If you spend time working with Cisco ASA's in a failover configuration and you want to get a history of failures on the device the you should use the "show failover history" and "show failover" commands. I typically only use the "show failover" command when working on interface status (what is being watched for failover criteria) and the state of the interfaces themselves plus which unit is active and which is standby or failed. The nice thing about the "show failover history" command is it tells you when things happened in terms of failover status. Here is some sample output:
fw-1# sh fail history
==========================================================================
From State To State Reason
==========================================================================
07:49:22 PST Feb 4 2010
Not Detected Negotiation No Error
07:50:07 PST Feb 4 2010
Negotiation Just Active No Active unit found
07:50:07 PST Feb 4 2010
Just Active Active Drain No Active unit found
07:50:07 PST Feb 4 2010
Active Drain Active Applying Config No Active unit found
07:50:07 PST Feb 4 2010
Active Applying Config Active Config Applied No Active unit found
07:50:07 PST Feb 4 2010
Active Config Applied Active No Active unit found
14:04:39 PST Feb 11 2010
Active Failed Interface check
14:04:41 PST Feb 11 2010
Failed Standby Ready Interface check
14:04:46 PST Feb 11 2010
Standby Ready Just Active Failover state check
14:04:46 PST Feb 11 2010
Just Active Active Drain Failover state check
14:04:46 PST Feb 11 2010
Active Drain Active Applying Config Failover state check
14:04:46 PST Feb 11 2010
Active Applying Config Active Config Applied Failover state check
14:04:46 PST Feb 11 2010
Active Config Applied Active Failover state check
==========================================================================
So you can see that you get a history and state changes of the failover status. What is nice is that you don't have to do a debug to capture these status changes and it is in a nice summary table.
- Ed
3 comments:
Absolutely useless! Thank you! ;-)
2nded completely useless. Is this your first command on cisco ever?
I found it useful
Post a Comment