High Availability

As part of flexiWAN’s High Availability, VRRP is available to achieve flexiEdge redundancy. VRRP, or Virtual Router Redundancy Protocol, is a protocol designed to increase the availability of the default gateway servicing hosts on a LAN by providing backup to the primary gateway. VRRP enables the establishment of a virtual or logical router made up of two or more physical routers. One of these is the master, or primary, while the others are backups.

While there are numerous VRRP implementations available, at flexiWAN, we’ve tailored it to align with our unique SD-WAN perspective. Our primary emphasis with High Availability (HA) implementation is on ease-of-use and rapid deployment.

Note

In addition to high availability with VRRP, flexiWAN also includes and have out-of-the-box working WAN and tunnel redundancy for each of the devices.

Prerequisites

To understand and deploy High Availability and VRRP within flexiWAN, it’s essential to familiarize yourself with the following key points:

  • For High Availability, two or more flexiEdge devices are required.

  • By design, VRRP will bind to LAN ports of the devices.

  • LAN interfaces of the deviced used with HA are required to use the same network range (i.e: 192.168.10.0/24).

  • Before deploying High Availability, flexiEdge devices must be registered with flexiManage.

  • Each of flexiEdge devices may have DHCP server enabled on LAN. LAN clients will receive DHCP leases only from primary / active node.

  • HA supports only wired LAN interfaces. VLAN interfaces are supported.

  • VRRP on a virtualized environment is supported as long as virtual switch supports multicast.

Deploying HA

In the deploying HA section, the following steps are covered:

  1. Device configuration and preparation for High Availability

  2. Creating VRRP group as part of HA.

  3. Verifying HA functions properly.

Device configuration

For High Availability to work, two or more flexiEdge devices are required. In order for the flexiEdge devices to work with VRRP, both devices must use the same network range on their LAN interfaces. While range must be the same, IP’s cannot be identical on both edges.

High Availability 1

Navigate to the first flexiEdge and verify WAN and LAN are assigned. Take note of LAN interface IP and network range, in this case 192.168.91.10/24.

High Availability 2

Navigate to the second node and make sure the same network range is used on LAN, but with a different IP. In this case IP is 192.168.91.20/24.

High Availability 3

Confrim both edges have the same network range and navigate to the next section.

Creating VRRP group

After preparing the flexiEdge nodes, from the side menu click on High Availability > VRRP. Click on New VRRP Group to start the configuration.

High Availability 4

On the next page VRRP group settings are shown.

High Availability 5

  • Name - enter group name

  • Virtual Router ID - Used to set router VRID, all routers in the same LAN subnet communicate with each other. Specify a value between 1 and 255.

  • Virtual IP - IP address of the virtual router, gateway which LAN clients will use. Must be of the same network range as LAN on edge devices.

  • Virtual MAC - MAC address of the virtual router.

  • Preemtion - Controls whether a higher priority Backup router preempts a lower priority Master. When disabled, track interfaces are not respected.

  • Accept mode - Controls whether a virtual router in Master state will accept packets addressed to the virtual IP address.

Enter the required name, VRID and Virtual IP.

High Availability 6

Click on Add device to add the first HA node. The following settings are presented.

  • Device - Select the device which will be member of the HA group.

  • Interface - select LAN interface which VRRP will bind to.

  • Priority - Sets device priority in HA group. Higher number is Master. E.g 100 is Backup, 200 is Master.

  • Mandatory track interfaces - Select additional interfaces which are mandatory for the device to remain as Master. If any of the selected interfaces goes down, node will switch to backup.

  • Optional track interfaces - When multiple interfaces are selected as optional, device will switch to Backup if all of the interfaces listed are down.

From the device section pick the primary node. Set its LAN interface and priority of 100. Set eth1 (LAN) as Mandatory track interface and click save.

High Availability 7

Repeat the same for secondary flexiEdge, set 90 for Priority.

High Availability 8

Confirm both devices are added and click save to enable High Availability / VRRP.

High Availability 8

Devices will start syncing and in a few moments High Availability will be enabled.

High Availability 9

Verifying HA function

In order to confirm High Availability is sucesfully deployed and work it, test it by unplugging the network cable from the primary node. To check which node is primary, simply navigate to a device within the HA group and from the Status menu, click on VRRP.

High Availability 9

Once the primary / master node is identified, simply unplug the LAN or WAN and from the LAN side check that the LAN client still has internet / upstream connectivity.