. When the link between Firewall A and
Firewall B through the Layer 2 switch fails, BFD can detect the failure immediately and inform Firewall A
and Firewall B to communicate through Router.