VI. Feature Setup

High Availability - Active Standby mode

Products:
Vigor 2860
Vigor 2862
Vigor 2865
Vigor 2925
Show all

Keywords:
Active
Active Standby
Configuration Sync
High Availability
Show all

High Availability allows one or more routers to operate as a backup for a primary router. If that primary router should stop responding or functioning in some aspect, such as all LAN connectivity being lost, the secondary router(s) can take over the operation of routing for the network, with the switch-over occurring within a few seconds, transparently to LAN clients, with any VPNs and other sessions now able to re-establish.
High Availability operates in two modes, Hot Standby or Active Standby.
Hot Standy Mode is used where the backup router uses the same internet connection and typically has the same configuration as the primary router. A separate guide on the configuration of High Availability in Hot Standy mode is available here
Active Standby Mode is used where the backup routers use different internet connections or have different configurations, such as NAT, Firewall or VPN configuration. It is recommended for use with multiple xDSL connections, where the credentials used to connect the different lines will usually be specific to the line.
The DrayTek Vigor 2925 supports High Availability with the 3.8.2 firmware and later.
The DrayTek Vigor 2860 supports High Availability with firmware versions 3.8.4 and later.
For more information on applications of High Availability, please read this article.
This guide will demonstrate how to configure High Availability in an Active Standby configuration, which allows routers with different configurations (such as Internet access or VPN configuration) to operate as the same Gateway IP address on the local network.
Please Note: High Availability requires that each router is of the same model and type, this example will use two Vigor 2860 non-wireless routers.
If the routers do not match, for instance a Vigor 2860 router and a Vigor 2860n wireless router, the routers will not be able to negotiate a High Availability group.
High Availability operates by using a Virtual IP as a LAN gateway for each VLAN that high availability is being used on, this IP address is not assigned directly to any one router and must not be used by other devices on the network.
Each of the routers must have its own IP address for management and whichever router is active at the time advertises its own MAC address via ARP (Address Resolution Protocol) to client PCs as the location of the Virtual IP address. This allows computers on the network to use the virtual IP address as a gateway for internet access and allows high availability to work without needing to reconfigure the gateway address on client PCs, should a failure occur.

LAN IP Configuration

This setup example will use two routers, with the network using a gateway IP of 192.168.1.1. In a high availability setup, the gateway address is virtualised so that either router is able to take ownership of it and the Primary and Standby routers are on different IP addresses for management purposes.

  • Gateway (Virtual) IP Address: 192.168.1.1
  • Primary Router IP Address: 192.168.1.2
  • Secondary Router IP Address: 192.168.1.3

This example will be using a single LAN subnet but High Availability can be used with as many LAN subnets as the router supports.

Configure Primary Router

Access the web interface of the router that will be operating as the primary / active router in the high availability configuration and go to [LAN] > [General Setup]:

Click on the Details Page button for LAN1.

Change the LAN1 IP address so that the router will be on a different IP than the gateway address that the PCs on the network will be using. In this example, the primary router will be using the IP address of 192.168.1.2 for management purposes. The virtual IP that the clients will use as a gateway address is configured in a later step.

Note that the DHCP Server's Gateway IP Address setting remains on 192.168.1.1 and should not be changed.

Click OK to apply the change and restart the router when it prompts to restart.


Once the router is online, access it on the new IP address and go to [System Maintenance] > [Management].

Set the Router Name so that the router can be identified as the Primary router, in this example, the name is set to "Primary":

Click OK to save that setting and restart the router when prompted.


Once the router has restarted, access it again and go to [Applications] > [High Availability]:

To set up a router as the Primary in a High Availability group, configure these settings:

  • Tick "Enable High Availability"
  • Set the Redundancy Method to Active Standby

Select the General Setup tab:

  • Group ID is used to identify which HA group the routers will be joining. Here we're setting this to "1". If there will be multiple HA groups on the same physical network / location, use different Group ID values to identify each group
  • Priority ID is used to determine the hierarchy of the routers in the group. Highest Value = Highest Priority. In this example, the Priority ID is set to the highest value of "30" to ensure that it is the primary router in this HA group configuration
  • Authentication Key is a security key used to control membership of the High Availability group. This can be set to any password up to 31 characters in length and must be the same on all members of the HA group
  • Management Interface is the interface used to pass High Availability control information. This is configured to LAN1 in this example because only one LAN subnet is in use. If using multiple subnets on the router(s), a dedicated LAN interface could be selected from the list
  • Update DDNS is used to refresh any Dynamic DNS entries configured on the router when a failover occurs. This is intended for use with Active Standby, where the WAN interfaces and IP addresses may differ. Leave this option disabled when using Hot Standby mode
  • Syslog controls whether High Availability information such as failover occurrences and other events are logged via syslog

In the list of LAN interfaces, enable any LAN interfaces that will be used with High Availability and set the Virtual IP to the IP address that the clients on each network will use as their Gateway IP address.

The Virtual IP used will be set to "192.168.1.1" in this example.

Click OK to apply the changes.


Configure Secondary Router(s)

Access the web interface of the router that will be operating as the secondary / backup router in the high availability configuration and go to [LAN] > [General Setup] and click on the Details Page button for LAN1.

Change the LAN1 IP address so that the router will be on a different IP than the gateway address that the PCs on the network will be using. In this example, the backup router will be using 192.168.1.3 for management.

Note that the DHCP Server's Gateway IP Address setting remains on 192.168.1.1 and should not be changed.

Click OK to apply the change and restart the router when it prompts to restart.


Once the router is online, access it on the new IP address and go to [System Maintenance] > [Management].

Set the Router Name so that the router can be identified as the secondary or backup router, in this example, the name is set to "Secondary":

Click OK to save that setting and restart the router when prompted.


Once the router has restarted, access it again and go to [Applications] > [High Availability]:

To set up a router (or routers) as the Secondary / backup in a High Availability group, configure these settings:

  • Tick "Enable High Availability"
  • Set the Redundancy Method to Active Standby

Select the General Setup tab:

  • Group ID is used to identify which HA group the routers will be joining. Here we're setting this to "1" to match the other router
  • Priority ID is used to determine the hierarchy of the routers in the group. Highest Value = Highest Priority. In this example, the Priority ID is set to a value lower than that of the primary router's value of 30, instead using "20" to ensure that it does not over-ride the primary router. For any other secondary routers with lower priority, use a lower number for each to define the order of priority
  • Authentication Key is a security key used to control membership of the High Availability group. This can be set to any password up to 31 characters in length and must be the same on all members of the HA group
  • Management Interface is the interface used to pass High Availability control information. This is configured to LAN1 in this example because only one LAN subnet is in use. If using multiple subnets on the router(s), a dedicated LAN interface could be selected from the list
  • Update DDNS is used to refresh any Dynamic DNS entries configured on the router when a failover occurs. This is intended for use with Active Standby, where the WAN interfaces and IP addresses may differ. Leave this option disabled when using Hot Standby mode
  • Syslog controls whether High Availability information such as failover occurrences and other events are logged via syslog

In the list of LAN interfaces, enable any LAN interfaces that will be used with High Availability and set the Virtual IP to the IP address that the clients on each network will use as their Gateway IP address. The Virtual IP used will be set to "192.168.1.1" in this example, to match the primary router.

Click OK to save and apply the configuration changes.


Testing High Availability

Once there are at least two routers in the High Availability Group, the next step is to confirm the High Availability Status / State of the two routers. To do that, go to [Diagnostics] > [High Availability Status].

This will show the state of the routers, indicating which router is the Primary or Secondary based on the Priority ID specified on each router. The Secondary router should show State - Secondary once the two routers have detected each other and negotiated the hierarchy. If the text here shows in red, that indicates that the routers are unable to sync. Additional details on the High Availability Group can be seen by clicking on the Details link.

This is an example of the two routers; each one has an internet connection available. A High Availability failover will occur if the Primary router cannot be detected by the secondary (power loss for instance), or if the Primary router has no functioning Internet connections / WAN interfaces.

To test this, try disconnecting the Internet connections from the Primary router, this should then cause a failover to occur:

The Secondary router will then take ownership of the 192.168.1.1 address.

In the example below, the web interface of the virtual IP is accessed to view which router is currently using the Virtual IP, which is indicated by the Router Name and the LAN IP address of each router:

This shows that the Secondary router is now operating as the Gateway address of 192.168.1.1.


Another way to test the failover behaviour, is to send a continuous ping to the virtual IP address of 192.168.1.1 using the command "ping -t 192.168.1.1" in Windows either from the Command Prompt or Windows Start > Run.

The example below shows the expected behaviour of a client PC when the primary router stops responding or its WAN interfaces become unavailable. Within a few seconds, the next highest priority Secondary router will take over the virtual IP address of 192.168.1.1:


Any computers or devices on the network using 192.168.1.1 as their gateway address would be able to access the internet and re-establish any sessions that were in progress when the failover occurred.

When the Primary router is back online, it will take back the 192.168.1.1 virtual IP address and provide internet connectivity using its own Internet connections again. The backup router(s) will remain connected to their respective Internet connections.


How do you rate this article?

1 1 1 1 1 1 1 1 1 1