What FirePOWER protocol provides gateway redundancy for IPv4 and IPv6 addresses on routed or hybrid interfaces?
A . ECLB
B . SFRP
C . OSPF
D . WCCP
Answer: B
Explanation:
SFRP
You can configure Cisco Redundancy Protocol (SFRP) to achieve network redundancy for high availability on either a 7000 or 8000 Series device high-availability pair or individual devices. SFRP provides gateway redundancy for both IPv4 and IPv6 addresses. You can configure SFRP on routed and hybrid interfaces.
If the interfaces are configured on individual devices, they must be in the same broadcast domain. You must designate at least one of the interfaces as master and an equal number as backup. The system supports only one master and one backup per IP address. If network connectivity is lost, the system automatically promotes the backup to master to maintain connectivity.
The options you set for SFRP must be the same on all interfaces in a group of SFRP interfaces. Multiple IP addresses in a group must be in the same master/ backup state. Therefore, when you add or edit an IP address, the state you set for that address propagates to all the addresses in the group. For security purposes, you must enter values for Group ID and Shared Secret that are shared among the interfaces in the group.
To enable SFRP IP addresses on a virtual router, you must also configure at least one non-SFRP IP address.
For 7000 or 8000 Series devices in a high-availability pair, you designate the shared secret and the system copies it to the high-availability pair peer along with the SFRP IP configuration. The shared secret authenticates peer data.
Link: https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/Setting_Up_Virtual_Routers.html
Leave a Reply