Jump to content
  • Hello visitors, welcome to the Hacker World Forum!

    Red Team 1949  (formerly CHT Attack and Defense Team) In this rapidly changing Internet era, we maintain our original intention and create the best community to jointly exchange network technologies. You can obtain hacker attack and defense skills and knowledge in the forum, or you can join our Telegram communication group to discuss and communicate in real time. All kinds of advertisements are prohibited in the forum. Please register as a registered user to check our usage and privacy policy. Thank you for your cooperation.

    TheHackerWorld Official

Recommended Posts

一、现有情况

目前有两台深信服AC使用eth2口作为HA口,使用一根网线互联。

ac网络配置-1024x376.png
ac高可用-1024x816.png

二、本次需求

再增加一根心跳线,启用备HA口,以实现两台AC之间有两根心跳线。

三、实现步骤

操作前备份AC配置!

1、在AC主机A上修改部署模式,将eth3口加入到DMZ口,配置IP地址9.9.9.1/24,然后提交,此时A会重启, B由备机切换成主机,A重启完成后,此时B仍然是主机,A是备机;

2、修改B的部署模式,将eth3口加入到DMZ口,配置IP地址9.9.9.2/24,然后提交,此时B重启,A由备机切换成主机,B重启完成后,仍然是备机;

3、修改A的高可用性配置,将eth3口加入到备HA口,修改HA口的配置会提交重启高可用的进程,一旦进程重启时没有检测到备机,就会切换,一般设置的间隔时间是5秒钟,一般是不会引起主备切换,但是仍有一定几率会引起主备切换,B由备机切换成主机;

4、修改B的高可用性配置,将eth3口加入到备HA口,修改HA口的配置有一定几率会引起主备切换,A由备机切换成主机;

5、将A的eth3口与B的eth3口连接网线,整个过程完成。

四、影响范围

整个过程会发生4次主备切换,每次切换预计30秒左右,会短暂影响业务。

五、回退措施

如果配置后,HA状态异常或者业务中断,则优先恢复业务,回退本次修改的配置,并处理相关问题。

Link to post
Link to comment
Share on other sites

 Share

discussion group

discussion group

    You don't have permission to chat.
    • Recently Browsing   0 members

      • No registered users viewing this page.
    ×
    ×
    • Create New...