Add a High Availability Pair
Threat Defense High Availability (also known as failover) is configured within the application, not in FXOS. However, to prepare your chassis for high availability, see the following steps.
Before you begin
Procedure
Step 1 | Allocate the same interfaces to each logical device. |
Step 2 | Allocate 1 or 2 data interfaces for the failover and state link(s). These interfaces exchange high availability traffic between the 2 chassis. We recommend that you use a 10 GB data interface for a combined failover and state link. If you have available interfaces, you can use separate failover and state links; the state link requires the most bandwidth. You cannot use the management-type interface for the failover or state link. We recommend that you use a switch between the chassis, with no other device on the same network segment as the failover interfaces. For container instances, data-sharing interfaces are not supported for the failover link. We recommend that you create subinterfaces on a parent interface or EtherChannel, and assign a subinterface for each instance to use as a failover link. Note that you must use all subinterfaces on the same parent as failover links. You cannot use one subinterface as a failover link and then use other subinterfaces (or the parent interface) as regular data interfaces. |
Step 3 | Enable High Availability on the logical devices. See High Availability. |
Step 4 | If you need to make interface changes after you enable High Availability, perform the changes on the standby unit first, and then perform the changes on the active unit. |