Nortel Switched Firewall 2.3.3 User’s Guide and Command Reference
336
Command reference
213455-L, October 2005
N
OTE
–
Both Firewall hosts in the cluster must have the same configuration.
Table 61
VRRP Settings Menu (/cfg/net/vrrp)
Command Syntax and Usage
ha y|n
This command is used to enable (
y
) or disable (
n
) high-availability VRRP. Two iSD
hosts, must be installed and configured for you to enable HA and apply the setting. Nei-
ther AA or Cluster XL can be enabled.
aa y|n
This command is used to enable (
y
) or disable (
n
) active-active VRRP. Two iSD hosts
must be installed and configured for you to enable AA and apply the setting. Neither HA
or Cluster XL can be enabled.
clusterxl y|n
This command enables (
y
) or disables (
n
) support for Cluster XL, the Check Point
VRRP solution. Two iSD hosts must be installed and configured for you to enable Clus-
ter XL. Neither HA or AA may be enabled. Cluster XL does not work with Proxy Arp.
N
OTE
–
If Cluster XL is enabled, the iSD host gateway may not be the same as ip1 or ip2
(verify static routes against ip1 and ip2 addresses).
adint <1-3600>
This command displays the current advertisement interval in seconds and provides the
option to change it. A VRRP advertisement message is sent by the active master to the
backup. Only the active master sends VRRP advertisement messages. If the backup does
not receive a VRRP advertisement from the active master within the adint interval,
VRRP will initiate
VRRP failover
(see
VRRP failover on page 120
. The default value is
3. It is also the lowest recommended value.
garp [1-600]
This command displays the current Gratuitous Address Resolution Protocol (GARP)
value in seconds and allows you to set it. When the backup determines that the active
master has failed, it immediately flashes a GARP message (an unsolicited ARP
response) to all end-hosts on the virtual router interface. Then the backup delays a period
of time set by the garp value before it begins sending continuous GARP messages (see
the gbcast command). The flash GARP message forces end-hosts to update their ARP
caches with the MAC address/IP address mapping for the newly active iSD host instead
of waiting for end-hosts to learn it via periodic ARP requests.
The default value is 1.