HP VPN Firewall Appliances High Availability Configuration Guide
59
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enable stateful failover in a
specified mode.
dhbk enable backup-type
{ dissymmetric-path |
symmetric-path }
Disabled by default.
Enabling automatic configuration synchronization
To implement service backup between two devices (A and B, for example), make sure the service status,
service data, and service configurations on the two devices are consistent. You can enable automatic
configuration synchronization on A and use the default configuration on B. After that, A automatically
synchronizes configurations of the service modules that support stateful failover to B in real time.
To enable automatic configuration synchronization:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enable the local device to
perform automatic
configuration synchronization
to the peer.
dhbk configuration-backup master
[ synchronization ]
By default, a device only receives
backup configuration from the
peer.
If the synchronization keyword is
specified, the local device
automatically synchronizes
configurations of the service
modules that support stateful
failover to the peer. If the
synchronization keyword is not
specified, automatic
synchronization is not performed.
Configuring a failover interface and a backup VLAN
Failover interfaces send and receive stateful failover packets for data backup. Stateful failover packets
are identified by the backup VLAN. Each stateful failover device adds the backup VLAN tag to the
stateful failover packets, and sends the packets through the failover interface. Only the packets that are
received from failover interfaces and carry the backup VLAN tag are treated as stateful failover packets.
Do not configure other services for the backup VLAN. Otherwise, the operation of stateful failover might
be affected.
To configure a failover interface and a backup VLAN:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Configure a failover interface
and a backup VLAN.
dhbk interface interface-list vlan
vlan-id
By default, no failover interface or
backup VLAN is specified.