Rejection/Redirection of HA Sessions on Network Failures


Rejection/Redirection of HA Sessions on Network Failures
 
 
 
This chapter provides information on configuring an enhanced, or extended, service. The product Administration Guides provide examples and procedures for configuration of basic services on the system. It is recommended that you select the configuration example that best meets your service model, and configure the required elements for that model, as described in the respective product Administration Guide, before using the procedures in this chapter.
The following sctions are included in this chapter:
 
Overview
This feature enables the HA service to either reject new calls or redirect them to another HA when a destination network connection failure is detected. When network connectivity is re-established, the HA service begins to accept calls again in the normal manner.
The way this is implemented in the system is as follows:
 
Configuring HA Session Redirection
This section provides instructions for configuring rejection or redirection of HA sessions on the event of a network failure. These instructions assume that there is a destination context. and HA service, an IP pool, and a subscriber already configured and that you are at the root prompt for the Exec mode:
 
[local]host_name#
Step 1
 
configure
The following prompt appears:
 
[local]host_name(config)#
Step 2
 
context <context_name>
context_name is the name of the destination context where the HA service is configured. The name must be from 1 to 63 alpha and/or numeric characters and is case sensitive.
The following prompt appears:
 
[<context_name>]host_name(config-ctx)#
Step 3
 
ha-service <ha_service_name>
ha_service_name is the name of the HA service. The name must be from 1 to 63 alpha and/or numeric characters and is case sensitive.
The following prompt appears:
 
[<context_name>]host_name(config-ha-service)#
Step 4
 
policy nw-reachability-fail { reject [ use-reject-code { admin-prohibited | insufficient-resources } ] | redirect <ip_addr1> [ weight <value> ] [ <ip_addr2> [ weight <value> ] ] ... [ <ip_addr16> [ weight <value> ] ] }
redirect <ip_addr1> [ weight <value> ] [ <ip_addr2> [ weight <value> ] ] ... [ <ip_addr16> [ weight <value> ] ]
<ip_addr>: This must be an IPv4 address. Up to 16 IP addresses and optional weight values can be entered on one command line.
weight <value>: When multiple addresses are specified, they are selected in a weighted round-robin scheme. If a weight is not specified, the entry is automatically assigned a weight of 1. <value> must be an integer from 1 through 10.
Step 5
 
exit
The following prompt appears:
 
[<context_name>]host_name(config-ctx)#
Step 6
 
nw-reachability server <server_name> [ interval <seconds> ] [ local-addr <ip_addr> ] [ num-retry <num> ] [ remote-addr <ip_addr> ] [ timeout < seconds> ]
interval <seconds>
Specifies the frequency in seconds for sending ping requests.<seconds> must be an integer from 1 through 3600.
local-addr <ip_addr>
num-retry <num>
remote-addr <ip_addr>
timeout < seconds>
Step 7
Repeat step 6 to configure additional network reachability servers.
Step 8
To bind a network reachability server to an IP pool, continue with step 9. To bind a network reachability server to a local subscriber profile, skip to step 11.
Step 9
 
ip pool <pool_name> nw-reachability server <server_name>
<pool_name>
<server_name>: The name of a network reachability server that has been defined in the current context. This is a string of from 1 through 16 characters.
Step 10
Repeat step 9 for additional IP pools in the current context then skip to step 13.
Step 11
 
subscriber { default | name <subs_name> }
Where default is the default subscriber for the current context and subs_name is the name of the subscriber profile that you want to configure for network reachability.
The following prompt appears:
 
[<context_name>]host_name(config-subscriber)#
Step 12
 
nw-reachability server <server_name>
Where server_name is the name of a network reachability server that has been defined in the current context.
Step 13
 
end
The following prompt appears:
 
[local]host_name#
Step 14
 
context <context_name>
Where context_name is the name of the destination context for which you configured network reachability.
The following prompt appears:
 
[context_name]host_name#
Step 15
 
show nw-reachability server all
The output of this command appears similar to the following:
 
 Server remote-addr local-addr state
--------------- --------------- --------------- ---------------
nw-server1 192.168.100.20 192.168.1.10 Down
 Total Network Reachability Servers: 1 Up: 0
Ensure that the remote and local addresses are correct. The state column indicates whether or not the server is reachable (Up) or unreachable (Down).
Step 16
 
show ha-service name <ha_service_name>
Where <ha_service_name> is the name of the HA service in the current context for which you configured a network reachability policy.
The output of this command includes information about the network reachability policy that looks similar to the following:
 
NW-Reachability Policy: Reject (Reject code: Admin Prohibited)
Step 17
 
show ip pool pool-name <pool_name>
Where <pool_name> is the name of the IP pool to which you bound a network reachability server name.
The output of this command includes information about the network reachability server name that looks similar to the following:
 
Network Reachability Detection Server: nw-server1
Step 18
 
show subscribers configuration username <subscriber_name>
Where <subscriber_name> is the name of the local subscriber to which you bound a network reachability server name.
The output of this command includes information about the network reachability server name that looks similar to the following:
 
network reachability detection server name: nw-server1
Step 19
Save your configuration as described in Verifying and Saving Your Configuration.
 
RADIUS Attributes
Attributes defined in a subscriber profile stored remotely on a RADIUS server can be used to bind the network reachability server to a subscriber session. Use the following attributes to bind a network reachability server to a subscriber session;
SN-Nw-Reachability-Server-Name
SN1-Nw-Reachability-Server-Name
The attributes have one possible value, which is a variable that is a string of from 1 to 15 characters in length. This should be the name of the configured network reachability server.
The SN-Nw-Reachability-Server-Name attribute is contained in the following dictionaries:
The SN1-Nw-Reachability-Server-Name attribute is contained in the following dictionaries:
Refer to the AAA Interface Administration and Reference for more details.
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883