Gateway Monitoring for High Availability
Avi Vantage supports health monitoring of the first-hop gateway connected to Avi Service Engines (SEs). ICMP echo packets are used for the health monitoring. Gateway monitoring is also available for routers that are not directly connected, as explained at Monitoring Indirectly Connected Routers.
Gateway health monitoring is performed for both active and standby Avi SEs.
- Gateway health monitoring is supported for Avi Service Engines configured for elastic HA and legacy HA.
- Additional reference: Avi SE Behavior on Gateway Monitor Failure
Enabling Gateway Health Monitoring
Gateway health monitoring is a part of the cloud configuration. When the monitoring IP address is provided, the SE groups in HA within a particular group will perform the gateway health monitoring.
You can also configure monitoring for multiple gateways. This is typically used in a two-armed deployment where the first-hop gateway used for front-end and back-end connections are different.
When a failure is detected in one of the gateways, a virtual service switchover is triggered.
Specifying the Gateway Information
- Navigate to Infrastructure > Routing.
- If more than one cloud is configured, select the appropriate cloud from the drop-down. Click on the edit icon next to the name of the cloud to modify the cloud configuration.
- Click on Gateway Monitor.
- Click on Create.
- Enter the gateway information, including IP address, and click on Save.
gateway_mon command to configure monitoring for a specific gateway IP address.
:> configure vrfcontext global
vrfcontext> gateway_mon 192.168.1.10
Monitoring Indirectly Connected Routers
Gateway monitoring can be extended to routers which are not directly connected. To enable gateway monitoring for such routers:
Navigate to Infrastructure > Routing > Static Route and ensure that there is an appropriate route for Avi Vantage to reach the indirectly connected router.
Configure the new
subnetfield for that gateway monitor to point to the interface network through which the router is reachable as shown in the example below:
configure vrfcontext global gateway_mon index 1 subnet 10.10.71.0/24 save save
- In the
1is the router index, if it is already configured via the Avi UI.
- In the
10.10.71.0/24is the Service Engine interface network, through which the monitored router is reachable.
Creating a Gateway Monitor to Trigger a VS Switchover
You can create a gateway monitor in order to trigger a virtual service switchover in the event of a link failure or NIC failure on virtualized environments such as No-Access and LSC.
Navigate to Infrastructure > Routing.
Select Gateway Monitor > Create.
Add default gateway of Server Network > Save.
sshto Controller leader node and specify Avi CLI shell.
Make changes to gateway_monitor_fail_threshold as follows:
gateway_mon index 1 gateway_monitor_fail_threshold 3 save save </code></pre>