ZyXEL Communications 3.1 User Manual
ZyWALL (ZLD) CLI Reference Guide
221
C
H A P T E R
2 5
Device HA
Use device HA to increase network reliability. Device HA lets a backup ZyWALL (B) automatically
take over if a master ZyWALL (A) fails.
take over if a master ZyWALL (A) fails.
Figure 24
Device HA Backup Taking Over for the Master
25.1 Device HA Overview
Active-Passive Mode and Legacy Mode
• Active-passive mode lets a backup ZyWALL take over if the master ZyWALL fails.
• Legacy mode uses VRRP (Virtual Router Redundancy Protocol) groups and allows for more
• Legacy mode uses VRRP (Virtual Router Redundancy Protocol) groups and allows for more
complex relationships between the master and backup ZyWALLs, such as active-active or using
different ZyWALLs as the master ZyWALL for individual interfaces. Legacy mode configuration
involves a greater degree of complexity. Active-passive mode is recommended for general
failover deployments.
different ZyWALLs as the master ZyWALL for individual interfaces. Legacy mode configuration
involves a greater degree of complexity. Active-passive mode is recommended for general
failover deployments.
• The ZyWALLs must all support and be set to use the same device HA mode (either active-passive
or legacy).
Management Access
You can configure a separate management IP address for each interface. You can use it to access
the ZyWALL for management whether the ZyWALL is the master or a backup. The management IP
address should be in the same subnet as the interface IP address.
the ZyWALL for management whether the ZyWALL is the master or a backup. The management IP
address should be in the same subnet as the interface IP address.
Synchronization
Use synchronization to have a backup ZyWALL copy the master ZyWALL’s configuration, signatures
(anti-virus, IDP/application patrol, and system protect), and certificates.
(anti-virus, IDP/application patrol, and system protect), and certificates.
Note: Only ZyWALLs of the same model and firmware version can synchronize.
A
B