Does an AR support HSB

1

Starting from V200R003C01, all AR models support the hot standby (HSB) function. However, AR routers support HSB only when they are deployed as firewalls.

Other related questions:
How is HSB configured on an AR
AR routers support HSB only when they are deployed as firewalls to ensure that user services are not interrupted when a firewall fault occurs. The HSB configuration is the same on all AR models of all versions. The following describes the HSB configuration on AR2240 of V200R006 as an example. To ensure enterprise intranet security, company A deploys a firewall between the intranet and extranet. All traffic must pass through the firewall; therefore, the firewall failure leads to interruption of all traffic. Company A deploys two firewalls in active/standby mode. Company A requires that if FW_A becomes faulty, FW_B takes over services from FW_A to ensure uninterrupted network running. The HSB configuration is as follows: 1. Configure interface IP addresses to ensure that devices can communicate. # Configure FW_A. The configuration of FW_B is similar to that of FW_A, and is not mentioned here. [Huawei] sysname FW_A [FW_A] interface gigabitethernet 2/0/0 [FW_A-GigabitEthernet2/0/0] ip address 10.1.1.1 24 [FW_A-GigabitEthernet2/0/0] quit [FW_A] interface gigabitethernet 1/0/0 [FW_A-GigabitEthernet1/0/0] ip address 192.168.1.1 24 [FW_A-GigabitEthernet1/0/0] quit # Configure Switch. [Huawei] sysname Switch [Switch] vlan 100 [Switch-vlan100] quit [Switch] interface gigabitethernet 0/0/1 //The configuration of GE0/0/2 is similar to that of GE0/0/1, and is not mentioned here. [Switch-GigabitEthernet0/0/1] port hybrid pvid vlan 100 [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 100 [Switch-GigabitEthernet0/0/1] quit 2. Configure a VRRP group. # Configure VRRP group 1 on FW_A, and set the priority of FW_A in VRRP group 1 to 120. [FW_A] interface gigabitethernet 2/0/0 [FW_A-GigabitEthernet2/0/0] vrrp vrid 1 virtual-ip 10.1.1.111 [FW_A-GigabitEthernet2/0/0] vrrp vrid 1 priority 120 [FW_A-GigabitEthernet2/0/0] quit # Configure VRRP group 1 on FW_B. The priority of FW_B in VRRP group 1 is the default value 100. [FW_B] interface gigabitethernet 2/0/0 [FW_B-GigabitEthernet2/0/0] vrrp vrid 1 virtual-ip 10.1.1.111 [FW_B-GigabitEthernet2/0/0] quit 3. Configure HSB. # Configure HSB service 0 on FW_A and FW_B, and configure the IP addresses and port numbers for the active and standby channels. [FW_A] hsb-service 0 [FW_A-hsb-service-0] service-ip-port local-ip 192.168.1.1 peer-ip 192.168.1.2 local-data-port 10241 peer-data-port 10241 [FW_A-hsb-service-0] quit [FW_B] hsb-service 0 [FW_B-hsb-service-0] service-ip-port local-ip 192.168.1.2 peer-ip 192.168.1.1 local-data-port 10241 peer-data-port 10241 [FW_B-hsb-service-0] quit # Configure HSB group 0 on FW_A and bind HSB service 0 and VRRP group 1 to it. The configuration of FW_B is similar to that of FW_A, and is not mentioned here. [FW_A] hsb-group 0 [FW_A-hsb-group-0] bind-service 0 [FW_A-hsb-group-0] track vrrp vrid 1 interface gigabitethernet 2/0/0 # Enable HSB on FW_A and FW_B to make the HSB group configuration take effect. [FW_A-hsb-group-0] hsb enable [FW_B-hsb-group-0] hsb enable

Principles of HSB
The AR supports the HSB function. HSB implementation involves data synchronization and traffic switching. Data synchronization is performed to ensure consistent information on the master and backup devices when the two devices are working normally. Traffic switching is performed to ensure non-stop service forwarding when the master device fails or recovers. The principle for data synchronization is to establish active and standby channels between devices that back up each other. Session entries of the master device can be synchronized to the backup device through the channel at one time, in real time, or periodically. The principle for traffic switching is based on negotiation between the master device and the backup device using VRRP. When the master device fails, a new master device is elected based on VRRP priorities and the traffic is switched to the master device. For details, see “HSB Configuration�?in AR100&AR120&AR150&AR160&AR200&AR1200&AR2200&AR3200&AR3600 V200R008 CLI-based Configuration Guide - Reliability.

Does an AR support VPDN
VPDN uses the following tunneling protocols: - Point-to-Point Tunneling Protocol (PPTP) - Layer 2 Forwarding (L2F) - Layer 2 Tunneling Protocol (L2TP) The AR supports L2TP, but does not support PPTP or L2F. However, it can forward PPTP and L2F packets. L2TP has advantages of both PPTP and L2F and is widely used. It is used when a single or a few terminals remotely connect to an intranet through a public network.

Does the AR support L2TP
The AR supports L2TPv2 from V200R002C00.

Does an AR support L2TPv3
AR routers support L2TPv2 but not L2TPv3.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top