如何把当前状态为主的Juniper ScreenOS防火墙手工切换为备机
发布网友
发布时间:2022-05-02 01:11
共1个回答
热心网友
时间:2023-10-08 23:14
ISG2000_A(M)-> get nsrp
nsrp version: 2.0
cluster info:
cluster id: 5, no name
local unit id: 6612736
active units discovered:
index: 0, unit id: 6612736, ctrl mac: 001bc064e71f, data mac: 001bc064e720
index: 1, unit id: 6581504, ctrl mac: 001bc0646d1f, data mac: 001bc0646d20
total number of units: 2
VSD group info:
init hold time: 5
heartbeat lost threshold: 3
heartbeat interval: 1000(ms)
master always exist: disabled
group priority preempt holddown inelig master PB other members
0 50 no 3 no myself 6581504
total number of vsd groups: 1
Total iteration=43663730,time=1289556165,max=370164,min=141,average=29
RTO mirror info:
run time object sync: enabled
ping session sync: enabled
coldstart sync done
nsrp data packet forwarding is enabled
nsrp link info:
control channel: ethernet3/3 (ifnum: 31) mac: 001bc064e71f state: up
data channel: ethernet3/4 (ifnum: 32) mac: 001bc064e720 state: up
ha secondary path link not available
NSRP encryption: disabled
NSRP authentication: disabled
device based nsrp monitoring threshold: 255, weighted sum: 0, not failed
device based nsrp monitor interface:
device based nsrp monitor zone:
device based nsrp track ip: (weight: 255, disabled)
number of gratuitous arps: 4 (default)
config sync: enabled
track ip: disabled
从上面红色部分可知,当前防火墙为主设备,未开启“抢占”模式。现要把当前防火墙切换为备机,可通过以下命令完成:
ISG2000_A(M)-> exec nsrp vsd-group 0 mode ?
backup backup
ineligible ineligible
init init
pb primary backup
ISG2000_A(M)-> exec nsrp vsd-group 0 mode backup ?
<return>
