freeGuard 100 CLI User Manual
207
that this cluster unit always becomes the primary cluster unit.
password
<password_str>
Enter a password for the HA cluster. The password must be the
same for all freeGuard 100s in the HA cluster. The maximum
password length is 15 characters.
No default
priority
<priority_integer>
Optionally set the unit priority of the cluster unit. Each cluster
unit can have a different unit priority (the unit priority is not
synchronized among cluster members). During HA negotiation,
the unit with the highest unit priority becomes the primary
cluster unit. The unit priority range is 0 to 255. You can use the
unit priority to control the order in which cluster units become
the primary cluster unit when a cluster unit fails.
128
route-hold
<hold_integer>
The time that the primary unit waits betweensending routing
table updates to subordinateunits in a cluster. The route hold
range is 0 to 3600 seconds. To avoid the flooding routing table
updates tosubordinate units, set route-hold to a relatively long
time to prevent subsequent updates from occurring too quickly.
The route-hold time should be coordinated with the route-wait
time. See the route-waitdescription for more information.
10
route-ttl <ttl_integer>
The time to live for routes in a cluster unit routing table.
The time to live range is 0 to 3600 seconds.
The time to live controls how long routes remain active in a
cluster unit routing table after the cluster unit becomes a
primary unit. To maintain communication sessions after a
cluster unit becomes a primary unit, routes remain active inthe
routing table for the route time to live whilethe new primary unit
acquires new routes. Normally, the route-ttl is 0 and the primary
unit must acquire new routes before it cancontinue processing
traffic. Normally acquiringnew routes occurs very quickly so
only a minor delay is caused by acquiring new routes. If the
primary unit needs to acquire a very large number of routes, or
if for other reasons, there is a delay in acquiring all routes, the
primary unit may not be able to maintain all communication
sessions. You can increase the route time to live if
communication sessions are lost after a failover so that the
primary unit can use routes that are already in the routing table,
instead of waiting to acquire new routes.
0
route-wait
<wait_integer>
The time the primary unit waits after receiving a routing table
update before sending the update to the subordinate units in
the cluster.
For quick routing table updates to occur, set
route-wait
to a
relatively short time so that the primary unit does not hold
routing table changes for too long before updating the
subordinate units.
The
route-wait
range is 0 to 3600 seconds. Normally,
because the route-wait time is 0 seconds the primary unit sends
routing tableupdates to the subordinate units every time the
0
Содержание freeGuard 100
Страница 1: ...freeGuard 100 UTM Firewall CLI USER S MANUAL P N F0025000 Rev 1 1...
Страница 3: ......
Страница 7: ......
Страница 87: ...80 The config ips anomaly command has 1 subcommand config limit...
Страница 183: ...176...
Страница 309: ...302 100 from a TFTP server with the address 192 168 21 54 set vpn certificates local import branch_cert 192 168 21 54...