-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 E. M. Recio <[EMAIL PROTECTED]> wrote: > > > The secondary noticed the lack of advertisements from the primary, > > but the primary did not relinquish its priority because it saw no > > problem. > > The cause is correct, and it seems to make sense to me, however since > it's all on one VRID, shouldn't all interfaces have switched over?
The secondary is unfortunately not in control of the situation. It saw an opportunity to assume a master role on one interface, but the primary continues to assert a master role on the other interfaces. What should the secondary do? Raise its priority above the primary's? How can the secondary be sure that this is the right thing to do? After all, the primary fails to relinquish the master role, because it believes that nothing is wrong. Perhaps the secondary would be similarly mistaken if it were to attempt to assert mastership. The two devices really do not have enough information to determine with certainty what the correct action should be. > Also, I was talking to the Nokia Tech Support, and they mentioned > something about a Sync connection, he swore up and down that he was > talking about a VRRP sync connection, not FW-1's state table sync. He is probably thinking of Nokia's Cluster Sync connection which has nothing to do with VRRP. > > VRRP does not solve every problem, is the lesson here. > > I don't think my boss is going to like that answer. :( VRRP was simply not designed to detect the type of failure you experienced. And in fact, I'm not sure that any HA protocol could have done any better in that situation. - -- David DeSimone == Network Admin == [EMAIL PROTECTED] "This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, dis- tribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you." --Lawyer Bot 6000 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFIR2odFSrKRjX5eCoRApLuAKCSKPu+70TRK0kmjB3b0Gb7lSkaSwCfTCQe 6g0qR/rg8MIFbvluh03OJp4= =WCoP -----END PGP SIGNATURE----- Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
