Below is an HA related configuration example:

Please follow these steps to access the network using HA:

1. Configure client with DHCP to access network.
   1. Configure VRRP interface DHCP service on Cloud Edge Cloud Console or on-premise console.

      

       

      • The DHCP Server Gateway should be filled with virtual IP address.
      • When LAN1 is used as DHCP Server, you need to configure DHCP service on Primary and Secondary box respectively on-premise console. The LAN1 DHCP configurations should be the same as well.

       
   2. Configure client network settings to obtain IP address through DHCP.
2. Configure client with Static IP address setting to access network.
   1. Configure client IP/mask in the same subnet with the VRRP interface.
   2. Configure client gateway with virtual IP address.

You can create an HA group from Cloud Edge Cloud Console. An HA group consists of two Cloud Edge gateways. The gateways can be registered or unregistered. A gateway can belong to only one HA Group.

Before creating an HA, ensure the following:

• Gateways are deployed in routing mode.
• Both gateways are the same hardware model. Currently, only CE50G2 supports HA function.
• Both gateways have be same software version.
• Timezone should be same.
• System time error should be less than 5 minutes.

Please note that in the factory default configuration, all boxes have the same interface configurations. You need to change the interface settings before HA group construction.

Follow these steps to create HA:

1. Configure the VRRP interfaces on both boxes. They should be in the same subnet.
2. Configure the heartbeat interface of both boxes. They should be in the same subnet. Please note that only LAN2 and LAN3 are used for heartbeat interface.
3. Connect an ethernet cable directly between the heartbeat interfaces for each gateway that will be a member of the HA group.You must use the same interface on each gateway (LAN2-to-LAN2 or LAN3-to-LAN3).
4. Navigate to Gateway > High Availability Management.
5. Click Create HA Group. The Create HA Group wizard opens.
6. In the Create HA Group and Choose Operation Mode page, specify the following details:

   Options	Description
   HA group name	Type a name to identify this HA group
   Operation mode	Current only supports Active-Passive mode
   Authentication method	Select one of the following: None/Simple
   Enable	Select one of the following: On/Off

   

7. Click Next.
8. In the Configure Primary Device page, configure settings for the Cloud Edge gateway that will be the primary gateway in the HA group.

   Options	Description
   Primary HA device	Select the gateway from the drop-down list that you want to designate as the HA primary gateway. Only devices that support an HA group configuration are listed.
   Role	A read-only field set to Primary, which is the role assigned to this gateway
   Priority	Enter a priority number for this gateway (1-253). Default is 253. The gateway with the higher the priority is active.
   Heartbeat interface	Select the L3 interface from the drop-down that Cloud Edge uses for communicating with the peer HA gateway. For Cloud Edge 50G2 gateway, only eth2 or eth3 can be selected as the heartbeat interface.
   Heartbeat interface IP/Netmask	If not already configured, you must enter an IPv4 address and netmask for the heartbeat interface.

   

9. Click Next.
10. In the Configure Secondary Device page, configure settings for the Cloud Edge gateway that will be the secondary gateway in the HA group.

    Options	Description
    Secondary HA device	Select the gateway from the drop-down list that you want to designate as the HA primary gateway. Only devices that support an HA group configuration are listed.
    Role	A read-only field set to Secondary, which is the role assigned to this gateway
    Priority	Enter a priority number for this gateway (1-253). Default is 100.
    Heartbeat interface	The L3 interface is pre-selected from the drop-down and is the same interface selected for the primary HA device. Cloud Edge uses this interface for communicating with the peer HA gateway.
    Heartbeat interface IP/Netmask	If not already configured, you must enter an IPv4 address and netmask for the heartbeat interface. It must be on the same subnet as the heartbeat IP address configured for the primary.

    

11. Click Next.
12. In the Configure Takeover When Failure Occurs page, configure settings for the Cloud Edge HA group when a failure happens and takeover occurs.

    Options	Description
    Preemption	Select one of the following: On (default): Primary gateway will return to active role after it recovers from a previous failure. Off: Primary gateway does not automatically resume the active role after recovery from a failure. User must perform manual fail-over.
    Monitor interface	Select one or more interfaces to monitor. Cloud Edge monitors only physical interfaces. It is recommended to monitor all physical interfaces with traffic.
    Monitor IP/FQDN	At most two IP addresses or FQDNs can be used as monitor hosts.
    Takeover triggers	You must enter values for the following: Heartbeat failure times: Indicates the number of heartbeat failures before the passive gateway takes over from the failed gateway (default is 3, range is 3-6) Ping failure times: Indicates the number of ping failures before the passive gateway takes over from the failed gateway (default is 3, range is 3-6)

    

13. In the Configure Virtual Router Redundancy Protocol (VRRP) Group page, add one or more VRRP groups.
    1. Click Add.
    2. Select an interface and enter the virtual IPv4 Address and netmask for the VRRP group.The interface can be either a L3 physical interface or a static L3 VLAN interface. Only both boxes are in registered state, then L3 VLAN interface can be selected.
    3. Save the VRRP group.

       

14. Click Next. The summary page opens.

    

15. Review the summary of the HA group settings.
16. Click Save.

Follow these steps to manually update HA group firmware version:

1. Navigate to Gateways > Gateway Management > (gateway name of any box in HA group) > Updates.
2. Check the available firmware packages, and click Update.

After performing the update, the HA group will start firmware update process. The Standby will first update the firmware version then the Active will do update automatically.

In order to rollback the firmware version for HA group, you need to go to Cloud Edge on-premise console on both boxes, and manually rollback the firmware version of each box.

When replacing a gateway in HA group, please ensure the following:

• The new Cloud Edge gateway should have same hardware model and software version with gateways in HA group.
• The new Cloud Edge gateway should have same network configuration with the old gateway.

Follow these steps to perform the replacement:

1. Move the Heartbeat interface ethernet cable from the old gateway to the new gateway.
2. Go to CECC web console and navigate to Gateways. Select Replace.
3. Specify the new Cloud Edge gateway serial number.
4. Click Replace.
5. Remove the old Cloud Edge gateway from the network.
6. Add the new Cloud Edge gateway to the network.