This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About inssider
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About inssider
09-20-2023
1Post
0Likes
0Solutions
Sep 20, 2023Last Visited
User
Activity
User
Profile
Latest posts by inssider
| Subject | Views | Posted |
|---|---|---|
| 681 | 05-30-2023 10:49 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 04-08-2022 12:58 PM |
| Date Last Visited | 09-20-2023 10:07 PM |
| Posts | 1 |
05-30-2023
10:49 AM
I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSPF settings on the Palo, disabling OSPF graceful reset/strict LSA checking led to a vastly quicker failover. I cannot find any documentation on what the best practice is. Also, if anyone knows this, I would appreciate the theory on what exactly is supposed to happen during the HA failover with an OSPF adjacency. My understanding and hope is that the firewall that becomes active simply "continues" the OSPF adjacency, and that no new one needs to be formed. Or am I wrong here... Should the firewall actually form a new adjacency during a failover?
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks