Help in setting two ACE appliances in redundancy

Answered Question
Sep 24th, 2008
User Badges:

Can you please provide a sample configuration on setting up two ACE appliances for redundancy. Also, if you have two redundant ACEs, does the config is copied from the active to the standby or do i have to configure the standby separately?



Correct Answer by Syed Iftekhar Ahmed about 8 years 4 months ago

From the following link


http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/command/reference/if.html#wp1068700


"ACE automatically includes the FT VLAN in the VLAN trunk link"


It means FT ports are put by default in trunk mode. Could you change the ports on the switches to trunk port and see if it works.


Syed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 09/24/2008 - 15:02
User Badges:
  • Blue, 1500 points or more


Following link will give you details about ACE redundancy

http://preview.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/admin/guide/redundcy.html


Config is copied from Active to Standby automatically.You just need to configure FT related config (ft group, ft peer, ft vlan) on the Standby ACE.


Syed Iftekhar Ahmed


ronnel.maranan Thu, 11/06/2008 - 12:39
User Badges:

not sure why but the link doesnt work for me... to give you an idea i copied the config on my two aces... can you please advise what is wrong with these configs... when i view the status of the the fault tolerant all the heartbeats being sent are missed.


*************************

hostname FP_ACE_PlanB_1

interface gigabitEthernet 1/1

switchport trunk allowed vlan 2

no shutdown

interface gigabitEthernet 1/2

shutdown

interface gigabitEthernet 1/3

shutdown

interface gigabitEthernet 1/4

description ACE_Heartbeat

ft-port vlan 320

no shutdown




access-list ALL line 8 extended permit ip any any







class-map type management match-any remote_access

201 match protocol icmp any

202 match protocol telnet any

203 match protocol ssh any

204 match protocol https any

205 match protocol snmp any


policy-map type management first-match remote_mgmt_allow_policy

class remote_access

permit


interface vlan 2

ip address 10.146.2.22 255.255.255.0

alias 10.146.2.21 255.255.255.0

peer ip address 10.146.2.23 255.255.255.0

access-group input ALL

service-policy input remote_mgmt_allow_policy

no shutdown


ft interface vlan 320

ip address 10.146.1.233 255.255.255.252

peer ip address 10.146.1.234 255.255.255.252

no shutdown


ft peer 1

heartbeat interval 200

heartbeat count 20

ft-interface vlan 320

query-interface vlan 2

ft group 1

peer 1

priority 200

peer priority 50

associate-context Admin

inservice


ip route 0.0.0.0 0.0.0.0 10.146.2.1



************************

hostname FP_ACE_Prodn_1

interface gigabitEthernet 1/1

switchport trunk allowed vlan 2

no shutdown

interface gigabitEthernet 1/2

shutdown

interface gigabitEthernet 1/3

shutdown

interface gigabitEthernet 1/4

description ACE_Heartbeat

ft-port vlan 320

no shutdown




access-list ALL line 8 extended permit ip any any







class-map type management match-any remote_access

2 match protocol xml-https any

4 match protocol icmp any

5 match protocol telnet any

6 match protocol ssh any

7 match protocol http any

8 match protocol https any

9 match protocol snmp any


policy-map type management first-match remote_mgmt_allow_policy

class remote_access

permit


interface vlan 2

ip address 10.146.2.23 255.255.255.0

alias 10.146.2.21 255.255.255.0

peer ip address 10.146.2.22 255.255.255.0

access-group input ALL

service-policy input remote_mgmt_allow_policy

no shutdown


ft interface vlan 320

ip address 10.146.1.234 255.255.255.252

peer ip address 10.146.1.233 255.255.255.252

no shutdown


ft peer 1

heartbeat interval 200

heartbeat count 20

ft-interface vlan 320

query-interface vlan 2

ft group 1

peer 1

priority 50

peer priority 200

associate-context Admin

inservice


ip route 0.0.0.0 0.0.0.0 10.146.2.1



Syed Iftekhar Ahmed Thu, 11/06/2008 - 15:08
User Badges:
  • Blue, 1500 points or more

How are the two ACE appliances connected?

Are they using an intermediate switch or a cross cable?


Syed

ronnel.maranan Thu, 11/06/2008 - 17:23
User Badges:

the ft-port for both ACE are connected using an intermediate switch which are configured as an access port and with access to vlan 320


Ronnel

Correct Answer
Syed Iftekhar Ahmed Thu, 11/06/2008 - 23:01
User Badges:
  • Blue, 1500 points or more

From the following link


http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/command/reference/if.html#wp1068700


"ACE automatically includes the FT VLAN in the VLAN trunk link"


It means FT ports are put by default in trunk mode. Could you change the ports on the switches to trunk port and see if it works.


Syed

ronnel.maranan Thu, 11/27/2008 - 11:44
User Badges:

you have to make the ft vlan the native vlan in the trunk in order to work.

switchport trunk native vlan "your ft vlan"

Actions

This Discussion