In Legacy HA configuration, it is recommended for SE failover to happen when the BGP peers are inaccessible from Active SE. BGP peer monitoring is available by default on Avi Load Balancer. Failover on Legacy HA SE groups based on BGP peer monitoring is also introduced.

BGP Peer Monitoring for Failover on Legacy HA

The SE agent periodically queries the BGP and detects the peer state. If the peer state changes, it triggers an event. BGP peers are configured in the VRF.

Not all peers might be applicable on a particular SE. Only those peers with subnet matching any of the interfaces in the SE, are applicable on the SE.

Note:

Peers in this section refer only to those BGP peers that have matching interfaces on the SE.

Configuring BGP Peer Monitor Failover

BGP Peer monitor failover can be configured for an SE through the CLI as shown below:

[admin:123-ctlr3]: > configure serviceenginegroup Default-Group                [admin:123-ctlr3]: serviceenginegroup> bgp_peer_monitor_failover_enabled Overwriting the previously entered value for bgp_peer_monitor_failover_enabled [admin:123-ctlr3]: serviceenginegroup> save

Criteria for BGP Peer Monitoring

A peer monitor looks if the following conditions are met:

  • If peers with advertise_vip set are present, at least one such peer must be in the UP state.

  • If peers with advertise_snat_ip set are present, at least one such peer must be in the UP state.

For the peer monitor to mark the status as UP, both the conditions mentioned above has to be met. The peer monitor marks the status as DOWN if either condition fails.

BGP Peer Monitoring in a Multiple VRF Scenario

In a multi-VRF scenario, each of the VRFs must satisfy the conditions for the peer monitor to mark the status as UP. Immediately after VRF is configured, BGP peer monitor waits for two cycles of peer monitor queries before the peer monitor status is updated.