In Legacy HA configuration, it is recommended for SE failover to happen when the BGP peers are inaccessible from Active SE. BGP peer monitoring is available by default on NSX Advanced Load Balancer. Failover on Legacy HA SE groups based on BGP peer monitoring is also introduced.
BGP Peer Monitoring for Failover on Legacy HA
The SE agent periodically queries the bgpd and detects the peer state. If the peer state changes, it triggers an event. BGP peers are configured in the VRF.
Not all peers might be applicable on a particular SE. Only those peers with subnet matching any of the interfaces in the SE, are applicable on the SE.
Peers in this section refer only to those BGP peers that have matching interfaces on the SE.
Configuring BGP Peer Monitor Failover
BGP Peer monitor failover can be configured for an SE through the CLI as shown below:
[admin:123-ctlr3]: > configure serviceenginegroup Default-Group [admin:123-ctlr3]: serviceenginegroup> bgp_peer_monitor_failover_enabled Overwriting the previously entered value for bgp_peer_monitor_failover_enabled [admin:123-ctlr3]: serviceenginegroup> save
Criteria for BGP Peer Monitoring
A peer monitor looks if the following conditions are met:
If peers with
advertise_vip set are present, at least one such peer should be in the UP state. If peers with
advertise_snat_ip set are present, at least one such peer must be in the UP state. For the peer monitor to mark the status as UP, both the conditions mentioned above have to be met. The peer monitor marks the status as DOWN if either condition fails.
BGP Peer Monitoring in a Multiple VRF Scenario
In a multi-VRF scenario, each of the VRFs must satisfy the conditions for the peer monitor to mark the status as UP. Immediately after VRF is configured, BGP peer monitor waits for two cycles of peer monitor queries before the peer monitor status is updated.