49-4
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 49 Configuring Failover
Understanding Failover
When one unit starts while the other unit is already active, the unit that is starting up receives the
configuration from the already active unit.
After both units are running, commands are replicated from one unit to the other as follows:
Commands entered within a security context are replicated from the unit on which the security
context is in the active state to the peer unit.
Note A context is considered in the active state on a unit if the failover group to which it belongs
is in the active state on that unit.
Commands entered in the system execution space are replicated from the unit on which failover
group 1 is in the active state to the unit on which failover group 1 is in the standby state.
Commands entered in the admin context are replicated from the unit on which failover group 1 is in
the active state to the unit on which failover group 1 is in the standby state.
Failure to enter the commands on the appropriate unit for command replication to occur will cause the
configurations to be out of synchronization. Those changes may be lost the next time the initial
configuration synchronization occurs.
Note When bootstrapping the peer devices in an Active/Active Failover configuration, the bootstrap
configurations are only applied to the system contexts of the respective failover peer devices.
In an Active/Active failover configuration, failover occurs on a failover group basis, not a system basis.
For example, if you designate both failover groups as active on the primary unit, and failover group 1
fails, failover group 2 remains active on the primary unit, while failover group 1 becomes active on the
secondary unit.
Note When configuring Active/Active failover, make sure that the combined traffic for both units is within the
capacity of each unit.
Stateful Failover
Note Stateful failover is not supported on the ASA 5505 appliance.
When stateful failover is enabled, the active unit in the failover pair continually updates the current
connection-state information on the standby unit. When failover occurs, supported end-user applications
are not required to reconnect to maintain the current communication session.
Note The IP and MAC addresses for the state and LAN failover links do not change at failover.
To employ stateful failover, you must configure a link to pass all state information to the standby unit.
If you are using a LAN failover connection rather than the serial failover interface (which is available
only on the PIX platform), you can use the same interface for the state link and the failover link.
However, we recommend that you use a dedicated interface for passing state information to the standby
unit.
The following information is passed to the standby unit when stateful failover is enabled: