Huawei firewall dual-machine hot standby configuration case (without vrrp)

Idea:
IP, routing, and ospf need to be configured separately on two firewalls. HRP will not be synchronized.
Other zones and policies will be synchronized. Just configure them on the master.

FW_A main configuration:

hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.2

interface GigabitEthernet1/0/0
undo shutdown
ip address 12.1.1.1 255.255.255.0
service-manage ping permit

interface GigabitEthernet1/0/1
undo shutdown
ip address 1.1.1.2 255.255.255.0
service-manage ping permit

interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.1 255.255.255.0
service-manage ping permit

firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/0

firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/1

firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2

ospf 1
default-route-advertise //Both the active and backup servers must issue
area 0.0.0.0
network 12.1.1.1 0.0.0.0

ip route-static 0.0.0.0 0.0.0.0 1.1.1.5

security-policy
default action permit

nat-policy //Only configured on the primary, HRP will be automatically synchronized to the backup
rule name internet
source-zone trust
destination-zone untrust
source-address 10.1.1.0 mask 255.255.255.0
action source-nat easy-ip

FW_B main configuration

hrp enable
hrp standby-device //Specify yourself as the standby
hrp interface GigabitEthernet1/0/2 remote 172.16.0.1

interface GigabitEthernet1/0/0
undo shutdown
ip address 11.1.1.1 255.255.255.0
service-manage ping permit

interface GigabitEthernet1/0/1
undo shutdown
ip address 1.1.1.1 255.255.255.0
service-manage ping permit

interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.2 255.255.255.0
service-manage ping permit

firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/0

firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/1

firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2

ospf 1
default-route-advertise
area 0.0.0.0
network 11.1.1.1 0.0.0.0

ip route-static 0.0.0.0 0.0.0.0 1.1.1.5

security-policy
default action permit

nat-policy
rule name internet
source-zone trust
destination-zone untrust
source-address 10.1.1.0 mask 255.255.255.0
action source-nat easy-ip