Command Line Interface Reference Guide > The SLB Configuration Menu > /cfg/slb/sync Synchronize Peer Configuration
/cfg/slb/sync
Synchronize Peer Configuration
To synchronize the configuration between two Alteons, a peer must be configured and enabled on each Alteon.
Use the /oper/slb/sync command to send SLB, FILT, and VRRP configuration updates to peers.
Notes
*For a dedicated (non-virtual) ADC and for vADC instances, this synchronization command is operated through a data port and cannot be operated from the management interface.
*Sessions 33-64 in the auxiliary session table are not synchronized with the backup Alteon.
Alternatively, you can use the /cfg/slb/sync/autosync command to synchronize the configuration between two Alteons automatically.
When you enable the autosync option, Alteon automatically synchronizes the Layer 3 to Layer 7 configuration on all configured and enabled Alteon peers after every apply or revert apply operation.
Alteon provides a report on the state of the configuration synchronization, including a timestamp and reason for failure where appropriate.
Note:  AppWall configuration is synchronized automatically regardless of the Configuration Sync. state.
 
[Config Synchronization Menu]
peer - Synch Peer Switch Menu
cluster - Cluster sync menu
autosync - Enable/disable automatic syncing of configuration
ddstore - Enable/disable syncing dynamic data store
filt - Enable/disable syncing filter configuration
ports - Enable/disable syncing port configuration
route - Enable/disable syncing static route configuration
prios - Enable/disable syncing VRRP priorities
pips - Enable/disable syncing proxy IP addresses
peerpips - Enable/disable syncing peer proxy IP addresses
virts - Enable/disable syncing virtual servers
bwm - Enable/disable syncing BWM configuration
state - Enable/disable syncing persistent session state
rsync - Enable/disable syncing route table
certs - Enable/disable syncing certificate repository components
maponly - Set sync mapping table only
ucast - SFO Unicast Mode Menu
if - Enable/disable syncing IP interface configuration
     tunnel - Enable/disable syncing tunnel configuration
auth - Select passphrase to use instead of admin password
passphrs - Set passphrase to encrypt/decrypt synced certificates' private keys
update - Set stateful failover update period
rupdate - Set sync route update period
rhold - Set time to hold the sync routes after failover
tcktkey - Sync TLS session ticket encryption key (STEK) menu
     cur - Display current Layer 4 sync configuration
 
Synchronization Menu Options (/cfg/slb/sync) 
Command Syntax and Usage
peer <peer switch number (1-3)>
 
Displays the Peer Switch menu. To view this menu, see /cfg/slb/sync/peer <peer switch number> Peer Switch Configuration.
cluster
 
Displays the Cluster Sync menu. To view this menu, see /cfg/slb/sync/cluster Cluster Sync Configuration.
autosync disable|enable
 
Automatically synchronizes the Layer 3 to Layer 7 configurations on all configured and enabled Alteon peers after every apply or revert apply operation.
Default: disable
ddstore disable|enable
 
Enables or disables synchronizing the dynamic data store that includes persistence data and/or user-defined dynamic data created and updated via AppShape++ scripts.
Default: disable
filt disable|enable
 
Enables or disables synchronizing the filter configuration.
Default: disable
ports disable|enable
 
Enables or disables synchronizing the Layer 4 port configuration.
Default: enable
route disable|enable
 
Enables or disables synchronizing static routes between two peers. When you apply, if peer is enabled, Alteon will ask you to confirm configuration synchronization, and will synchronize the static routes configured under the /cfg/l3/route/ip4 menu.
Default: enable
prios disable|enable
 
Enables or disables synchronizing VRRP priorities.
Default: enable
pips disable|enable
 
Enables or disables synchronizing proxy IP addresses.
Default: disable
peerpips disable|enable
 
Enables or disables synchronizing the peer proxy IP addresses. Peer proxy IP addresses are used in VRRP active-active configurations.
Default: disable
virts disabled|enabled
 
Enables or disables synchronizing Bandwidth Management configuration between primary and backup Alteons.
Default: enable
bwm disable|enable
 
Enables or disables synchronizing Bandwidth Management configuration between primary and backup Alteons.
Default: enable
state disable|enable
 
Enables or disables stateful failover for synchronizing the persistent session state.
Default: disable
rsync disable|enable
 
Enables or disables route table synchronization. In active/standby setup, when enabled, it will synchronize the dynamic routes learned via OSPF.
Default: disable
certs disable|enable
 
Enables or disables synchronizing certificate repository components.
When enabled, the passphrase to encrypt the private keys during configuration sync must be set at all peers using passphrs (see in this table). The same passphrase should be set at all peers.
Default: disable
maponly disable|enable
 
Enables or disables synchronization of only the index mapping table between primary and backup Alteon platforms. The index mapping table includes mapping of user-defined alphanumeric indexes of SLB objects to internal indexes. This is relevant only when you require stateful failover but do not want to use the Alteon configuration synchronization mechanism (via the /cfg/slb/sync options) which includes the mapping table.
Notes:
*You must define synchronization peer IP addresses when mapping table synchronization is enabled.
*When maponly is enabled, the synchronization operation only affects the mapping table, and does not perform the regular configuration synchronization.
*For mapping table synchronization, enable maponly on both platforms. For configuration synchronization, disable maponly on both platforms.
Values:
*enable—Alteon automatically synchronizes the mapping table after an apply command.
*disable—Alteon does not automatically synchronize the mapping table after an apply command. Radware recommends that in such cases you perform the synchronization (via the /cfg/slb/sync options) to make sure that stateful failover succeeds.
Default: disable
ucast
 
Displays the SFO Unicast Mode menu. To view this menu, see /cfg/slb/sync/ucast SFO Unicast Configuration.
Default: disable
if disable|enable
 
Specifies whether to enable synchronization of the IP interface configuration.
Default: disable
tunnel disable|enable
 
Specifies whether to enable synchronization of the IP interface configuration.
Default: disable
auth admin|passphrase
 
Specifies whether to use a separate administrator password for each Alteon in a high availability group.
Values:
*passhrase—Users who do not want to have the same administrator password on all peers can use the passphrase for authentication of configuration synchronization with Alteon peers in the high availability group.
*admin—All Alteon peers in the high availability group use the same administrator password.
Default: disable
Note: As of version 32.4.1, this command only allows passphrase option since passphrase for authentication is required and must entered to allow configuration synchronization.
passphrs
 
Sets the passphrase to encrypt and decrypt the private keys of synchronized certificates.
Notes:
*To encrypt and decrypt certificate private keys during synchronization configuration, the same passphrase must be set for all peers.
*When a FIPS HSM module is installed, the passphrase is not applicable.
update <seconds, 1–60>
 
Sets the stateful failover update interval. The active Alteon sends update packets of new persistent binding entries, if any, to the backup Alteon at the specified update interval.
Default: 30 seconds
rupdate
 
Sets the time interval of route table updates from the primary.
Values: 10 – 600 seconds
Default: 30
rhold
 
Sets the time after which the routes are cleaned up from the newly elected primary after a failover.
Values: 10 – 600 seconds
Default: 30
tcktkey
 
Displays the TLS STEK Sync menu. To view this menu, see /cfg/slb/sync/tcktkey TLS STEK Syn Configuration.
cur
 
Displays the current Layer 4 synchronization configuration.