Knowledge Search


×
 

How to enable the NSRP dynamic route synchronisation feature

  [KB15690] Show Article Properties


Summary:
This article describes the prerequisites and steps needed to replicate dynamic routing protocol routes (OSPF, BGP, RIP) to your passive firewall in an NSRP cluster
Symptoms:

Solution:
This applies to all devices running ScreenOS 6.0.0r1 and above.

Starting in ScreenOS 6.0.0r1, you can use the command:

set nsrp rto-mirror route

Which will replicate all dynamic routes from the active primary member to the backup NSRP member.  Without this command, if a fail over occurs, it may take several seconds for the dynamic adjacencies to re-establish, and sessions can be interrupted or dropped as a result.


It should be noted that route sync is supported only for VSD-group 0.
If used for any other groups, the following error is observed:

FW> set nsrp rto-mirror route
Please unset the other VSD groups. route-sync feature is usable only with vsd-group 0

Related Links: