Gateway Monitoring for High Availability
Overview
Avi Vantage supports health monitoring of the first-hop gateway connected to Avi Service Engines (SEs). ICMP echo packets are used for the health monitoring. Gateway monitoring is also available for routers that are not directly connected, as explained at Monitoring Indirectly Connected Routers.
Gateway health monitoring is performed for both active and standby Avi SEs.
Note:
- Gateway health monitoring is supported for Avi Service Engines configured for elastic HA and legacy HA.
- Additional reference: Avi SE Behavior on Gateway Monitor Failure
Enabling Gateway Health Monitoring
Gateway health monitoring is a part of the cloud configuration. When the monitoring IP address is provided, the SE groups in HA within a particular group will perform the gateway health monitoring.
You can also configure monitoring for multiple gateways. This is typically used in a two-armed deployment where the first-hop gateway used for front-end and back-end connections are different.
When a failure is detected in one of the gateways, a virtual service switchover is triggered.
UI
- Navigate to Infrastructure > Routing.
- If more than one cloud is configured, select the appropriate cloud from the dropdown. Click on the edit icon next to the name of the cloud to modify the cloud configuration.
- Click on Gateway Monitor.
- Click on Create.
- Enter the gateway information, including IP address, and click on Save.
CLI
Use the gateway_mon
command to configure monitoring for a specific gateway IP address.
Example:
:> configure vrfcontext global
vrfcontext> gateway_mon 192.168.1.10
Monitoring Indirectly Connected Routers
Gateway monitoring can be extended to routers which are not directly connected. To enable gateway monitoring for such routers:
-
Navigate to Infrastructure > Routing > Static Route and ensure that there is an appropriate route for Avi Vantage to reach the indirectly connected router.
-
Configure the new
subnet
field for that gateway monitor to point to the interface network through which the router is reachable as shown in the example below:
configure vrfcontext global
gateway_mon index 1
subnet 10.10.71.0/24
save
save
- In the
gateway_mon index
command,1
is the router index, if it is already configured via the Avi UI. - In the
subnet
command,10.10.71.0/24
is the Service Engine interface network, through which the monitored router is reachable.