Getting Started Guide vA5(1.0), Cisco ACE 4700 Series Application Control Engine Appliance
Configuring Redundant ACEs
Downloads: This chapterpdf (PDF - 134.0KB) The complete bookPDF (PDF - 2.98MB) | Feedback

Configuring Redundant ACEs

Table Of Contents

Configuring Redundant ACEs

Information About Redundancy

Guidelines and Limitations

Configuring Redundancy

Configuring Redundancy Using the Device Manager GUI

Configuring High Availability Peers

Configuring ACE High Availability Groups

Configuring Redundancy Using the CLI

Configuring an FT VLAN

Configuring an FT Peer

Configuring an Alias IP Address

Configuring an FT Group

Configuration Example for Redundancy

Where to Go Next


Configuring Redundant ACEs


This chapter describes how to configure the ACE for redundancy, which provides fault tolerance for the stateful switchover of flows.

This chapter contains the following sections:

Information About Redundancy

Guidelines and Limitations

Configuring Redundancy

Configuration Example for Redundancy

Where to Go Next

Information About Redundancy

After reading this chapter, you should have a basic understanding of ACE redundancy and how to configure it. For detailed information on redundancy, see the Administration Guide, Cisco ACE Application Control Engine.

The redundancy (or fault tolerance) feature ensures that your network services and applications are always available. It provides seamless switchover of flows in case an ACE becomes unresponsive or a critical host, interface, or HSRP group fails.

This feature uses a maximum of two ACEs (peers) in the same Catalyst 6500 series switch or in separate switches. Each peer module can contain one or more fault-tolerant (FT) groups. Each FT group consists of two members: one active context and one standby context. For more information about contexts, see the Virtualization Guide, Cisco ACE Application Control Engine.

To outside nodes (clients and servers), the active and standby FT group members appear as one node with respect to their IP addresses and associated virtual MAC (VMAC) addresses. The ACE provides active-active redundancy with multiple-contexts only when there are multiple FT groups configured on each module and both modules contain at least one active group member (context). With a single context, the ACE supports active-backup redundancy and each group member is an Admin context.

Each FT group acts as an independent redundancy instance. When a switchover occurs, the active member in the FT group becomes the standby member and the original standby member becomes the active member.

The ACE sends and receives all redundancy-related traffic (protocol packets, configuration data, heartbeats, and state replication packets) on a dedicated FT VLAN that is not used for normal traffic. The active ACE automatically replicates the configuration, including changes made to the configuration, on the standby peer using a process called configuration synchronization (config sync). After the ACE synchronizes the redundancy configuration from the active member to the standby peer, it disables configuration mode on the standby.

The two redundant modules constantly communicate over the FT VLAN to determine the operating status of each module. The standby member uses the heartbeat packet to monitor the health of the active member. The active member uses the heartbeat packet to monitor the health of the standby member. The ACE uses the heartbeat to probe the peer ACE, rather than probe each context. When an ACE does not receive a heartbeat from the peer ACE, all the contexts in the standby state become active. The ACE sends heartbeat packets over UDP. You can set the frequency with which the ACE sends heartbeat packets as part of the FT peer configuration.

The ACE replicates flows on the active FT group member to the standby group member per connection for each context. The replicated flows contain all the flow-state information necessary for the standby member to take over the flow if the active member becomes unresponsive. If the active member becomes unresponsive, the replicated flows on the standby member become active when the standby member assumes mastership of the context. The active flows on the former active member transition to a standby state to fully back up the active flows on the new active member.

After a switchover occurs, the same connection information is available on the new active member. Supported end-user applications do not need to reconnect to maintain the same network session.

Guidelines and Limitations

Follow these guidelines and limitations when you configure the redundancy feature:

You can configure redundancy only in the Admin context.

Redundancy is not supported between an ACE module and an ACE appliance operating as peers. Redundancy must be of the same ACE device type and software release.

You can configure a maximum of two ACEs (peers) for redundancy.

Each peer ACE can contain one or more fault-tolerant (FT) groups. Each FT group consists of two members: one active context and one standby context. For more information about contexts, see the Virtualization Guide, Cisco ACE Application Control Engine. An FT group has a unique group ID that you assign.

One virtual MAC address (VMAC) is associated with each FT group. The format of the VMAC is 00-0b-fc-fe-1b-groupID. Because a VMAC does not change upon switchover, the client and server ARP tables do not require updating. The ACE selects a VMAC from a pool of virtual MACs available to it. For more information about VMACs, see the Routing and Bridging Guide, Cisco ACE Application Control Engine.

In bridged mode (Layer 2), two contexts cannot share the same VLAN.

To achieve active-active redundancy, a minimum of two contexts and two FT groups are required on each ACE.

When you configure redundancy, the ACE keeps all interfaces that do not have an IP address in the Down state. The IP address and the peer IP address that you assign to a VLAN interface should be in the same subnet, but different IP addresses. For more information about configuring VLAN interfaces, see the Routing and Bridging Guide, Cisco ACE Application Control Engine.

By default, the ACE does not replicate IP address sticky table entries on the standby ACE unless you use the replicate sticky command in sticky-IP configuration mode. For details on the replicate sticky command, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.

The ACE does not replicate SSL and other terminated (proxied) connections from the active context to the standby context.

If you are using IPv6 in your network, we recommend that you configure carrier delay properly so that, before Layer 2 convergence occurs, the ACE appliance is not sending any IPv6 packets on the wire. Carrier delay is also highly recommended for duplicate address detection (DAD) to work properly. You can configure a value for carrier delay from 1 to 120 seconds. Generally, 30 to 60 seconds of carrier delay works well for most applications. For more information about configuring carrier delay and DAD, see the Routing and Bridging Guide, Cisco ACE Application Control Engine.

The FT VLAN and the query VLAN are not supported over IPv6.

The ACE does not support the stateful failover of any connections that are proxied. Such connections include Layer 7 connections (including SSL), inspection, and HTTP compression. Also, any connections that are candidates for compression in the VIP but are not being compressed because of the mime type of the data, for example, will remain proxied and will not be supported by stateful failover.

In a user context, the ACE allows a switchover only of the FT group that belongs to that context. In the Admin context, the ACE allows a switchover of all FT groups in all configured contexts in the ACE.

Do not use this dedicated VLAN for any other network traffic, including data and HSRP (ACE appliance only).

Redundancy uses a dedicated FT VLAN between redundant ACEs to transmit flow-state information and the redundancy heartbeat. You must configure this same VLAN on both peer ACEs. You also must configure a different IP address within the same subnet on each ACE for the FT VLAN.

The IP address and the MAC address of the FT VLAN do not change at switchover.

For redundancy to function properly, both members of an FT group must have identical configurations. Ensure that both ACEs include the same bandwidth software license and the same virtual context software license (2G or 1G for the ACE appliance). If there is a mismatch in a software license between the two ACEs in an FT group, the following operational behavior can occur:

If there is a mismatch in the virtual context software license, synchronization between the active ACE and standby ACE may not work properly.

If both the active and the standby ACE devices have the same virtual context software license but have a different bandwidth software license, synchronization will work properly but the standby ACE may experience a potential loss of traffic on switchover. For example, the switchover occurs from a 2G ACE appliance to a 1G ACE appliance.

For multiple contexts, the FT VLAN resides in the system configuration file. Each FT VLAN on the ACE has one unique MAC address associated with it. The ACE uses these device MAC addresses as the source or destination MACs for sending or receiving redundancy protocol state and configuration replication packets.

By default, connection replication is enabled in the ACE and is not configurable.

You must manually copy the SSL certificates and keys to the standby ACE. You can use the crypto import command.

You must manually copy scripts to the standby ACE.

Configuring Redundancy

This section describes how to configure redundancy using either the ACE Device Manager GUI or the CLI.

Configuring Redundancy Using the Device Manager GUI

Configuring Redundancy Using the CLI

Configuring Redundancy Using the Device Manager GUI

This section describes how to configure redundancy using the Device Manager user interface. You must configure each ACE in the fault-tolerant (FT) group. It contains the following topics:

Configuring High Availability Peers

Configuring ACE High Availability Groups

Configuring High Availability Peers


Note This functionality is available for only Admin contexts.



Step 1 Select Config > Virtual Contexts > High Availability (HA) > Setup. The ACE HA Management window appears with two columns: one for the selected ACE appliance and one for a peer ACE appliance.

Step 2 Click Edit, then enter the information for the primary ACE appliance and the peer appliance as described in Table 11-1.

Table 11-1 ACE High Availability Management Configuration Attributes 

Field
This Appliance
Peer Appliance

VLAN

Specify a fault-tolerant VLAN to be used for this high availability pair. Valid entries are integers from 2 to 4094.

Note This VLAN cannot be used for other network traffic.

In this example, use VLAN 60.

Not applicable.

Interface

Select the interface (specified by slot_number/port_number where slot_number is the physical slot on the ACE appliance, and port_number is the physical Ethernet data port on the ACE appliance) or the port channel.

Not applicable.

IP Address

Enter an IP address for the fault-tolerant VLAN in dotted-decimal format, such as 192.168.11.2.

Enter the IP address of the peer interface in dotted-decimal format so that the peer appliance can communicate on the fault-tolerant VLAN.

Netmask

Select the subnet mask that is to be used for the fault-tolerant VLAN.

Not applicable.

Management IP Address

Enter the IP address for the ACE.

Enter the Management IP Address of the peer appliance. When you enter this information, you can click on the HA Peer hyperlink in the Config > Virtual Contexts screen.

Query VLAN

Select the VLAN that the standby appliance is to use to determine whether the active appliance is down or if there is a connectivity problem with the fault-tolerant VLAN.

In this example, use VLAN 1000.

Not applicable.

Heartbeat Count

Enter the number of heartbeat intervals that must occur when no heartbeat packet is received by the standby appliance before the standby appliance determines that the active member is not available. Valid entries are integers from 10 to 50.

In this example, use a heartbeat count of 20.

Not applicable.

Heartbeat Interval

Enter the number of milliseconds that the active appliance is to wait between each heartbeat it sends to the standby appliance. Valid entries are integers from 100 to 1000.

In this example, use a heartbeat interval of 300.

Not applicable.

Interface Enabled

Check the Interface Enabled check box to enable the high availability interface.

Not applicable.

Shared VLAN Host ID

Enter a specific bank of MAC addresses that the ACE uses. Valid entries are integers from 1 to 16. Be sure to configure different bank numbers for multiple ACEs.

Not applicable.

Peer Shared VLAN Host ID

Enter a specific bank of MAC addresses for the same ACE in a redundant configuration. Valid entries are integers from 1 to 16. Be sure to configure different bank numbers for multiple ACEs.

Not applicable.

HA State

This is a read-only field with the current state of high availability on the ACE appliance.

Not applicable.


Step 3 Click Deploy Now to save your entries and to continue with configuring high availability groups. The ACE HA Management screen appears at the top of the content area and the ACE HA Groups table appears at the bottom.

Step 4 Verify the redundancy configuration by accessing the CLI of the ACE appliance.

host1/Admin(config)# do show running-config ft
 
   

Configuring ACE High Availability Groups


Note This functionality is available for only Admin contexts.


A fault-tolerant group consists of a maximum of two contexts: One active context on one appliance and one standby context on the peer appliance. You can create multiple fault-tolerant groups on each ACE appliance up to a maximum of 21 groups (20 user contexts and 1 Admin context).

Use this procedure to configure high availability groups.


Step 1 Config > Virtual Contexts > High Availability (HA) > Setup. The ACE HA Management screen appears at the top of the content area and the ACE HA Groups table appears at the bottom.

Step 2 In the ACE HA Groups table, click Add to add a new high availability group. The table refreshes with the configurable fields. Specify the fields as outlined below and leave the remaining attributes blank or with the default values.

Step 3 Check the Enabled check box to enable the high availability group.

Step 4 In the Context field, select the virtual context to associate with this high availability group. In this example, select VC_web.

Step 5 Check the Autosync Run check box to enable automatic synchronization of the running configuration files.

Step 6 Check the Autosync Startup check box to enable automatic synchronization of the startup configuration files.

Step 7 Click Deploy Now to accept your entries. The ACE HA Groups table refreshes with the new high availability group.

Step 8 Verify the redundancy configuration by accessing the CLI of the ACE appliance.

host1/Admin(config)# do show running-config ft
 
   

Configuring Redundancy Using the CLI

This section describes how to configure redundancy using the ACE appliance CLI. You must configure each ACE in the fault-tolerant (FT) group. It contains the following topics:

Configuring an FT VLAN

Configuring an FT Peer

Configuring an Alias IP Address

Configuring an FT Group

Configuring an FT VLAN

Configure an FT VLAN using the CLI by following these steps:


Step 1 Verify that you are operating in the desired context by checking the CLI prompt. If necessary, change to the correct context.

host1/Admin# changeto VC_web
host1/VC_web#
 
   

Step 2 Enter configuration mode.

host1/VC_web# config
host1/VC_web(config)#
 
   

Step 3 Configure a dedicated FT VLAN for communication between the members of the FT group. This FT VLAN is global and is shared by all contexts.

host1/Admin(config)# ft interface vlan 60
host1/Admin(config-ft-intf)#
 
   

Step 4 Specify the IP address and netmask of the FT VLAN.

host1/Admin(config-ft-intf)# ip address 10.10.60.10 255.255.255.0
 
   

Step 5 Specify the IP address and netmask of the remote peer.

host1/Admin(config-ft-intf)# peer ip address 10.10.60.11 255.255.255.0
 
   

Step 6 Exit FT interface configuration mode.

host1/Admin(config-ft-intf)# exit

host1/Admin(config)#

Step 7 Verify the redundancy configuration.

host1/Admin(config)# do show running-config ft
 
   

Step 8 (Optional) Copy the running configuration to the startup configuration.

host1/Admin(config)# do copy running-config startup-config


Configuring an FT Peer

Configure an FT peer using the CLI by following these steps:


Step 1 Configure the local redundancy peer.

host1/Admin(config)# ft peer 1

host1/Admin(config-ft-peer)# 
 
   

Step 2 Associates the FT VLAN with the peer.

host1/Admin(config-ft-peer)# ft-interface vlan 60
 
   

Step 3 Configure the heartbeat count.

host1/Admin(config-ft-peer)# heartbeat count 20
 
   

Step 4 Configures the heartbeat interval in milliseconds.

host1/Admin(config-ft-peer)# heartbeat interval 300
 
   

Step 5 Configure a query interface to allow the standby member to determine whether the active member is down or if there is a connectivity problem with the FT VLAN. A query interface helps prevent two redundant contexts from becoming active at the same time for the same FT group. Before triggering a switchover, the ACE pings the active member to make sure that it is down. Configuring a query interface allows you to assess the health of the active member, but it increases the switchover time.

The vlan_id argument specifies the identifier of an existing VLAN. Enter an integer from 2 to 4094. In this example, use VLAN 1000.

host1/Admin(config-ft-peer)# query-interface vlan 1000

Step 6 Exit FT peer configuration mode.

host1/Admin(config-ft-peer)# exit

host1/Admin(config)#

Step 7 Verify the redundancy configuration.

host1/Admin(config)# do show running-config ft
 
   

Step 8 (Optional) Copy the running configuration to the startup configuration.

host1/Admin(config)# do copy running-config startup-config


Configuring an Alias IP Address

An alias IP address serves as the shared gateway for the two ACEs. If you want to configure only one ACE for redundancy initially (for example, your second ACE will arrive a week or two after the first one), you must complete the redundancy configuration as described in this chapter to use the alias IP address. Otherwise, the alias IP address will be inoperable.


Note The alias IP address is the IP address that the real servers will use as their default gateway. If you do not configure an alias IP address on the VLAN, the ACE will fail over, however, the servers will not be able to route because the primary address will no longer exist in a failure.


Configure an alias IP address using the CLI by following these steps:


Step 1 Enter interface VLAN configuration mode for VLAN 1000.

host1/Admin(config)# interface vlan 1000

 
   

Step 2 Configure an alias IP address that floats between the active and the standby ACEs.

host1/Admin(config-intf-config)# alias ip address 172.25.91.112 255.255.255.0
 
   

Step 3 Exit interface configuration mode.

host1/Admin(config-intf-config)# exit

host1/Admin(config)#

Step 4 Verify the redundancy configuration.

host1/Admin(config)# do show running-config ft
 
   

Step 5 (Optional) Copy the running configuration to the startup configuration.

host1/Admin(config)# do copy running-config startup-config


Configuring an FT Group

Configure an FT group using the CLI by following these steps:


Step 1 Create an FT group. Create at least one FT group on each ACE.

host1/Admin(config)# ft group 1
host1/Admin(config-ft-group)# 
 
   

Step 2 Associate a context with each FT group. You must associate the local context and the corresponding peer context with the same FT group.

host1/Admin(config-ft-group)# associate-context VC_web
 
   

Step 3 Associate the peer context with the FT group

host1/Admin(config-ft-group)# peer 1
 
   

Step 4 Place the FT group in service.

host1/Admin(config-ft-group)# inservice
 
   

Step 5 Exit FT group configuration mode

host1/Admin(config-ft-group)# exit

host1/Admin(config)#

Step 6 (Optional) Enable auto synchronization of the running-configuration and/or startup-configuration file from the active to the standby context. Both commands are enabled by default.

host1/Admin(config)# ft auto-sync running-config

host1/Admin(config)# ft auto-sync startup-config

Step 7 Verify the redundancy configuration.

host1/Admin(config)# do show running-config ft 
host1/Admin(config)# do show running-config interface
 
   

Step 8 (Optional) Copy the running configuration to the startup configuration.

host1/Admin(config)# do copy running-config startup-config

\ow that you have configured redundancy on one ACE, configure the other ACE in the FT group in a similar manner.


Configuration Example for Redundancy

The following example shows how to configure redundancy in the Admin context. The commands that you have configured in this chapter appear in bold text.

 
   
switch/Admin(config)# do show run
Generating configuration....
 
   
login timeout 0
 
   
resource-class RC_WEB
  limit-resource all minimum 10.00 maximum equal-to-min
 
   
class-map type management match-any REMOTE_ACCESS
  description Remote access traffic match
  2 match protocol telnet any
  3 match protocol ssh any
  4 match protocol icmp any
 
   
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
  class REMOTE_ACCESS
    permit
 
   
interface vlan 1000
  description Management connectivity on VLAN 1000 and query interface VLAN
  ip address 172.25.91.110 255.255.255.0
  peer ip address 172.25.91.111 255.255.255.0
  alias ip address 172.25.91.112 255.255.255.0
  service-policy input REMOTE_MGMT_ALLOW_POLICY
  no shutdown
 
   
ft interface vlan 60
  ip address 10.10.60.10 255.255.255.0
  peer ip address 10.10.60.11 255.255.255.0
 
   
ft peer 1
  heartbeat interval 300
  heartbeat count 20
  ft-interface vlan 60
  query-interface vlan 1000
 
   
domain DOMAIN1
add-object all
 
   
ip route 0.0.0.0 0.0.0.0 172.25.91.1
 
   
context VC_web
  allocate-interface vlan 400
  allocate-interface vlan 500
  allocate-interface vlan 1000
  member RC_WEB
 
   
ft group 1
  peer 1
  associate-context VC_web
  inservice
 
   
username admin password 5 $1$JwBOOUEt$jihXQiAjF9igwDay1qAvK. role Admin domain
default-domain
username www password 5 $1$xmYMkFnt$n1YUgNOo76hAhg.JqtymF/ role Admin domain 
default-domain
 
   

Where to Go Next

In this chapter, you have configured redundancy on the ACE. In the next chapter, you will learn how to configure bridged mode.