Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco ACE Module Redundancy

Hello All,

Im  new about  ACE´s this is my first implementations and i got some questions about redundancy.

I have two  ACE-20 Modules, each one has diferents contexts for differents applications, I want redundancy and Backup

between them, so  i want  One  has an  Active Context1  and  BAckup or Standby of the Other Context2 of the other ACE and viceversa.

What would be the configurations to achieve this?

Do i need write the Context configuration on each ACE ( Active, Standby )  or its gonna be automatic the syncro

of the configs??

Example:

6500 CHASSIS 1                                               6500 CHASSIS 2                                     

ACE MODULE 1                         <  -------- >        ACE MODULE 2   

V-CONTEXT-A  ( Active)               <  -------- >        V-CONTEXT-A  ( Standby) 

V-CONTEXT-B  ( Standby)            <  -------- >        V-CONTEXT-A  ( Active) 

Configuration ACE MODULE 1:

interface vlan 1000

ip address 172.25.91.110 255.255.255.0

peer ip address 172.25.91.111 255.255.255.0

alias ip address 172.25.91.112 255.255.255.0

service-policy input REMOTE_MGMT_ALLOW_POLICY

no shutdown

ft interface vlan 60

ip address 10.10.60.10 255.255.255.0

peer ip address 10.10.60.11 255.255.255.0

ft peer 1

heartbeat interval 300

heartbeat count 20

ft-interface vlan 60

query-interface vlan 1000

ft group 1

peer 1

associate-context V_CONTEXT-A

inservice

I will appreciate your help because im lost on this.

Thanks in Advance.

Robert.

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Cisco ACE Module Redundancy

Hi Robert,

The process of selecting which module has active ownership of a given context is determined by the priority, much like HSRP. In your configuration, you want to "share the load" of your two virtual contexts between the two modules. Also remember to define priority for your admin-context as well.

This sample config should help you get started:

ACE/CHASSIS 1

------------------------

interface vlan 1000

  service-policy input REMOTE_MGMT_ALLOW_POLICY

  no shutdown

ft interface vlan 60

  ip address 10.10.60.10 255.255.255.0

  peer ip address 10.10.60.11 255.255.255.0

ft peer 1

  heartbeat interval 300

  heartbeat count 20

ft-interface vlan 60

  query-interface vlan 1000

ft group 1

  peer 1

  priority 250

  peer priority 200

  associate-context Admin

  inservice

ACE/CHASSIS 2

------------------------

interface vlan 1000

  service-policy input REMOTE_MGMT_ALLOW_POLICY

  no shutdown

ft interface vlan 60

  ip address 10.10.60.11 255.255.255.0

  peer ip address 10.10.60.10 255.255.255.0

ft peer 1

  heartbeat interval 300

  heartbeat count 20

ft-interface vlan 60

  query-interface vlan 1000

ft group 1

  peer 1

  priority 200

  peer priority 250

  associate-context Admin

  inservice

since you omitted the part of your configuration, I assume that you've already configured ressource-classes, access-lists, snmp etc.

Once the baseline Admin-context has been configured, make sure that the FT is working properly. Issue a 'sh ft grou status' on the admin-context and make sure, that it reads something like this:

FT Group                     : 1
Configured Status         : in-service
Maintenance mode       : MAINT_MODE_OFF
My State                     : FSM_FT_STATE_ACTIVE
Peer State                   : FSM_FT_STATE_STANDBY_HOT
Peer Id                        : 1
No. of Contexts            : 1

Then, define your virtual contexts, resource-class allocation and vlan-allocation. And then simply repeat the FT-group configuration and prioritize your contexts according to your needs. Since the FT is already established and, hopefully, working, you only need to configure this on the active Admin-context:

ft group 2

  peer 1

  priority 250

  peer priority 200

  associate-context V-CONTEXT-A

  inservice

ft group 3

  peer 1

  priority 200

  peer priority 250

  associate-context V-CONTEXT-B

  inservice

You could end your work by issuing a 'show ft group status' the verify the FT for the two virtual contexts. Just remember, that initially the status might very well read BULK. This changes, once the sync is completed.

hth

/Ulrich

3 REPLIES
Bronze

Re: Cisco ACE Module Redundancy

Hi Robert,

The process of selecting which module has active ownership of a given context is determined by the priority, much like HSRP. In your configuration, you want to "share the load" of your two virtual contexts between the two modules. Also remember to define priority for your admin-context as well.

This sample config should help you get started:

ACE/CHASSIS 1

------------------------

interface vlan 1000

  service-policy input REMOTE_MGMT_ALLOW_POLICY

  no shutdown

ft interface vlan 60

  ip address 10.10.60.10 255.255.255.0

  peer ip address 10.10.60.11 255.255.255.0

ft peer 1

  heartbeat interval 300

  heartbeat count 20

ft-interface vlan 60

  query-interface vlan 1000

ft group 1

  peer 1

  priority 250

  peer priority 200

  associate-context Admin

  inservice

ACE/CHASSIS 2

------------------------

interface vlan 1000

  service-policy input REMOTE_MGMT_ALLOW_POLICY

  no shutdown

ft interface vlan 60

  ip address 10.10.60.11 255.255.255.0

  peer ip address 10.10.60.10 255.255.255.0

ft peer 1

  heartbeat interval 300

  heartbeat count 20

ft-interface vlan 60

  query-interface vlan 1000

ft group 1

  peer 1

  priority 200

  peer priority 250

  associate-context Admin

  inservice

since you omitted the part of your configuration, I assume that you've already configured ressource-classes, access-lists, snmp etc.

Once the baseline Admin-context has been configured, make sure that the FT is working properly. Issue a 'sh ft grou status' on the admin-context and make sure, that it reads something like this:

FT Group                     : 1
Configured Status         : in-service
Maintenance mode       : MAINT_MODE_OFF
My State                     : FSM_FT_STATE_ACTIVE
Peer State                   : FSM_FT_STATE_STANDBY_HOT
Peer Id                        : 1
No. of Contexts            : 1

Then, define your virtual contexts, resource-class allocation and vlan-allocation. And then simply repeat the FT-group configuration and prioritize your contexts according to your needs. Since the FT is already established and, hopefully, working, you only need to configure this on the active Admin-context:

ft group 2

  peer 1

  priority 250

  peer priority 200

  associate-context V-CONTEXT-A

  inservice

ft group 3

  peer 1

  priority 200

  peer priority 250

  associate-context V-CONTEXT-B

  inservice

You could end your work by issuing a 'show ft group status' the verify the FT for the two virtual contexts. Just remember, that initially the status might very well read BULK. This changes, once the sync is completed.

hth

/Ulrich

New Member

Re: Cisco ACE Module Redundancy

Thanks for your answer. I see this clear now.

Best Regards.

New Member

Cisco ACE Module Redundancy

Does the VLAN 1000 interface need an IP on it to be the query-interface? I'm a little confused on the use of this interface.  I understand the FT interface, what is the query-interface really used for?

1036
Views
0
Helpful
3
Replies
CreatePlease to create content