Huawei firewall vrrp+hrp dual-machine hot standby master and backup (switches at both ends) - Code World

Huawei firewall vrrp+hrp dual-machine hot standby master and backup (switches at both ends)

Language 2023-12-27 18:58:21 views: null

Insert image description here
By default, both vrrp masters are on the left, up and down.

Working principle:
When vrrp is powered on, it is in the initialize state first, and then switches to the active or standb state.

HRP uses port 18514 and uses unicast. It requires policy release and the master device sends HRP heartbeat messages.

If the device is in the active state, the automatic priority is 65001. If there is a fault, it automatically decreases by 2 and becomes 64999. It will forward itself to the standby state for a short time and is invisible to the user.

If the main device interface is down and the main device is switched to the standby state, the interface will remain in the initialize state.

If it is in standby state, the automatic priority is 65000.

Main configuration:

FW1

hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.2

interface GigabitEthernet1/0/0
undo shutdown
ip address 1.1.1.2 255.255.255.0
vrrp vrid 2 virtual-ip 1.1.1.1 active

interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.1.2 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1 active

interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.1 255.255.255.0

firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/1

firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0

firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2

security-policy //temporarily allow all
default action permit

FW2:

hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.1

interface GigabitEthernet1/0/0
undo shutdown
ip address 1.1.1.3 255.255.255.0
vrrp vrid 2 virtual-ip 1.1.1.1 standby

interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.1.3 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1 standby

interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.2 255.255.255.0

firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/1

firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0

firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2

security-policy
default action permit

Check:

dis hrp state verbose

Guess you like

Origin blog.csdn.net/ydaxia110/article/details/134346807

Huawei firewall vrrp+hrp dual-machine hot standby master and backup (switches at both ends)

Huawei firewall vrrp+hrp dual-machine hot backup load sharing (both ends are switches)

Huawei firewall dual-machine hot standby active backup and load sharing configuration example (running ospf for routing at both ends)

Huawei Firewall vrrp+hrp Dual-Machine Hot Standby Master und Backup (Switches an beiden Enden)

Huawei Firewall vrrp+hrp Dual-Machine Hot Standby Master und Backup (Switches an beiden Enden)

Huawei Firewall vrrp+hrp Dual-Machine Hot Standby Master und Backup (Switches an beiden Enden)

Huawei Firewall vrrp+hrp Dual-Machine Hot Standby Master und Backup (Switches an beiden Enden)

Dual-machine hot standby load sharing configuration in Huawei firewall Layer 2 transparent mode (both ends are routers)

Huawei firewall dual-machine hot standby configuration case (without vrrp)

Huawei firewall hot standby (details VRRP, VGMP)

MySql master-slave replication dual-machine hot backup

Play with Huawei ENSP simulator series | IPSec gateway active and standby dual-machine hot standby

H3C firewall dual-machine hot standby experiment

Dual-machine hot standby load sharing configuration in Huawei firewall Layer 2 transparent mode (both ends are routers)

Dual-machine hot standby load sharing configuration in Huawei firewall Layer 2 transparent mode (both ends are routers)

Huawei Firewall - hot standby technology

Principle Huawei firewall VRRP hot standby configuration in detail and

Principle Huawei firewall VRRP hot standby configuration and examples

nginx+keepalive master-slave dual-machine hot standby + automatic switching solution

MYSQL dual-machine hot standby experience

Configuration of dual-machine hot standby experiment

Firewall dual-machine hot backup, DHCP server, core switch load sharing and redundancy design

Firewall connects to router to achieve enterprise-level practice of dual-machine hot backup

Firewall docking switch realizes dual-machine hot backup enterprise-level practice

Mycat+Mysql master-slave replication to achieve dual-machine hot backup

【Firewall】Firewall hot standby

Nginx-keepalived dual-machine hot standby cluster

Play with Huawei ENSP simulator series | IPSec gateway load sharing dual-machine hot backup, uplink and downlink connection routers

linux————Keepalived—web dual-machine hot backup

[IT Operation and Maintenance] Rsync realizes Linux dual-machine hot backup

Recommended

Ranking

#2019110700005

What materials and procedures are required for patent transfer

What is the blockchain Ethereum triplet state root transaction root receipt root

Front-end study notes 04 --- About the insertion of html pictures and videos

Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries

2017 Qingdao-site tournament I The Squared Mosquito Coil

[BZOJ3165][HEOI2013]Segment (line segment tree without marking)

Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju

The latest tutorial on making framework for iOS

DAX Section 6: Statistical Functions

Daily

More

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)