Knowledge Search


How to enable the NSRP dynamic route synchronisation feature

  [KB15690] Show Article Properties

This article describes the prerequisites and steps needed to replicate dynamic routing protocol routes (OSPF, BGP, RIP) to your passive firewall in an NSRP cluster

This applies to all devices running ScreenOS 6.0.0r1 and above.

Starting in ScreenOS 6.0.0r1, you can use the command:

set nsrp rto-mirror route

Which will replicate all dynamic routes from the active primary member to the backup NSRP member.  Without this command, if a fail over occurs, it may take several seconds for the dynamic adjacencies to re-establish, and sessions can be interrupted or dropped as a result.

It should be noted that route sync is supported only for VSD-group 0.
If used for any other groups, the following error is observed:

FW> set nsrp rto-mirror route
Please unset the other VSD groups. route-sync feature is usable only with vsd-group 0

Related Links: