Chapter 34 Device HA

Figure 439 Example: VRRP, Normal Operation

The VR ID is not shown. In normal operation, ZyWALL A is the master. It has the same IP address as the default gateway and forwards traffic for the network. ZyWALL B is a backup. It is using its management IP address 192.168.10.112. ZyWALL A sends regular messages to ZyWALL B to let ZyWALL B know that ZyWALL A is available. If ZyWALL A becomes unavailable, it stops sending messages to ZyWALL B. ZyWALL B detects this and assumes the role of the master. This is illustrated below.

Figure 440 Example: VRRP, Master Becomes Unavailable

192.168.10.112

ZyWALL B is now using the IP address of the default gateway, and it is forwarding packets for the network. The loss of ZyWALL A has no effect on the network.

If there is more than one backup ZyWALL, the backup ZyWALL with the highest priority becomes the master. The other backup ZyWALLs remain backups.

If ZyWALL A becomes available again, ZyWALL A preempts ZyWALL B and becomes the master again (the network returns to the state shown in Figure 439 on page 588).

Synchronization

During synchronization, the master ZyWALL sends the following information to the backup ZyWALL.

Startup configuration file (startup-config.conf)

AV signatures

IDP and application patrol signatures

588

 

ZyWALL USG 100/200 Series User’s Guide