SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
227
Hardware Failover > Settings
C
HAPTER
37
Chapter 37: Setting Up Hardware Failover
Hardware Failover > Settings
Hardware Failover allows two identical SonicWALL PRO Series security appliances running SonicOS
Enhanced to be configured to provide a reliable, continuous connection to the public Internet. In the
event of the failure of the Primary SonicWALL, the Backup SonicWALL takes over to secure a reliable
connection between the protected network and the Internet.
How Hardware Failover Works
Hardware Failover requires one SonicWALL device configured as the Primary SonicWALL, and an
identical SonicWALL device configured as the Backup SonicWALL. During normal operation, the
Primary SonicWALL is in an Active state and the Backup SonicWALL in an Idle state. When a failure
on the Primary SonicWALL occurs, the Backup SonicWALL transitions to Active mode and assumes
the configuration and role of Primary. The failover applies to loss of functionality or network-layer
connectivity on the Primary SonicWALL.
SonicWALL security appliance configuration is performed on only the Primary SonicWALL, with no
need to perform any configuration on the Backup SonicWALL. The Backup SonicWALL contains a
real-time mirrored configuration of the Primary SonicWALL via a dedicated Ethernet link. If the
firmware configuration becomes corrupted on the Primary SonicWALL, the Backup SonicWALL
automatically refreshes the Primary SonicWALL with the last-known-good copy of the configuration
preferences.
The Primary and Backup SonicWALL appliances have unique MAC addresses and communicate via
the X3 interface on the PRO2040 series, and via the X5 interface on the PRO3060/4060/5060 series.
The dedicated HF interface link transmits all synchronization information from the Primary
SonicWALL to the Backup SonicWALL.
There are two types of synchronization: incremental and complete. If the timestamps are in sync and
a change is made on the Active unit, an incremental sync is pushed to the Idle unit. If the timestamps
are out of sync and the Idle unit is available, a complete sync is pushed to the Idle unit. When
incremental synchronization fails, a complete synchronization is automatically attempted.
Crash Detection
The Hardware Failover feature has a thorough self-diagnostic mechanism for both the Primary and
Backup SonicWALL security appliances. The failover to the Backup SonicWALL occurs when critical