AppDirector Redundancy Mechanism
|
|
- Edmund Rudolph Nash
- 6 years ago
- Views:
Transcription
1 AppDirector Redundancy Mechanism Technical Application Note North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ Tel International Radware Ltd. 22 Raoul Wallenberg St. Tel Aviv 69710, Israel Tel
2 Page Scope This document is a technical discussion of the redundancy mechanisms available for the AppDirector family of products. The document assumes previous knowledge of basic AppDirector product features, operation, and configuration. The redundancy mechanism and its supporting features discussed here apply specifically to the AppDirector products. The support of these features in other Radware products might vary. Overview AppDirector aligns server infrastructure operations with application front end requirements to eliminate traffic surges, server bottlenecks, connectivity disconnects and downtime to enable 24/7 application continuity and data center availability. To provide 24/7 availability all points of failure in the data center must be eliminated, including possibility of AppDirector failures. As such Radware recommends installing its devices in pairs, to provide fault tolerance in the case of a single device's failure. To achieve redundancy between pairs of devices, Radware recommends using Virtual Router Redundancy Protocol (VRRP). Working with VRRP enables to maintain dynamic redundancy using a logical entity called virtual router (VRRP was initially developed to provide high availability for routers, hence the name virtual router. However this protocol can be supported by a wide range of devices that are not routers as it is not a routing protocol - it does not advertise IP routes or affect the routing table in any way). With VRRP, IP Addresses are associated with the Virtual MAC Addresses that are owned by the main device, and are taken over by the backup device at fail-over time. AppDirector supports two redundancy modes: Active-Backup - A redundancy scenario involving 2 devices where one device is the designated Active device for all services (VIPs). In the event of a failure of the Active device, the Backup device temporarily assumes ownership of the VIPs. Active-Active - A redundancy scenario involving 2 devices where each device is both the Active device for some VIPs and the Backup device for other VIPs. In the event of a failure of one device, the other device temporarily assumes ownership of all VIPs. Radware also provides a proprietary redundancy method that uses Address Resolution Protocol to monitor the other device in a pair and to check its availability. The recommended redundancy mechanism for AppDirector is VRRP, however if for legacy reasons you are using the proprietary mechanism, please see Appendix 1 for details on this mechanism.
3 Page Stateful Failover Stateful failover allows a backup device to take over when a main device fails, without dropping existing sessions or breaking persistency. AppDirector supports stateful failover by mirroring the content of the tables that define session state: Client table, Session ID (persistency) table, Proximity table and DNS Persistency table. For better mirroring performance it is recommended to provide dedicated direct connection (cross-cable) between the AppDirector devices. This prevents delays and packet loss that can occur when mirroring data is sent via the network and is influenced by network load (see blue dotted line in Figure 1). Note: For increased reliability the direct connection between the devices can be implemented using a trunk (link aggregation). Physical IP Addresses versus Virtual IP Addresses Redundancy In redundancy configurations the main and the backup AppDirectors utilize both virtual and physical addresses. While the same virtual IP addresses are defined on both main and backup AppDirectors, different physical IP addresses are used for the main and backup devices. When a physical interface of the main AppDirector device is set as the default gateway of a server, when the backup AppDirector takes over, the server can work as usual because the backup AppDirector takes ownership on that IP address. The problem is that in this situation the server cannot ping its default gateway IP address, as the main device is down. To avoid this scenario, it is recommended to use virtual IP Interface addresses as default gateway of servers and other devices around AppDirector. To do that, create a virtual IP Interface address for each local subnet of AppDirector, and use this address in the relevant routing tables for hosts on that subnet. Make sure to set the same virtual IP Interface addresses as backup on the backup device.
4 Page Radware Redundancy Terms Interface Grouping Selective Interface Grouping This feature ensures that the backup device will take over even if only some of the active device physical ports are down. When this feature is enabled, a device will intentionally stop responding to ARPs on all of its ports if any of its physical ports is down, causing backup device to take over. Selective Interface Grouping allows defining which physical ports trigger interface grouping, and subsequently device failover, and which do not. When Interface grouping is triggered, it stops answering to ARP only on the ports that are included in Selective Interface Grouping. The most common example of a port that should not usually trigger device failover is management port. Note: To exclude a management port from triggering interface grouping you can either set it as Exclude in the Selective Interface Grouping table or configure it as Dedicated Management Port. Backup Interface Grouping Backup in VLAN Force Port Down Preempt Mode When this feature is enabled, it causes the device to take over only when all interfaces of the main device that are participating in redundancy are down. Respectively, it will release those interfaces only when all the main's interfaces are up. In Regular VLAN configuration, the device that is inactive can cause broadcast storms and lead to loops. Backup in VLAN, when enabled, prevent loop creation. This capability allows forcing down electrically, for a short period, physical ports belonging to a VLAN when the VLAN is disabled due to Interface Grouping activation. This allows the switches to which these ports are connected to clear their MAC tables and prevents them from continuing to send traffic to the wrong AppDirector device this problem is relevant mainly for Regular VLANs. This capability is supported only in VRRP configuration. This parameter defines the takeover procedure for a VR when the master device fails and then resumes functioning. When the master device for this VR resumes functioning, the
5 Page Preemption Mode decides whether it should retake control of the VR from the backup device (Preempt Mode set to True) or whether the backup device should maintain control of the VR (Preempt Mode set to False). Default is True. Note: The device that owns the IP address(es) associated with the VR always preempts independent of the setting of this flag. So to allow configurations where preemption is disabled, only virtual IP addresses should be associated to VR. VIP Virtual IP Interface (VIPI) The Virtual IP Address is an IP Address that is configured on a device, but not assigned to a specific physical interface. In this document we refer to VIP as virtual IP addresses that represent a service for which AppDirector provides load balancing, and do not include VIPI addresses (though both service VIPs and VIPIs are configured via the same L4 policy mechanism on the device). An IP address configured on AppDirector, which is not assigned to a physical port. This IP address is required in redundancy configurations to allow continuous access to AppDirector from any interface and to DNS resolving capability, no matter which AppDirector device is active. VRRP Introducing VRRP VRRP (Virtual Router Redundancy Protocol), defined in RFC 2338, is a standard protocol that enables dynamic device redundancy. If the main device fails, VRRP ensures that the backup device takes over and that traffic is forwarded to it. The basic concept in VRRP is that of a Virtual Router (VR). A VR has a Virtual Router Identifier (VRID) and one or more IP addresses associated with it. Each VR has a VRMAC, which is a MAC address associated with the VR. This saves the need for a MAC address update in case of a fail-over. The VRMAC address is determined by the VRID and does not need to be configured manually. Typically, the same VR is configured on multiple devices to achieve redundancy between them for the VR. Each device has a priority for a VR, and the main device for the VR is the device with the highest priority. Using VRRP, the main device constantly sends advertisements to other VRRP devices to indicate that it is online. When the advertisements stop, the main device is assumed to be inactive. A new main device is then selected for this VR; that is, the device with the next highest priority for that VR.
6 Page VRRP in Radware For a typical active-backup scenario, a VR is required for each interface of AppDirector. In a standard AppDirector setup (Figure 1), 2 VRs are required: VR-I: For the Internet side of the device. VR-S: For the server side of the device. You need to configure all VRs on each device, and associate the appropriate IP addresses with each VR. Typically, physical IP interfaces and virtual addresses are associated with VRs. However Radware recommends to associate virtual IP interfaces (VIPI) instead of physical IP interfaces. The following addresses should be associated to VRs: To the VR on the Internet side: a. VIPI for the Internet side subnet. b. VIPs. VIPs that belong to a different subnet than the Internet side physical interface do not have to be associated to the VR, unless the up-stream router has a leg on the VIPs subnet (even though AppDirector does not have such an IP interface). In case VIPs are not associated make sure the up-stream router has route configured for the VIPs using device VIPI as Next Hop Router. AppDirector allows to automatically associate VIPs to VR by enabling the VRRP Automated Configuration Updates parameter (only VIPs configured after the flag is enabled are automatically associated to VR). The VIP is associated to the VR whose Primary IP (device physical IP interface) is on the same subnet as the VIP. If no such VR is found (VR is not yet configured or VIP does not belong to the subnet on the Internet side) the VIP is not associated. c. Outbound NAT addresses when relevant. If Outbound NAT addresses belong to a different subnet than the Internet side physical interface, the same observation made for VIPs is valid. The VRRP standard limits the number of IP addresses that can be associated to a VR to 256. In cases where there are more than 255 addresses to be associated (VIPs and Outbound NAT together) there are 2 options: a. If the addresses belong to a different subnet than the Internet side physical interface, there is no need to associate them, as explained above. b. Configure multiple VRs on the same device interface and split the IP addresses between them. To the VR on the server side: a. VIPI for the server side subnet. b. Client NAT addresses when relevant. If Client NAT addresses belong to a different subnet than the server side physical interface, the same observation made for VIPs is valid.
7 Page Failover Duration For each VR user can configure the interval at which the VRRP advertisements are sent. The minimum defined by the VRRP RFC is 1 second. Failover will occur at 3 times the advertise interval plus up to 1 second for the skew time. For example, if the advertise interval is 1 second, the failover will occur within 4 seconds. (Refer to the VRRP RFC for more information on the skew time). It is possible to lower the failover period by using the VRRP Advertise Interval parameter that applies to all VRs on the device. This parameter can configure advertise interval in steps of 100ms with a minimum of 100ms this means that the minimum failover time can be ms. However please note that: a. Using this parameter does not conform to VRRP RFC b. When device is overloaded it might miss arriving VRRP advertisements Basic Configurations Routing Configuration Green Physical IP Interfaces Purple Virtual IP Interfaces Orange Virtual IP Internet AppDirector Servers Figure 1 Routing Configuration
8 Page Bridging Configuration Figure 2 - Bridging Configuration Direct Connection Figure 3 - Direct Connection
9 Page Configuration Recommendations Active-Backup To ensure proper AppDirector failover in Active-Backup configuration, Radware recommends performing the following steps on both devices: 1. Interface Grouping: a. Enable Interface Grouping on both devices b. Enable Backup Interface Grouping on both devices (default). c. Configure Selective Interface Grouping on both devices - the physical ports for all device interfaces that you want to participate in the failover process must be set to Include. All other ports should be set to Exclude. The following ports should be excluded: º Dedicated management ports (when using Dedicated Management Port parameter, that port is automatically excluded, no matter what the Selective Interface Grouping configuration is) º Ports that provide connectivity between two AppDirector devices for mirroring purposes. d. When VLANs are used, configure VLAN Up/Down criteria and VLAN Port Interface Grouping (for each VLAN port it is possible to decide whether it is included in the VLAN up/down criteria or not for example a port that is used for traffic connectivity to the other device, should be excluded). 2. Additional configuration in VLAN environment a. Regular VLAN º Enable Backup in VLAN parameter on both devices. º Enable Force Port Down functionality on both devices. b. Switch VLAN When using Switch VLAN loops can occur. Configurations that create loops in the network can be supported on AS4 and AS5 platforms by using the Rapid Spanning Tree protocol to prevent loops. Please see AppDirector Solution Guide for details on Spanning Tree configurations. If you are using other platforms please refrain from creating loop configuration. 3. Set Redundancy Admin Status to VRRP. 4. Configure Virtual Routers (VR) for all device interfaces that must participate in the failover (no VR is required for a dedicated management interface or mirroring only interface, for example). a. The same VRID must be used on both devices for the same interface.
10 Page b. The priority of all the VRs on the Active device must be higher than the priority of the same VRs on the Backup. It is recommended to use a maximum priority of 254 on the primary device (priority 255 has special meaning which overrides the preemption switch and renders the device unmanageable during failover events) and 100 on the backup. Note: All the interfaces for which VRIDs are defined, and only those interfaces, should be Included in Selective Interface Grouping. 5. Associate IP addresses to VRs as explained above. 6. Enable all VRIDs at once (All VRIDs Up). 7. Configure mirroring for stateful failover. If Preemption mode is enabled for all VRIDs: a. Active device º Select the tables that should be mirrored b. Backup device º Configure the mirroring address of the second device (in the configuration examples above, or , or ) º Enable mirroring If Preemption mode is disabled the following configuration is required on both devices: o Configure the mirroring address of the second device o Enable mirroring o Select the tables that should be mirrored Active-Active To ensure proper AppDirector failover in Active-Backup configuration, Radware recommends performing the following steps on both devices: 1. Configure Redundancy Status Primary for Layer 4 Policies on the device that should, in normal operation conditions, be the active device for this policy, and Backup on the other device. 2. Interface Grouping: a. Enable Interface Grouping on both devices b. Disable Backup Interface Grouping on both devices. c. Configure Selective Interface Grouping on both devices - the physical ports for all device interfaces that you want to participate in the failover process must be set to Include. All other ports should be set to Exclude. The following ports should be excluded:
11 Page º Dedicated management ports (when using Dedicated Management Port parameter, that port is automatically excluded, no matter what the Selective Interface Grouping configuration is) º Ports that provide connectivity between two AppDirector devices for mirroring purposes. d. When VLANs are used, configure VLAN Up/Down criteria and VLAN Port Interface Grouping (for each VLAN port it is possible to decide whether it is included in the VLAN up/down criteria or not for example a port that is used for traffic connectivity to the other device, should be excluded). 3. Additional configuration in VLAN environment a. Regular VLAN º Enable Backup in VLAN parameter on both devices. º Enable Force Port Down functionality on both devices. b. Switch VLAN When using Switch VLAN loops can occur. In the example in Figure 3 if the servers try to communicate between them they can create loops in the network. Configurations that create loops in the network can be supported on AS4 and AS5 platforms by using the Rapid Spanning Tree protocol to prevent loops. If you are using other platforms please refrain from creating loop configuration. 4. Set Redundancy Admin Status to VRRP. 5. Configure Virtual Routers (VR) for all device interfaces that must participate in the failover. a. 2 VRs must be configured on the Internet side device interface and 2 VRs must be configured on the server side device interface (if servers belonging to farms that are in main state on this device and servers belonging to farms that are in backup state on this device, are connected to the same device physical interface). Note: In Active-Active configuration the same server cannot be connected to two different farms that have different redundancy status on the same device. If for example we configure VRs with ID X and Y on the same physical interface, on devices A and B: º On device VRID X will have higher priority on device A than on device B while VRID Y will have lower priority on device A than on device B.
12 Page º 2 VIPIs are configured on the server subnet. One VIPI will be attached to VRID X on both devices and will be configured as default gateway on the servers for whom device A is master, and the other VIPI will be attached to VRID Y on both devices and will be configured as default gateway on the servers for whom device B is master. b. The same VRID must be used on both devices for the same VR. c. Each device will have a master VR (higher priority than on the other device) and a backup VR (lower priority than on the other device) on the Internet side and a master VR and a backup VR on the server side. It is recommended to use a maximum priority of 254 on the primary device (priority 255 has special meaning which overrides the preemption switch and renders the device unmanageable during failover events) and 100 on the backup. 8. Associate IP addresses to VRs as explained above: º To the master VR on the Internet side: VIPI, VIPs and Outbound NAT addresses for which this device should be master. º To the backup VR on the Internet side: VIPI, VIPs and Outbound NAT addresses for which this device should be backup. º To the master VR on the server side: VIPI and Client NAT addresses for which this device should be master. º To the backup VR on the server side: VIPI and Client NAT addresses for which this device should be backup. 6. Enable all VRIDs at once (All VRIDs Up). 7. Configure mirroring for stateful failover. In Active-Active redundancy configurations, mirroring can only be enabled in one direction (from device A to device B OR vice-versa, but NOT BOTH). a. Device whose active farms state should be mirrored º Select the tables that should be mirrored b. Device whose active farms state should not be mirrored, but provides backup for the first device farms º Configure the mirroring address of the other device º Enable mirroring Switch configuration recommendation It is strongly recommended to enable fast learning mode on the network switch ports to which Radware devices are connected, i.e., the Cisco Portfast command on Cisco Switches, and equivalent commands on the others. If fast learning mode is not enabled it causes failback (backup-to-active) to flip-flop, before failing back.
13 Page Appendix 1 - Proprietary Redundancy There are 2 basic functions inherent to Radware s proprietary redundancy mechanism: polling and teaching. These functions govern the redundancy operation between AppDirector devices. To illustrate these concepts we use the redundant configuration shown in Figure 1. Polling The two AppDirector devices poll each other on each of their shared interfaces using ARP. This way, one device can always know whether the other is up or down. Physical IP Interfaces are configured to poll other physical IP Interfaces. In the example above, AppDirector2 s and interface addresses would be configured to poll AppDirector1 s and addresses, respectively. The polling frequency and the number of retries before a device is considered down are configurable. Teaching Once an AppDirector interface considers the other AppDirector interface to be down, it must assume responsibility for the failed IP Address. For example, in Figure 1, if AppDirector1 fails and AppDirector2 decides to pick up for it, AppDirector2 must assume responsibility for IP Addresses and To do this, it does the following: 1. AppDirector2 teaches the x network that its port 1 MAC address is now the MAC address of AppDirector2 teaches the x network that its port 2 MAC address is now the MAC address of Once AppDirector2 has taught the network its own MAC addresses for and , it continues to ARP and As long as there is no answer, it will respond to ARPs destined to and , thereby continuing to assume responsibility for these addresses. AppDirector Layer 4 policies can be configured in one of two modes: regular or backup. If a layer 4 policy is configured as regular on AppDirector1, AppDirector1 assumes responsibility for its VIP and responds to ARP messages looking for the VIP with its port 1 MAC. AppDirector2 would not respond to ARPs to this VIP as long as it is inactive.
14 Page Additional Redundancy Terms The following terms are relevant to proprietary redundancy only: Fake ARP in Backup ARP in Interface Grouping In order to speed up the failover process from the backup device to the main device (when main device becomes operational after failure), the backup device sends ARPs advertising that the main device IP addresses now correspond to the MAC addresses of the main device. This is fake ARP, as one device (the backup) publishes the other device (the main). This parameter is enabled by default; however the fake ARP might confuse some Layer 3 switches, as they update their ARP tables by the source MAC of the packet, rather than by the MAC in the information part of the packet. In this case it can be disabled. Defines whether the device can send ARP requests (to servers for example) while interface grouping is active. Basic Configurations The basic configurations for which proprietary configuration can be supported are those shown in Figure 1and Figure 2. Direct connection configurations are not supported by proprietary redundancy mechanism. Configuration Recommendations Active-Backup To ensure proper AppDirector failover in Active-Backup configuration, Radware recommends performing the following steps: Active Device: 1. Configure Redundancy Status Primary for all Layer 4 Policies. 2. Interface Grouping: a. Enable Interface Grouping b. Disable Backup Interface Grouping c. Configure Selective Interface Grouping - the physical ports for all device interfaces that you want to participate in the failover process must be set to Include. All other ports should be set to Exclude (same as for VRRP). c. When VLANs are used, configure VLAN Up/Down criteria and VLAN Port Interface Grouping (same as for VRRP) 3. Leave Redundancy Admin Status as Disabled.
15 Page Backup Device 1. Configure Redundancy Status Backup for all Layer 4 Policies. 2. Interface Grouping: d. Disable Interface Grouping e. Enable Backup Interface Grouping 3. Enable Backup in VLAN 4. Set Redundancy Admin Status to Proprietary. 5. Configure in the IP Redundancy table all the device interfaces that must participate in the failover and their correspondent on the Main device (not for a dedicated management interface or mirroring only interface, for example). Active-Active To ensure proper AppDirector failover in Active-Active configuration, Radware recommends performing the following steps on both devices: 1. Configure Redundancy Status for all Layer 4 Policies - the Redundancy Status of each Layer 4 policy will be set to Primary on the device that should, in normal operation conditions, be the active device for this policy and to Backup on the other device. 2. Interface Grouping: a. Enable Interface Grouping on both devices b. Disable Backup Interface Grouping on both devices. c. Configure Selective Interface Grouping - the physical ports for all device interfaces that you want to participate in the failover process must be set to Include. All other ports should be set to Exclude (same as for VRRP). d. When VLANs are used, configure VLAN Up/Down criteria and VLAN Port Interface Grouping. 3. Enable Backup in VLAN parameter on both devices. 4. Set Redundancy Admin Status to Proprietary. 5. Configure in the IP Redundancy table all the device interfaces that must participate in the failover and their correspondent on the other device (not for a dedicated management interface or mirroring only interface, for example). Switch configuration recommendation It is strongly recommended to enable fast learning mode on the network switch ports to which Radware devices are connected, i.e., the Cisco Portfast command on Cisco Switches, and equivalent commands on the others. If fast learning mode is not enabled it causes failback (backup-to-active) to flip-flop, before failing back.
Operation Manual VRRP. Table of Contents
Table of Contents Table of Contents... 1-1 1.1 Introduction to VRRP... 1-1 1.2 Configuring VRRP... 1-2 1.2.1 Configuring the Function of Pinging the Virtual IP Address... 1-3 1.2.2 Configuring the TTL
More informationConfiguring VIP and Virtual Interface Redundancy
CHAPTER 6 Configuring VIP and Virtual Interface Redundancy This chapter describes how to plan for and configure virtual IP (VIP) redundancy and virtual interface redundancy on the CSS. Information in this
More informationM2M CDMA Router. VRRP Configuration Guide
M2M CDMA Router VRRP Configuration Guide Copyright Copyright 2013 NetComm Wireless Limited. All rights reserved. The information contained herein is proprietary to NetComm Wireless. No part of this document
More informationS Series Switch. Cisco HSRP Replacement. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.
Cisco HSRP Replacement Issue 01 Date 2013-08-05 HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior
More informationVirtual Router Redundancy Protocol (VRRP) Technical Support Guide
Virtual Router Redundancy Protocol (VRRP) Technical Support Guide Copyright Copyright 2015 NetComm Wireless Limited. All rights reserved. The information contained herein is proprietary to NetComm Wireless.
More informationMigrating from Cisco HSRP to industry standard VRRP
Migrating from Cisco HSRP to industry standard VRRP Technical white paper Table of contents Router Redundancy Protocol overview... 2 Introduction to Cisco Hot Standby Router Protocol (HSRP)... 2 Introduction
More informationRadware AppDirector Load Balancing Microsoft LCS servers, LCS Director and LCS Access Proxy Servers.
TESTING & INTEGRATION GROUP TECHNICAL SOLUTION GUIDE Radware AppDirector Load Balancing Microsoft LCS servers, LCS Director and LCS Access Proxy Servers. INTRODUCTION...2 RADWARE APPDIRECTOR... 3 MICROSOFT
More informationHP VPN Firewall Appliances
HP VPN Firewall Appliances High Availability Configuration Guide Part number: 5998-4169 Software version: F1000-A-EI/F1000-S-EI (Feature 3726) F1000-E (Release 3177) F5000 (Feature 3211) F5000-S/F5000-C
More informationConfiguring Box-to-Box Redundancy
CHAPTER 3 This chapter describes how to configure redundancy between two identically configured Cisco Content Services Switches (CSSs). Information in this chapter applies to all CSS models, except where
More informationNAT Box-to-Box High-Availability Support
The feature enables network-wide protection by making an IP network more resilient to potential link and router failures at the Network Address Translation (NAT) border. NAT box-to-box high-availability
More informationStatic NAT Mapping with HSRP
This module contains procedures for configuring Network Address Translation (NAT) to support the increasing need for highly resilient IP networks. This network resiliency is required where application
More informationHP Load Balancing Module
HP Load Balancing Module High Availability Configuration Guide Part number: 5998-2687 Document version: 6PW101-20120217 Legal and notice information Copyright 2012 Hewlett-Packard Development Company,
More informationConfiguring VRRP. Finding Feature Information. The Virtual Router Redundancy Protocol (VRRP) is an election protocol that dynamically assigns
The Virtual Router Redundancy Protocol (VRRP) is an election protocol that dynamically assigns responsibility for one or more virtual routers to the VRRP routers on a LAN, allowing several routers on a
More informationZone-Based Policy Firewall High Availability
The feature enables you to configure pairs of devices to act as backup for each other. High availability can be configured to determine the active device based on a number of failover conditions. When
More informationVRRPv3 Protocol Support
Virtual Router Redundancy Protocol (VRRP) enables a group of routers to form a single virtual router to provide redundancy. The LAN clients can then be configured with the virtual router as their default
More informationHUAWEI AR Series SEP Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 1.0. Date
HUAWEI AR Series SEP Technical White Paper Issue 1.0 Date 2015-01-19 HUAWEI TECHNOLOGIES CO., LTD. 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by
More informationIndex. Numerics. Index p priority (QoS) definition Q VLAN standard w as a region 5-54
Index Numerics 802.1p priority (QoS) 802.1Q VLAN standard 5-7 802.1w as a region 5-54 A active path 5-5 address IP 7-8 advertisement 3-3 applicable products 1-ii ARP age setting 7-10 cache 7-4 cache table
More informationNetwork Design First Hop
Network Design First Hop First Hop Redundancy, Server Redundancy Agenda First Hop Redundancy Proxy ARP, IDRP, DHCP HSRP VRRP GLBP Design Access WAN Server Load Balancing SLB DNS First Hop Redundancy, v1.6
More informationSecondary Address Support
Secondary Address Support Peter Jones July 21, 2003 7/21/2003 3:19 PM pj_sec_addr_02.ppt 1 Secondary Addresses Allows for more efficient support of protocols like RFC 2338 Virtual Router Redundancy Protocol.
More informationITDumpsKR. IT 인증시험한방에패스시키는최신버전시험대비덤프
ITDumpsKR http://www.itdumpskr.com IT 인증시험한방에패스시키는최신버전시험대비덤프 Exam : 300-115 Title : Implementing Cisco IP Switched Networks Vendor : Cisco Version : DEMO Get Latest & Valid 300-115 Exam's Question and
More informationH3C S5830V2 & S5820V2 Switch Series
H3C S5830V2 & S5820V2 Switch Series High Availability Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release2108 Document version: 6W101-20120531 Copyright
More informationVRRP (Virtual Router Redundancy Protocol) Function Added
VRRP (Virtual Router Redundancy Protocol) Function Added Category S/W Release Version Date General 7.01 22 Dec. 2003 Function Description This protocol ties a number of routers as a group and assigns one
More informationRadware's Application Front End solution for Microsoft Exchnage 2003 Outlook Web Access (OWA)
TESTING & INTEGRATION GROUP SOLUTION GUIDE Radware's Application Front End solution for Microsoft Exchnage 2003 Outlook Web Access (OWA) INTRODUCTION... 2 SOLUTION DETAILS... 3 HOW IT WORKS... 3 SOFTWARE
More informationConfiguring ARP. Prerequisites for Configuring ARP. Restrictions for Configuring ARP
Address resolution is the process of mapping network addresses to Media Access Control (MAC) addresses. This process is accomplished using the Address Resolution Protocol (ARP). This module describes how
More informationCCNA 3 (v v6.0) Chapter 3 Exam Answers % Full
CCNA 3 (v5.0.3 + v6.0) Chapter 3 Exam Answers 2017 100% Full ccnav6.com /ccna-3-v5-0-3-v6-0-chapter-3-exam-answers-2017-100-full.html CCNA Exam Answers 2017 CCNA 3 (v5.0.3 + v6.0) Chapter 3 Exam Answers
More informationMikroTik RouterOS Training. Routing. Schedule. Instructors. Housekeeping. Introduce Yourself. Course Objective 7/4/ :00 10:30 Morning Session I
MikroTik RouterOS Training Routing Schedule 09:00 10:30 Morning Session I 10:30 11:00 Morning Break 11:00 12:30 Morning Session II 12:30 13:30 Lunch Break 13:30 15:00 Afternoon Session I 15:00 15:30 Afternoon
More informationChapter 32 VSRP Commands
Chapter 32 VSRP Commands activate Activates a VSRP VRID. NOTE: This command is equivalent to the enable command. ProCurveRS(config)# vlan 200 ProCurveRS(config-vlan-200)# tag ethernet 1/1 to 1/8 ProCurveRS(config-vlan-200)#
More informationLayer 3 Switch Processing. CEF-Based Multilayer Switches. Layer 3 Switch Processing (Cont.)
Layer 3 Switch Processing In Layer 3 switches, the control path and data path are relatively independent. The control path code, such as routing protocols, runs on the route processor. Data packets are
More informationService Graph Design with Cisco Application Centric Infrastructure
White Paper Service Graph Design with Cisco Application Centric Infrastructure 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 101 Contents Introduction...
More informationRealCiscoLAB.com. Configure inter-vlan routing with HSRP to provide redundant, fault-tolerant routing to the internal network.
RealCiscoLAB.com CCNPv6 SWITCH Hot Standby Router Protocol Topology Objective Background Configure inter-vlan routing with HSRP to provide redundant, fault-tolerant routing to the internal network. Hot
More informationConfiguring a Cluster in IPSO 5 with Both Members in Active Mode
Configuring a Cluster in IPSO 5 with Both Members in Active Mode In This Document Configuring a VSX Cluster Member page 1 Configuring the Link Aggregation Group (LAG) page 5 Active Active Mode VRRP Configuration
More informationVodafone MachineLink. VRRP Configuration Guide
Vodafone MachineLink VRRP Configuration Guide Document History This guide covers the following products: Vodafone MachineLink 3G (NWL-10) Vodafone MachineLink 3G Plus (NWL-12) Vodafone MachineLink 4G (NWL-22)
More informationConfiguring EtherChannels and Link-State Tracking
CHAPTER 37 Configuring EtherChannels and Link-State Tracking This chapter describes how to configure EtherChannels on Layer 2 and Layer 3 ports on the switch. EtherChannel provides fault-tolerant high-speed
More informationSEP Technology White Paper
Issue 01 Date 2013-05-25 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationNetwork-Level High Availability
This chapter describes Cisco NX-OS network high availability and includes the following sections: Information About, page 1 Licensing Requirements, page 2 Spanning Tree Protocol, page 2 Virtual Port Channels,
More informationSection 6.2, IP Routing. Section 6.4, IP/VPN Policy. Section 6.5, IP Quality of Service. Section 6.6, The BANDIT as Firewall
Chapter 6 IP Routing and IPX Routing This chapter discusses IP routing, IP/VPN Policy, and related features in the BANDIT products. It also discusses IPX routing. See the following sections: Section 6.2,
More informationSecBlade Firewall Cards Stateful Failover Configuration Examples
SecBlade Firewall Cards Stateful Failover Configuration Examples Keywords: Stateful failover, active/standby mode, active/active mode, data synchronization, traffic switchover Abstract: A network that
More informationConfiguring EtherChannels and Layer 2 Trunk Failover
35 CHAPTER Configuring EtherChannels and Layer 2 Trunk Failover This chapter describes how to configure EtherChannels on Layer 2 and Layer 3 ports on the switch. EtherChannel provides fault-tolerant high-speed
More informationCIS 83 Midterm Spring 2004 Answer Sheet Name Score Grade Question Answer Question Answer
CIS 83 Midterm Spring 2004 Answer Sheet Name: Score: Grade: Question Answer Question Answer 1 A B C D E F 51 A B C D E F 2 A B C D E F 52 A B C D E F 3 A B C D E F 53 A B C D E F 4 A B C D E F 54 A B C
More informationMonitoring Remote Access VPN Services
CHAPTER 5 A remote access service (RAS) VPN secures connections for remote users, such as mobile users or telecommuters. RAS VPN monitoring provides all of the most important indicators of cluster, concentrator,
More informationAssignment Six: Configure Hot Standby Router Protocol. Brian Dwyer. Morrisville State College
Running head: ASSIGNMENT SIX: CONFIGURE HSRP Assignment Six: Configure Hot Standby Router Protocol Brian Dwyer Morrisville State College ASSIGNMENT SIX 1 Brian Dwyer CITA370 2/5/2010 Assignment Six: Configure
More informationROUTING CONSORTIUM. Virtual Router Redundancy Protocol Operations Test Suite. Technical Document. Revision 2.5
ROUTING CONSORTIUM Virtual Router Redundancy Protocol Operations Test Suite Technical Document Revision 2.5 University of New Hampshire 121 Technology Drive, Suite 2 Durham, NH 03824 Routing Consortium
More informationBox to Box Redundancy on the CSS 11xxx Configuration Example
Box to Box Redundancy on the CSS 11xxx Configuration Example Document ID: 50405 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Background Information Configure
More informationVRRP with VPN FAILOVER
APPLICATION NOTE AN-004-WUK VRRP with VPN FAILOVER How to share a default gateway using a BRD- 355 Broadband Router and a MRD-455 4G router - including VPN failover INTRODUCTION What is VRRP? The Virtual
More informationChapter 6 Lab 6-1, First Hop Redundancy Protocols HSRP and VRRP INSTRUCTOR VERSION
CCNPv7.1 SWITCH Chapter 6 Lab 6-1, First Hop Redundancy Protocols HSRP and VRRP INSTRUCTOR VERSION Topology Objectives Configure inter-vlan routing with HSRP and load balancing Configure HSRP authentication
More informationLayer 3 Routing (UI 2.0) User s Manual
User s Manual Edition 3.3, November 2018 www.moxa.com/product Models covered by this manual: IKS-G6824A, ICS-G7826A, ICS-G7828A, ICS-G7848A, ICS-G7850A, ICS-G7852A, PT-G7828 Series 2018 Moxa Inc. All rights
More informationFocus: Technical overview of VRRP, configuration, and troubleshooting
Technical Reference Guide: Introduction to VRRP Focus: Technical overview of VRRP, configuration, and troubleshooting Table of Contents Using This Book...1 VRRP overiew...1 Monitored Circuit...3 Working
More informationvserver vserver virtserver-name no vserver virtserver-name Syntax Description
Chapter 2 vserver vserver To identify a virtual server, and then enter the virtual server configuration submode, use the vserver command. To remove a virtual server from the configuration, use the no form
More informationIndex. Numerics. Index 1
Index Numerics 802.1p priority (QoS) definition 8-6 802.1q VLAN in mesh 7-23 802.1Q VLAN standard 6-6 802.1w as a region 6-54 802.1x, mesh, not supported 7-5 A ABC enabled on edge switch 7-26 in mesh domain
More informationObjectives. 1. Introduction:
University of Jordan Faculty of Engineering & Technology Computer Engineering Department Advance Networks Laboratory 0907529 Exp.5 Spanning-Tree Protocol (STP) Objectives 1. Explain the role of redundancy
More informationCisco Implementing Cisco IP Switched Networks (SWITCH v2.0)
Cisco 300-115 Implementing Cisco IP Switched Networks (SWITCH v2.0) http://killexams.com/pass4sure/exam-detail/300-115 Question: 323 An administrator recently configured all ports for rapid transition
More informationConverged Application Server and Radware AppDirector Solution Guide
Converged Application Server and Radware AppDirector Solution Guide Products: SDPVendor Converged Application Server Radware AppDirector running APSOLUTE OS 1.07.11 build 14 2008 Radware, Ltd. All Rights
More informationMobile LOIC Counter Measures
Technical Security Note Mobile LOIC Counter Measures North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ 07430 Tel: (888) 234-5763 International Radware Ltd. 22 Raoul Wallenberg St. Tel Aviv
More informationActual4Test. Actual4test - actual test exam dumps-pass for IT exams
Actual4Test http://www.actual4test.com Actual4test - actual test exam dumps-pass for IT exams Exam : 200-125 Title : CCNA Cisco Certified Network Associate CCNA (v3.0) Vendor : Cisco Version : DEMO Get
More informationBIG-IP Local Traffic Management: Basics. Version 12.1
BIG-IP Local Traffic Management: Basics Version 12.1 Table of Contents Table of Contents Introduction to Local Traffic Management...7 About local traffic management...7 About the network map...7 Viewing
More informationDeployment Modes Citrix Product Documentation docs.citrix.com January 3, 2019
Citrix Product Documentation docs.citrix.com January 3, 2019 Contents Customizing the Ethernet ports 3 Port List.............................................. 3 Port Parameters 3 Accelerated Bridges (apa,
More informationNetwork+ Guide to Networks 7 th Edition
Network+ Guide to Networks 7 th Edition Chapter 10 Network Segmentation and Virtualization 2016 Cengage Learning. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in
More informationTop-Down Network Design
Top-Down Network Design Chapter Seven Selecting Switching and Routing Protocols Original slides by Cisco Press & Priscilla Oppenheimer Selection Criteria for Switching and Routing Protocols Network traffic
More informationSpatially aware sublayer support of VRRP. Marc Holness, Nortel Networks IEEE WG b SG San Antonio, Texas November, 2004
Spatially aware sublayer support of VRRP Marc Holness, Nortel Networks IEEE 802.17 WG 802.17b SG San Antonio, Texas November, 2004 Marc Holness - 1 Agenda Objectives Problem overview Solution overview
More informationCTS2134 Introduction to Networking. Module : Troubleshooting
CTS2134 Introduction to Networking Module 10.4 10.7: Troubleshooting Interpreting ipconfig Condition Static IP DHCP Alternate Configuration APIPA ipconfig /all Output DHCP Enabled = No and DHCP Server
More informationAggregate Interfaces and LACP
The following topics explain aggregate interface configuration and how LACP functions on managed devices: About Aggregate Interfaces, on page 1 LAG Configuration, on page 2 Link Aggregation Control Protocol
More informationH3C Firewall Devices. High Availability Configuration Guide (Comware V7) Hangzhou H3C Technologies Co., Ltd.
H3C Firewall Devices High Availability Configuration Guide (Comware V7) Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: F5020/F5040 firewalls M9006/M9010/M9014 security gateways
More informationCisco Virtual Office High-Scalability Design
Solution Overview Cisco Virtual Office High-Scalability Design Contents Scope of Document... 2 Introduction... 2 Platforms and Images... 2 Design A... 3 1. Configure the ACE Module... 3 2. Configure the
More informationConfiguring NAT for High Availability
Configuring NAT for High Availability Last Updated: December 18, 2011 This module contains procedures for configuring Network Address Translation (NAT) to support the increasing need for highly resilient
More informationFirst Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
First Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches) Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com
More informationExam questions. 1. How many HSRP (Hot Standby Routing Protocol) groups will need to be configured for each VLAN?
Nguyen Khac Quyet - Take Exam Exam questions Time remaining: 00: 20: 04 1. How many HSRP (Hot Standby Routing Protocol) groups will need to be configured for each VLAN? 2 3 4 1 2. What three tasks must
More informationPass4sures. Latest Exam Guide & Learning Materials
Pass4sures http://www.pass4sures.top/ Latest Exam Guide & Learning Materials Exam : 200-125 Title : CCNA Cisco Certified Network Associate CCNA (v3.0) Vendor : Cisco Version : DEMO Get Latest & Valid 200-125
More informationCommunication Redundancy User s Manual
User s Manual Fifth Edition, June 2015 www.moxa.com/product 2015 Moxa Inc. All rights reserved. User s Manual The software described in this manual is furnished under a license agreement and may be used
More informationImplementing High Availability. in a Campus Environment. Implementing High Availability. Single Forwarding Path vs. Single Forwarding Path.
Implementing High Availability Implementing High Availability in a Campus Environment To achieve high network availability, the following network components are required: Reliable, fault-tolerant network
More informationConfiguring Stateful Interchassis Redundancy
The Stateful Interchassis Redundancy feature enables you to configure pairs of devices to act as backups for each other. This module describes conceptual information about and tasks for configuring stateful
More informationConfiguring Resilient Ethernet Protocol
CHAPTER 19 This chapter describes how to use Resilient Ethernet Protocol (REP) on the Catalyst 4500 series switch. REP is a Cisco proprietary protocol that provides an alternative to Spanning Tree Protocol
More informationTop-Down Network Design
Top-Down Network Design Chapter Five Designing a Network Topology Original slides copyright by Cisco Press & Priscilla Oppenheimer Network Topology Design Issues Hierarchy Redundancy Modularity Well-defined
More informationLab 5-1 Hot Standby Router Protocol
Lab 5-1 Hot Standby Router Protocol Topology Diagram Objective Configure inter-vlan routing with HSRP to provide redundant, fault tolerant routing to the internal network. Scenario Step 1 HSRP provides
More informationCradlepoint VRRP configuration
Cradlepoint VRRP configuration Products Supported: AER2100. IBR11x0, IBR6x0 and MBR1400v2. Click here to identify your router. Firmware Version: 5.0.0 or newer. This article was written utilizing version
More informationSD-WAN Deployment Guide (CVD)
SD-WAN Deployment Guide (CVD) All Cisco Meraki security appliances are equipped with SD-WAN capabilities that enable administrators to maximize network resiliency and bandwidth efficiency. This guide introduces
More informationConfiguring IEEE 802.3ad LACP EtherChannels on the Cisco MWR 2941
29 CHAPTER Configuring IEEE 802.3ad LACP EtherChannels on the Cisco MWR 2941 Cisco MWR 2941 Release 3.5.1 and later supports IEEE 802.3ad Link Aggregation Control Protocol (LACP) EtherChannels. Note The
More informationGUIDELINES FOR USING DEVICE LEVEL RING (DLR) WITH ETHERNET/IP. PUB00316R ODVA, Inc. Page 1 of 18
GUIDELINES FOR USING DEVICE LEVEL RING (DLR) WITH ETHERNET/IP PUB00316R2 2017-2018 ODVA, Inc. Page 1 of 18 Guidelines for Using Device Level Ring (DLR) with EtherNet/IP Contents 1. Introduction... 3 2.
More informationIBM Spectrum NAS Version Network Guide IBM SC
IBM Spectrum NAS Version 1.7.0.0 Network Guide IBM SC27-9231-00 IBM Spectrum NAS is a Software-defined storage solution that provides file storage and offers an active/active storage solution to the end
More informationChapter 11. High Availability
Chapter 11. High Availability This chapter describes the high availability fault-tolerance feature in D-Link Firewalls. Overview, page 289 High Availability Mechanisms, page 291 High Availability Setup,
More informationConfiguring Routes on the ACE
CHAPTER2 This chapter describes how the ACE is considered a router hop in the network when it is in routed mode. In the Admin or user contexts, the ACE supports static routes only. The ACE supports up
More informationStateful Failover Technology White Paper
Stateful Failover Technology White Paper Keywords: Stateful failover, master/backup mode, load balancing mode, data synchronization, link switching Abstract: A firewall device is usually the access point
More informationSyntax instance instance [interface interface-name [vrid virtual-router-id] instance interface interface-name vrid virtual-router-id ipv6
VRRP Show Commands instance Syntax instance instance [interface interface-name [vrid virtual-router-id] instance interface interface-name vrid virtual-router-id ipv6 Context show>vrrp Description This
More informationDeployment Guide for SRX Series Services Gateways in Chassis Cluster Configuration
Deployment Guide for SRX Series Services Gateways in Chassis Cluster Configuration Version 1.2 June 2013 Juniper Networks, 2013 Contents Introduction... 3 Chassis Cluster Concepts... 4 Scenarios for Chassis
More informationConfiguring Rapid PVST+
This chapter contains the following sections: Information About Rapid PVST+, page 1, page 16 Verifying the Rapid PVST+ Configuration, page 24 Information About Rapid PVST+ The Rapid PVST+ protocol is the
More informationROUTING CONSORTIUM. Virtual Router Redundancy Protocol Version 3 Interoperability Test Suite. Technical Document. Draft Version
ROUTING CONSORTIUM Virtual Router Redundancy Protocol Version 3 Interoperability Test Suite Technical Document Draft Version 121 Technology Drive, Suite 2 Durham, NH 03824 Routing Consortium Phone: +1-603-862-3941
More informationLoad Balancing White Paper
www.cybonet.com Load Balancing White Paper About PineApp Mail Secure's Load When building PineApp Mail Secure solutions, one of the ways to increase availability and performance is to provide redundancy
More informationBridging Traffic CHAPTER3
CHAPTER3 This chapter describes how clients and servers communicate through the ACE using either Layer 2 (L2) or Layer 3 (L3) in a VLAN configuration. When the client-side and server-side VLANs are on
More informationLoad Balancing Technology White Paper
Load Balancing Technology White Paper Keywords: Server, gateway, link, load balancing, SLB, LLB Abstract: This document describes the background, implementation, and operating mechanism of the load balancing
More informationLies, Damn Lies and ARP Replies
Lies, Damn Lies and ARP Replies Dirty things to do with the IPv4 Address Resolution Protocol (ARP) Don Stokes Knossos Networks Ltd Protocol Walk-through Host wants to know MAC address of target IP: Host
More informationConfiguring EtherChannels and Layer 2 Trunk Failover
28 CHAPTER Configuring EtherChannels and Layer 2 Trunk Failover This chapter describes how to configure EtherChannels on Layer 2 ports on the switch. EtherChannel provides fault-tolerant high-speed links
More informationInternetwork Expert s CCNP Bootcamp. Gateway Redundancy Protocols & High Availability. What is High Availability?
Internetwork Expert s CCNP Bootcamp Gateway Redundancy Protocols & High Availability http:// What is High Availability? Ability of the network to recover from faults in timely fashion Service availability
More informationSpanning-Tree Protocol
Spanning-Tree Protocol Malin Bornhager Halmstad University Session Number 2002, Svenska-CNAP Halmstad University 1 Objectives Redundancy in a converged network Spanning-Tree Protocol (STP) STP Operation
More informationImplementing Multiple Spanning Tree Protocol
Implementing Multiple Spanning Tree Protocol This module provides conceptual and configuration information for Multiple Spanning Tree Protocol on Cisco ASR 9000 Series Routers. Multiple Spanning Tree Protocol
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 100-101 EXAM QUESTIONS & ANSWERS Number: 100-101 Passing Score: 800 Time Limit: 120 min File Version: 35.5 http://www.gratisexam.com/ CISCO 100-101 EXAM QUESTIONS & ANSWERS Exam Name: CCNA Interconnecting
More informationSYSTEMS ADMINISTRATION USING CISCO (315)
Page 1 of 11 Contestant Number: Time: Rank: SYSTEMS ADMINISTRATION USING CISCO (315) REGIONAL 2016 Multiple Choice: Multiple Choice (50 @ 10 points each) TOTAL POINTS (500 points) (500 points) Failure
More informationMoxa Managed Ethernet Switch Redundancy Protocol (UI 2.0) User s Manual
Moxa Managed Ethernet Switch Redundancy Protocol (UI 2.0) User s Manual Edition 4.0, September 2017 www.moxa.com/product Models covered by this manual: EDS-528E, EDS-518E, EDS-510E, EDS-G508E, EDS-G512E,
More informationConfiguring EtherChannels and Link-State Tracking
30 CHAPTER Configuring EtherChannels and Link-State Tracking This chapter describes how to configure EtherChannels on Layer 2 ports on the Catalyst 2960 switch. EtherChannel provides fault-tolerant high-speed
More informationCampus Networking Workshop. Layer 2 engineering Spanning Tree and VLANs
Campus Networking Workshop Layer 2 engineering Spanning Tree and VLANs Switching Loop When there is more than one path between two switches What are the potential problems? Switching Loop If there is more
More informationData Center Configuration. 1. Configuring VXLAN
Data Center Configuration 1. 1 1.1 Overview Virtual Extensible Local Area Network (VXLAN) is a virtual Ethernet based on the physical IP (overlay) network. It is a technology that encapsulates layer 2
More informationCisco CISCO Interconnecting Cisco Networking Devices Exam (ICND) Practice Test. Version
Cisco 640-811 CISCO 640-811 Interconnecting Cisco Networking Devices Exam (ICND) Practice Test Version 1.3 QUESTION NO: 1 Cisco 640-811: Practice Exam What is the purpose of the OSPF router ID in a DR/BDR
More information