FW1
hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.2
hrp ospf-cost adjust-enable
这条命令会自动把主设备standby的ospf的值调整为65000,再加上原来的默认cost开销值,如果是active则cost值不调整,为默认开销值。
hrp mirror sessio enable //在负载分担模式下一般要开启快速会话备份功能
interface GigabitEthernet1/0/0
undo shutdown
ip address 1.1.1.2 255.255.255.0
hrp track active
如果是负载分担就多打一条命令:hrp track standby
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.1.2 255.255.255.0
hrp track active
如果是负载分担就多打一条命令:hrp track standby
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.1 255.255.255.0
firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/1
firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0
firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2
security-policy //暂时全允许
default action permit
FW2:
hrp enable
hrp interface GigabitEthernet1/0/2 remote 172.16.0.1
hrp ospf-cost adjust-enable
hrp mirror sessio enable //在负载分担模式下一般要开启快速会话备份功能
interface GigabitEthernet1/0/0
undo shutdown
ip address 2.2.2.2 255.255.255.0
hrp track standby
如果是负载分担就多打一条命令:hrp track active
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.2.2 255.255.255.0
hrp track standby
如果是负载分担就多打一条命令:hrp track active
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.16.0.2 255.255.255.0
firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
add interface GigabitEthernet1/0/1
firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0
firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2
security-policy
default action permit
查看
dis hrp state ver