Author Topic: High Availability - Bypass  (Read 7171 times)

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 625
    • View Profile
High Availability - Bypass
« on: March 10, 2014, 01:46:41 PM »
How can high availability be achieved to avoid total loss of network traffic flow?

1) Bypass NIC's. Wanos Appliance 200 has a built-in bypass NIC.

2) Since Wanos is a bridge, another easiest method to create high availability is to run a second backup network cable along side the Wanos bridge appliance. Convergence happens within a few milliseconds and the switch-over is unlikely to be detected by a continuous ping. Unlike leading vendor fail-over scenarios, traffic sessions are not reset during the switch-over and users are unaware of the network change.

3) With out of path deployment, IP SLA can be used to track the status of the optimization device and remove the PBR rule when required.

4) External bypass switches. This is an option if they are gathering dust.
« Last Edit: December 22, 2014, 05:45:06 AM by ahenning »
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

Wanos

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 56
    • View Profile
Re: High Availability - Bypass
« Reply #1 on: March 10, 2014, 04:46:34 PM »
Extract from: UPDATED: High Availability

High Availability or redundancy can be achieved by running a backup network cable parallel to the Wanos device. When running RSTP the Wanos Core device is placed between two switches, connected via wan0 to the outside switch and lan0 to the inside switch. The backup link is cabled between the same two switches. RSTP should elect the primary and secondary path based on the port id. Ensure the Wanos link is on the lower port number or configure the switch to make this link the primary path. RSTP should place the backup link in an alternative path status and will switch over to the backup link within a few milliseconds of detecting a loss.

When running Per-Vlan RSTP high availability can be achieved using a single switch. In this case two VLAN's are created. The Outside VLAN connects the WAN segment and the Inside VLAN connects the LAN segment. In the diagram below, the Router, Wanos wan0 and the backup link is connected to VLAN 10. On the LAN side the Wanos lan0, Data LAN segment and the backup link is connected to VLAN 20. Under normal conditions the Wanos device bridge traffic between the two segments and the backup link is passively idling. When the switch detects a failure on the primary path, the backup link is enabled and immediately placed in the forwarding state. Advance features like loop guard and hello timers can be adjusted to improve convergence times.

Example Cisco Switch Config:
spanning-tree mode rapid-pvst
interface fa0/1
description WAN-Router
switchport access vlan 10
spanning-tree mode access
interface fa0/2
description Cross-over-fa0/5
switchport access vlan 10
spanning-tree mode access
interface fa0/3
description Wanos-wan0
switchport access vlan 10
spanning-tree mode access
interface fa0/4
description Wanos-lan0
switchport access vlan 20
spanning-tree mode access
! Primary Link via Wanos lan0
spanning-tree cost 1
interface fa0/5
description Cross-over-fa0/2
switchport access vlan 20
spanning-tree mode access
interface range fa0/6 -24
description LAN
switchport access vlan 20
spanning-tree mode access


Example diagram of enabling redundancy with a single switch:
« Last Edit: September 26, 2016, 01:05:41 PM by lmolina »
Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

Wanos

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 56
    • View Profile
Re: High Availability - Bypass
« Reply #2 on: March 25, 2014, 12:26:39 PM »
Another high availability design with dual WAN links and using VRRP/HSRP:

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

mta772000

  • V.I.P
  • Full Member
  • *****
  • Posts: 20
    • View Profile
Re: High Availability - Bypass
« Reply #3 on: April 16, 2014, 07:34:20 PM »
Hi Admin,

would you please explain what interface fa0/4 is for and what is "Primary-Wanos", is it differ from LAN0 and WAN0 interfaces ?

million thanks
Kindest Regards,
Muhammad T. Hamed

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 625
    • View Profile
Re: High Availability - Bypass
« Reply #4 on: April 16, 2014, 09:47:34 PM »
Hi there,

Yes, sure, that is a bad description and I'll update it now. It is supposed to mean that this is the primary link which runs through the Wanos bridge. The spanning-tree cost there is to ensure it is the primary link and the backup link is in alternative path status. If the primary link fails, STP puts the second link immediately into the forwarding state.

To summarize the descriptions:
Fa0/1 - WAN Router/Firewall/Internet
Fa0/2 - Backup Cross over to fa0/5
Fa0/3 - Wanos wan0
Fa0/4 - Wanos lan0
Fa0/5 - Backup Cross over to fa0/2
Fa0/x - LAN
« Last Edit: April 17, 2014, 04:28:02 PM by ahenning »
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

mta772000

  • V.I.P
  • Full Member
  • *****
  • Posts: 20
    • View Profile
Re: High Availability - Bypass
« Reply #5 on: April 17, 2014, 11:51:38 AM »
deeply appreciate your fast response, and yes I understand it now.

many thanks for great support.
Kindest Regards,
Muhammad T. Hamed