Cisco 7600 Series Routers Session Border Controller Configuration Guide
Implementing SBC Redundancy—High Availability
Download this chapter
Implementing SBC Redundancy—High AvailabilityImplementing SBC Redundancy—High Availability
Download the complete book
Cisco 7600 Series Routers Session Border Controller Configuration GuideCisco 7600 Series Routers Session Border Controller Configuration Guide (PDF - 9 MB)
give_us_feedback

Table Of Contents

Implementing SBC Redundancy—High Availability

Contents

Prerequisites—Implementing Redundancy

Implementing Redundancy on the ACE Module

Redundancy Configuration Example


Implementing SBC Redundancy—High Availability

The Session Border Controller (SBC) on the Cisco 7600 series routers supports intra-chassis and inter-chassis redundancy. You can configure a maximum of two SBCs services in the same Cisco 7600 series router or in a different chassis for redundancy.

SBC fault tolerant redundancy is based on a 1:1 paired protection model. For each active service card running with the SBC, there should be another service card providing failure protection (that is, standby). The same services must be provisioned on both cards (one as the primary card, one as the standby card); in this instance, the service cards are described as "paired."

From a Cisco IOS system perspective, service cards are always running in active mode. SBC services running on these cards, however, run as either a primary service or standby service.

In the distributed model, data border element (DBE) services run as separate Cisco Data Center Operation System (DCOS) processes (and there may be one or more distributed DBEs per SBE). When running in this mode, DBE services may be provisioned on different cards within the same physical device to distribute the processing load across available service cards.

Note For ACE SBC Release 2.0.00, only DBE services are implemented.

Note For ACE SBC Release 3.0.00, this feature is supported in both the unified model and the distributed model.

The active SBC replicates the state to the standby to provide hot standby support. The SBC process is fate shared with the Media Packet forwarder component; if one component restarts, the other component will restart.

Note For a description of commands used in this chapter, refer to the Application Control Engine Module Command Reference at: http://www.cisco.com/en/US/products/hw/modules/ps2706/products_command_reference_book09186a0080685244.html.

Feature History for Implementing SBC Redundancy

Release
Modification

ACE SBC Release 3.1.00

Added support for inter-chassis redundancy.

ACE SBC Release 3.0.00

Added support for SBC unified model.

ACE SBC Release 2.0.00

This feature was introduced on the Cisco 7600 series router for DBEs.


Contents

This module contains the following sections:

Prerequisites—Implementing Redundancy

Implementing Redundancy on the ACE Module

Redundancy Configuration Example

Prerequisites—Implementing Redundancy

The following prerequisites are required to implement SBC redundancy:

On the Application Control Engine Module (ACE), you must be an Admin user to enter SBC commands. For more information, see the Application Control Engine Module Administration Guide at: http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_guide_book09186a00806838f4.html

Before configuring SBC service, the fault tolerant (redundancy) configuration must already be created. See the procedures described in Chapter 2, "ACE Configuration Prerequisites for the SBC".

SBC fault tolerance is based on a 1:1 paired-protection model. For each ACE module running active SBC components, there can be one ACE module providing failure protection. The same services must be provisioned on both ACE modules (one as the primary card, one as the standby card), and the ACE modules are then said to be paired. Although from an Cisco IOS system perspective, ACE modules are always running in active mode, SBC services running on these cards run as either the primary service or the standby service.

Implementing Redundancy on the ACE Module

In ACE SBC Release 3.0.00, FT group 1 is always associated with the Admin context.

Note The priority for all FT groups should be the same.

Note With VRFs, there is one FT group per-context.

Note You can configure a maximum of two ACE appliances (peers) for redundancy. Each peer appliance can contain one or more fault-tolerant (FT) groups. Each FT group consists of two members: one active context and one standby context. An FT group has a unique group ID that you assign.

One virtual MAC address (VMAC) is associated with each FT group and is used as the virtual MAC address for all alias addresses, on all VLANs in the context under which the ft-group is configured. The format of the VMAC is: 00-0b-fc-fe-1b-groupID. Because a VMAC does not change upon switchover, the client and server ARP tables does not require updating. To avoid duplicate MAC issues, each pair of ACE cards connected to the same subnet(s) should use unique FT group IDs.

For information on configuring redundancy on the ACE modules, see Configuring Redundant ACE Modules at http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_guide_chapter09186a0080683a15.html.

Note In the current release, both heartbeat interval and count number are fixed and cannot be changed by a user.

Redundancy Configuration Example

The following is an example of an SBC redundancy configuration: 


On the supervisor

             Svclc mod 3 vlan-group 10     !!! create vlan group 10

             Svclc vlan-group 10   50,60,70      !!! bind vlan 50, 60 and 70 in same vlan 
gr 10

             Svclc multiple-vlan-interfaces 



On ACE location 1

            (On Admin context)

         interface vlan 60             !!! config vlan and alias      

             ip address 60.60.60.60 255.255.255.0

             alias 60.60.60.62 255.255.255.0

             peer ip address 60.60.60.61 255.255.255.0

             no shutdown

            ft interface vlan 50                !!! config vlan 50

                ip addr ip addr 50.50.50.50 255.255.255.0

                peer ip addr 50.50.50.51 255.255.255.0

                no shut

            ft peer 1                                 !!! config peer 1

                heartbeat interval 300

                heartbeat count 10

                ft-interface vlan 20

                query-interface vlan 60


            ft group 1                             !!! config ft group 1

                peer 1

                associate-context      Admin

                priority 100

                peer priority 200

                inservice


On ACE location 2

            (On Admin context)

          interface vlan 60     !!! config vlan and alias

              ip address 60.60.60.61 255.255.255.0

              alias 60.60.60.62 255.255.255.0

              peer ip address 60.60.60.60 255.255.255.0

              no shutdown

            ft interface vlan 50                !!! config vlan 50

                ip addr 50.50.50.51 255.255.255.0 ! peer ip address in location 1

                peer ip addr 50.50.50.50 255.255.255.0 ! ip address in location 1

                no shut


            ft peer 1                                 !!! config peer 1

                heartbeat interval 300

                heartbeat count 10

                ft-interface vlan 20

                query-interface vlan 60


            ft group 1                            

                peer 1

                associate-context      Admin

                priority 200

                peer priority 100

                inservice