When implementing active-active high availability (HA), which feature must be configured to allow the HA pair to share a single IP address that may be used as the network's gateway IP address?
When implementing active-active high availability (HA), which feature must be configured to allow the HA pair to share a single IP address that may be used as the network's gateway IP address?
When implementing active-active high availability (HA), the feature that must be configured to allow the HA pair to share a single IP address that may be used as the network's gateway IP address is VRRP (Virtual Router Redundancy Protocol). VRRP enables multiple routers to work together to share a virtual IP address, which serves as the default gateway for the network. This ensures continuous availability and reliability, even if one of the routers fails.
A) In a Layer 3 interface deployment and active/active HA configuration, ARP load-sharing allows the firewalls to share an IP address and provide gateway services. Use ARP load-sharing only when no Layer 3 device exists between the firewall and end hosts, that is, when end hosts use the firewall as their default gateway.
A & B are correct answers. The question doesn't specified if there is a L3 device between PA and end host (ARP load Sharing) A -> https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/arp-load-sharing B -> https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/floating-ip-address-and-virtual-mac-address
I think it is A (ARP Load Shareing), as you will need at least two floating IP to distribute the traffic over both fw and you will be using two default gw in your network.