ACE and VIP failover

Answered Question
Nov 18th, 2007

Hi,

There is another one:-)

On CSS i could define critical service and put the VIP down if critical service is down. Also CSS used something like VRRP to define active VIP per CSS.

So the question is, can I do the same thing on two ACE modules? So, one is active for the VIP, and if service associated with that VIP fails, the active VIP is moved to another ACE module?

Can this be accomplished with contexts? FT VLAN..etc. It is not the same as VRRP VIP fail over on CSS but i could use it. Can i use FT VLAN over L2 devices/MPLS backbone or do i have to use dedicated link?

I have this problem too.
0 votes
Correct Answer by Syed Iftekhar Ahmed about 9 years 3 weeks ago

ACE ft vlan requires to be on a dedicated physical port and dedicated vlan which only carries ACE ft traffic. Both modules should use unique ip addresses from the same subnet and you cannot introduce any router between them.

ACE can be configured to “inject” static routes in the MSFC routing table, with configurable metric. You can use this metric feature to differentiate the host route for the same VIP or can change the cost during redistribution.

RHI (for same VIP) can be also performed to provide load-balanced service based on the proximity of the client to one of the server farms.

So yes you can use RHI to inject different cost host routes for the same VIP.

Syed

Correct Answer by Syed Iftekhar Ahmed about 9 years 3 weeks ago

On ACE the failover is context based (not Vip based).

ACe can be configured to track and detect failures in the following items in the

Admin context and any user context:

• Gateways or hosts

• Interfaces

• Hot Standby Router Protocol (HSRP) groups

You need to configure a tracking priority for each tracking event.

from ACE Admin guide

"Suppose that on ACE 1 you configure the active FT group member

with a priority of 100 and on ACE 2 you configure the standby FT group member

with a priority of 70. Further, assume that you configure the FT group to track

three critical interfaces, each with a unit priority of 15. To trigger a switchover,

all three interfaces must fail so that the priority of the active member is less than

the priority of the standby member (100 - 45 = 55)."

Please read ACE Admin guide for more details

Syed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (3 ratings)
Loading.
Correct Answer
Syed Iftekhar Ahmed Sun, 11/18/2007 - 23:38

On ACE the failover is context based (not Vip based).

ACe can be configured to track and detect failures in the following items in the

Admin context and any user context:

• Gateways or hosts

• Interfaces

• Hot Standby Router Protocol (HSRP) groups

You need to configure a tracking priority for each tracking event.

from ACE Admin guide

"Suppose that on ACE 1 you configure the active FT group member

with a priority of 100 and on ACE 2 you configure the standby FT group member

with a priority of 70. Further, assume that you configure the FT group to track

three critical interfaces, each with a unit priority of 15. To trigger a switchover,

all three interfaces must fail so that the priority of the active member is less than

the priority of the standby member (100 - 45 = 55)."

Please read ACE Admin guide for more details

Syed

Branimir Turk Mon, 11/19/2007 - 07:58

Hi,

I have read the guide, and one thing is bothering me. It says that FT VLAN has to be dedicated, but it does not says does it need to use dedicated physical link ( no switches beteen)??

And also,if i can not provide dedicated physical link between two Cat6500 (400km distance:-) ) can fai lover be solved by configuring both ACE modules with same VIP address (no FT VLAN in between) but different ospf cost so that all traffic goes to one ACE, and if that fails it switches to second?

Sorry for the poor english:-=

Correct Answer
Syed Iftekhar Ahmed Mon, 11/19/2007 - 11:32

ACE ft vlan requires to be on a dedicated physical port and dedicated vlan which only carries ACE ft traffic. Both modules should use unique ip addresses from the same subnet and you cannot introduce any router between them.

ACE can be configured to “inject” static routes in the MSFC routing table, with configurable metric. You can use this metric feature to differentiate the host route for the same VIP or can change the cost during redistribution.

RHI (for same VIP) can be also performed to provide load-balanced service based on the proximity of the client to one of the server farms.

So yes you can use RHI to inject different cost host routes for the same VIP.

Syed

Actions

This Discussion