Device HA Enhancements in uOS 1.32

Zyxel_Claudia
Zyxel_Claudia Posts: 171  Zyxel Employee
Network Detective-New Adventure Badge Network Detective Badge First Comment Friend Collector
edited May 7 in Other Topics

High availability (HA) is a cornerstone of reliable network infrastructure, and with uOS 1.32, Zyxel introduces a comprehensive set of Device HA enhancements to improve stability, simplify troubleshooting, and increase visibility into your failover systems.

What’s New in Device HA?

1. HA Status LED Indicator

The PWR/SY indicator LED makes it easier for on-site administrators to identify the current role of each firewall in an HA pair:

When devices are HA pairing

  • Active: Red and Green blinking
  • Passive: Green solid

When devices are HA paired

  • Active: Green solid
  • Passive: Amber solid

When passive is syncing configuration file

  • Active: Green solid
  • Passive: Amber blinking

When HA pairing fails

  • Active: Red blinking
  • Passive: Green solid

2. Virtual MAC Support

uOS 1.32 introduces Virtual MAC addresses for HA as an option, allowing you to choose between using the physical MAC or a Virtual MAC.

This feature ensures seamless failover by maintaining the same MAC address on failover, preventing switches from relearning MAC addresses.

  • When failover occurs, the passive firewall takes over the same virtual MAC.
  • License synchronization still uses the physical MAC.
  • If Virtual MAC is enabled, each interface’s MAC address changes with the second digit set to 6 (the GUI dashboard still shows the physical MAC).Example:
    • Physical MAC: D8:EC:E5:XX:XX:62
    • Virtual MAC: D6:EC:E5:XX:XX:62
  • Once pairing is successful, the HA MAC address cannot be changed
  • If “Overwrite Default MAC address” is configured, it takes priority over Virtual MAC

3. Pause Device HA

A new Pause Device HA option lets administrators:

  • Temporarily suspend HA monitoring and synchronization.
  • Perform configuration changes or troubleshooting without triggering failover.
  • Avoid license unpairing or HA state changes.

Important Notes:

  • Only executable on the active device.
  • Displays a status warning on Device HA configuration GUI pages while paused.
  • Requires manual full sync or config change to resume synchronization.

4. Monitor Aggregated Interfaces

Monitoring can now be applied to Link Aggregation (LAG) interfaces. This helps detect link failure even on aggregated ports and supports more advanced redundancy designs.

5. HA File Consistency Check

You can now verify if the configuration, certificates, and signature files are synchronized between the active and passive units.

  • Detect mismatches before they cause problems.

6. Clear HA Logs via CLI

Previously, clearing HA logs required a reboot. Now, a new CLI command allows log clearing without disruption:

  • Available only on the active firewall. usgflex200h> cmd device-ha ha-log clear
  • Automatically clears logs from both units.

Summary

These enhancements demonstrate Zyxel’s commitment to making high availability more intelligent and transparent. Whether you're managing critical infrastructure or troubleshooting in a lab.

Tagged:

Categories

EnglishTiếng ViệtРусскийไทย中文(台灣)