sendarp Appears in Netasq 9 0 0
interfaceslipflop appears in Netasq 9 0 1
tokentimeout appears in 9 0 4
MulticastAddr appears in 2 0 0
LACPWhenPassive appears in 2 6 0
ConnOlderThan appears in 3 2 0
SynchronizationDelay appears in 3 5 0
DelayConnUpd replaces ConnOlderThan in 4 0 0
LACPMembersHaveWeight appears in 3 10 0
FailoverMembersHaveWeight appears in 4 3 0


Initialize an HA cluster


password=<ha password> ifname=<interface user name> [ifname2=<interface user name>]
[waitingpeertimeout=<0-9999>] [SynchronizationDelay=<0-9999>] [purgearp=<0|1>] [sendarp=<0|1>]
[sendarpperiod=<1-9999>] [secure=<0|1>] [nbping=(0-300)]
[interfacesflipflop=<0-20000>] [tokentimeout=<1-99999>] [MulticastAddr=<multicast IPv4>] [LACPWhenPassive=<0|1>] [DelayConnUpd=<integer>] [LACPMembersHaveWeight=<0|1>] [FailoverMembersHaveWeight=<0|1>]


Error code


Interfaces are expected to be ethernet or vlan interfaces

Argument "peer_waiting_timeout" indicates how long each firewall must wait at boot before considering their peer as offline is given in seconds
Default value for "peer_waiting_timeout" is 10s

Argument "purge_arp" indicates if the ARP table must be purged when the firewall becomes active (default is 0)

send_arp and send_arp_period defines if an ARP packet must be send periodically by the active firewall as a reminder for other machines (default: 0, default period: 5s)

If secure is set to 1, connections sync packets will be encrypted However you may experience reduced performances (default is 0)

nbping indicates how many ICMP requests must be sent once Corosync consider the peer to be dead This is used to confirm that the Corosync notification wasn't a false-positive due to an overload on the peer ICMP requests are sent with an interval of 50ms Set this value to 0 to disable the confirmation mechanism
interfacesflipflop indicates how long, in milliseconds, non-HA interfaces must go down when the firewall becomes passive This is intended to reduce issues with the ARP tables of switchs during user-requested HA swaps when using a bridged network configuration Bringing non-HA interfaces down should force the switchs to flush their ARP tables This approach does not work with all switchs (default is 1000, 0 to disable)
tokentimeout indicates how long Corosync must wait when it doesn't get any message from the peer(s) Once this delay is passed, Corosync will notify Stated Stated will then try to ping the peer If Stated doesn't get any reply either, the local firewall will become active
MulticastAddr indicates the multicast address used for Corosync communication between firewalls
LACPWhenPassive indicates if the passive firewall should take part to the lacp negociation or re-negociate lacp when swap happens
DelayConnUpd indicates that connections living less than this value (in seconds) won't be synchronized
LACPMembersHaveWeight indicates if the LACP members are included in the quality computation
FailoverMembersHaveWeight indicates if the Failover members are included in the quality computation


CONFIG HA CREATE password=password ifname=vlan0