VI. Feature Setup

High Availability - Hot Standby mode

Products:
Vigor 2860
Vigor 2862
Vigor 2865
Vigor 2925
Show all

Keywords:
Configuration Sync
High Availability
Hot Standby
backup
Show all

The DrayTek Vigor 2925 supports High Availability with the 3.8.2 firmware and later. This supports two modes, one is Hot Standby and the other is Active Standby. High Availability allows one or more routers to operate as a backup for a primary router. If that primary router should stop responding or functioning in some aspect, such as all LAN connectivity being lost, the secondary router(s) can take over the operation of routing for the network, with the switch-over occurring within a few seconds, transparently to LAN clients, with any VPNs and other sessions now able to re-establish.
For more information on applications of High Availability, please read this article.
This guide will demonstrate how to configure High Availability in a Hot Standby configuration, which is used when the secondary router(s) use the same internet connection(s) as the primary router, with the same router configuration. The Configuration Sync feature will be used to simplify the configuration of backup router(s)s.
Please Note: Hot Standby mode requires that each router is of the same model and type, this example will use two Vigor 2925 non-wireless routers.
If the routers do not match, for instance a Vigor 2925 router and a Vigor 2925n wireless router, Hot Standby mode and the Config Sync feature cannot be used and backup routers must be configured manually in Active Standby mode.
High Availability operates by using a Virtual IP as a LAN gateway for each VLAN that high availability is being used on, this IP address is not assigned directly to any one router and must not be used by other devices on the network.
Each of the routers must have its own IP address for management and whichever router is active at the time advertises its own MAC address via ARP (Address Resolution Protocol) to client PCs as the MAC address for the Virtual IP address. This allows computers on the network to use the virtual IP address as a gateway for internet access and allows high availability to work without needing to reconfigure the gateway address on client PCs, should a failure occur.

Initial Configuration

1. LAN IP Configuration

This setup example will use two routers, with the network using a gateway IP of 192.168.1.1. In a high availability setup, the gateway address is virtualised so that either router is able to take ownership of it and the Primary and Standby routers are on different IP addresses for management purposes.

  • Gateway (Virtual) IP Address: 192.168.1.1
  • Primary Router IP Address: 192.168.1.2
  • Secondary Router IP Address: 192.168.1.3

This example will be using a single LAN subnet but High Availability can be used with as many LAN subnets as the router supports.

2. Configure Primary Router

Access the web interface of the router that will be operating as the primary / active router in the high availability configuration and go to [LAN] > [General Setup]:

Click on the Details Page button for LAN1.

Change the LAN1 IP address so that the router will be on a different IP than the gateway address that the PCs on the network will be using. In this example, the primary router will be using the IP address of 192.168.1.2 for management purposes. The virtual IP that the clients will use as a gateway address is configured in a later step.

Note that the DHCP Server's Gateway IP Address setting remains on 192.168.1.1 and should not be changed.

Click OK to apply the change and restart the router when it prompts to restart.


Once the router is online, access it on the new IP address and go to [System Maintenance] > [Management].

Set the Router Name so that the router can be identified as the Primary router, in this example, the name is set to "Primary":

Click OK to save that setting and restart the router when prompted.


Once the router has restarted, access it again and go to [Applications] > [High Availability]:

To set up a router as the Primary in a High Availability group, configure these settings:

  • Tick "Enable High Availability"
  • Set the Redundancy Method to Hot Standby

Select the General Setup tab:

  • Group ID is used to identify which HA group the routers will be joining. Here we're setting this to "1". If there will be multiple HA groups on the same physical network / location, use different Group ID values to identify each group.
  • Priority ID is used to determine the hierarchy of the routers in the group. Highest Value = Highest Priority. In this example, the Priority ID is set to the highest value of "30" to ensure that it is the primary router in this HA group configuration
  • Authentication Key is a security key used to control membership of the High Availability group. This can be set to any password up to 31 characters in length and must be the same on all members of the HA group
  • Management Interface is the interface used to pass High Availability control information. This is configured to LAN1 in this example because only one LAN subnet is in use. If using multiple subnets on the router(s), a dedicated LAN interface could be selected from the list
  • Update DDNS is used to refresh any Dynamic DNS entries configured on the router when a failover occurs. This is intended for use with Active Standby, where the WAN interfaces and IP addresses may differ. Leave this option disabled when using Hot Standby mode
  • Syslog controls whether High Availability information such as failover occurrences and other events are logged via syslog

In the list of LAN interfaces, enable any LAN interfaces that will be used with High Availability and set the Virtual IP to the IP address that the clients on each network will use as their Gateway IP address.

The Virtual IP used will be set to "192.168.1.1" in this example.

Go to the Config Sync tab to continue:

Tick the option to "Enable Config Sync" and set the sync interval as required, which is the time interval between configuration changes propagating to backup routers.

Click OK and the router will then ask to restart. Allow the router to restart to apply the changes.


3. Configure Secondary Router(s)

Access the web interface of the router that will be operating as the secondary / backup router in the high availability configuration and go to [LAN] > [General Setup] and click on the Details Page button for LAN1.

Change the LAN1 IP address so that the router will be on a different IP than the gateway address that the PCs on the network will be using. In this example, the backup router will be using 192.168.1.3 for management.

Note that the DHCP Server's Gateway IP Address setting remains on 192.168.1.1 and should not be changed.

Click OK to apply the change and restart the router when it prompts to restart.


Once the router is online, access it on the new IP address and go to [System Maintenance] > [Management].

Set the Router Name so that the router can be identified as the secondary or backup router, in this example, the name is set to "Secondary":

Click OK to save that setting and restart the router when prompted.


Once the router has restarted, access it again and go to [Applications] > [High Availability]:

To set up a router (or routers) as the Secondary / backup in a High Availability group, configure these settings:

  • Tick "Enable High Availability"
  • Set the Redundancy Method to Hot Standby

Select the General Setup tab:

  • Group ID is used to identify which HA group the routers will be joining. It is recommended to set this to "1". If there will be multiple HA groups on the same physical network / location, use different Group ID values to identify each group
  • Priority ID is used to determine the hierarchy of the routers in the group. Highest Value = Highest Priority. In this example, the Priority ID is set to a value lower than that of the primary router's value of "30", instead using "20" to ensure that it does not over-ride the primary router. For any other secondary routers with lower priority, use a lower number for each to define the order of priority
  • Authentication Key is a security key used to control membership of the High Availability group. This can be set to any password up to 31 characters in length and must be the same on all members of the HA group
  • Management Interface is the interface used to pass High Availability control information. This is configured to LAN1 in this example because only one LAN subnet is in use. If using multiple subnets on the router(s), a dedicated LAN interface could be selected from the list
  • Update DDNS is used to refresh any Dynamic DNS entries configured on the router when a failover occurs. This is intended for use with Active Standby, where the WAN interfaces and IP addresses may differ. Leave this option disabled when using Hot Standby mode
  • Syslog controls whether High Availability information such as failover occurrences and other events are logged via syslog

In the list of LAN interfaces, enable any LAN interfaces that will be used with High Availability and set the Virtual IP to the IP address that the clients on each network will use as their Gateway IP address. The Virtual IP used will be set to "192.168.1.1" in this example, to match the primary router.

Go to the Config Sync tab to continue:

Tick the option to "Enable Config Sync" and set the sync interval as required, which is the time interval between configuration changes propagating to backup routers.
Click OK and the router will then ask to restart. Allow the router to restart to apply the changes.

With this setup completed, the active router should respond on the Virtual IP address, which should then be used as the gateway address by client computers.


4. Perform Initial Config Sync

Once there are at least two routers in the High Availability Group, the next step is to perform the initial Configuration Sync between the two routers. To do that, go to [Diagnostics] > [High Availability Status] to check the state of the routers.

This will show the state of the routers, indicating which router is the Primary or Secondary based on the Priority ID specified on each router. The active router is indicated by the O mark in the Status column.

More details on the High Availability Group can be seen by clicking on the Details link.


In the High Availability Status, the Secondary router(s) should show a Config Sync Status of Progressing. To force this to perform the initial sync, click the Sync button:

Once this has completed, the Config Sync Status of the secondary router will then show Equal:

The secondary router(s) will then restart to apply the full configuration of the primary router (which is why the Stable state now shows "No"). The Config Sync Status will then show Ready for all routers in the High Availability Group, indicating that the configurations are the same on all routers.

The High Availability Group will now be ready for use. If the router(s) use a Content Filtering license or App Enforcement, go to the MyVigor License Sharing section to configure that for High Availability usage.

It is recommended to test this facility once it has been configured to ensure that it operates as expected, check the Testing High Availability section for more information.

How do you rate this article?

1 1 1 1 1 1 1 1 1 1