Gateway Monitoring for High Availability

Overview

Avi Vantage supports health monitoring of the first-hop gateway connected to Avi Service Engines (SEs). ICMP echo packets are used for the health monitoring. Gateway monitoring is also available for routers that are not directly connected, as explained at Monitoring Indirectly Connected Routers.

Gateway health monitoring is performed for both active and standby Avi SEs.

Notes:

Enabling Gateway Health Monitoring

Gateway health monitoring is a part of the cloud configuration. When the monitoring IP address is provided, the SE groups in HA within a particular group will perform the gateway health monitoring.

You can also configure monitoring for multiple gateways. This is typically used in a two-armed deployment where the first-hop gateway used for front-end and back-end connections are different.

When a failure is detected in one of the gateways, a virtual service switchover is triggered.

Specifying the Gateway Information

  1. Navigate to Infrastructure > Routing.
  2. If more than one cloud is configured, select the appropriate cloud from the drop-down. Click on the edit icon next to the name of the cloud to modify the cloud configuration.
  3. Click on Gateway Monitor.
  4. Click on Create.
  5. Enter the gateway information, including IP address, and click on Save.

gateway-monitor

Using CLI

Use the gateway_mon command to configure monitoring for a specific gateway IP address.

Example:

:> configure vrfcontext global
vrfcontext> gateway_mon 192.168.1.10

Monitoring Indirectly Connected Routers

Gateway monitoring can be extended to routers which are not directly connected. To enable gateway monitoring for such routers:

  1. Navigate to Infrastructure > Routing > Static Route and ensure that there is an appropriate route for Avi Vantage to reach the indirectly connected router.

    defining a static route

  2. Configure the new subnet field for that gateway monitor to point to the interface network through which the router is reachable as shown in the example below:


configure vrfcontext global
gateway_mon index 1
subnet 10.10.71.0/24
save
save

  • In the gateway_mon index command, 1 is the router index, if it is already configured via the Avi UI.
  • In the subnet command, 10.10.71.0/24 is the Service Engine interface network, through which the monitored router is reachable.

Creating a Gateway Monitor to Trigger a VS Switchover

You can create a gateway monitor in order to trigger a virtual service switchover in the event of a link failure or NIC failure on virtualized environments such as No-Access and LSC.

Example:

  1. Navigate to Infrastructure > Routing.

    defining a static route

  2. Select Gateway Monitor > Create.

  3. Add default gateway of Server Network > Save.

  4. ssh to Controller leader node and specify Avi CLI shell.

  5. Make changes to gateway_monitor_fail_threshold as follows:

     
     configure vrfcontext 
     gateway_mon index 1
     gateway_monitor_fail_threshold 3
     save
     save </code></pre>