Consider a simple two-leg setup with the server(s) in the 10.10.10.0/24 back end network (it need not be directly connected network) and front end router in the 10.10.40.0/24 network.

Steps to configure the IP routing (default gateway) feature are listed below. UI and CLI in each step are just two different ways of configuring the same step.

Note:

This feature is supported for IPv6.

Procedure

  1. Navigate to Infrastructure > Cloud Resources > Service Engine Group and click the Edit icon for the Default-Group.




    1. Configure the HA mode in the SE group to legacy HA (Active/Standby). 
      : > configure serviceenginegroup Default-Group
 : serviceenginegroup> active_standby
 Overwriting the previously entered value for active_standby
 : serviceenginegroup> ha_mode ha_mode_legacy_active_standby
 Overwriting the previously entered value for ha_mode
 : serviceenginegroup>save
    2. Distribute Load is not enabled.
    3. Configure Floating IP Addresses (for instance, 10.10.10.11), one on each back end network. These IP addresses will get configured on the active SE and will be taken over by the standby SE (new-active) upon failover. 
      : > configure serviceenginegroup Default-Group
: serviceenginegroup> floating_intf_ip 10.10.10.11
: serviceenginegroup> save

      Floating IP Addresses are configurable using Network Service of service_type routing_service.

    4. If there are no BGP peers configured, then configure Floating IP address for front end networks (for instance, 10.10.40.11). 
      : > configure serviceenginegroup Default-Group
: serviceenginegroup> floating_intf_ip 10.10.40.11
: serviceenginegroup> save

      If there are no BGP peers configured, then configure Floating IP address for front-end networks (for instance, 10.10.40.11) using the above Network Service configuration.

  2. Enable IP routing on all SEs in the SE group. 
    : > configure serviceenginegroup Default-Group
: serviceenginegroup> enable_routing
Overwriting the previously entered value for enable_routing
: serviceenginegroup> save

    Enable IP routing on all SEs in the SE group using Network Service configuration. For more details, see Network Service.

  3. The above steps complete the configuration of routing for Service Engine Group via Network Service. However, the network is incomplete without the front end routers and back end servers being configured accordingly.
  4. Front end router configuration (if no BGP peers are configured on SE). Configure the front end router with a static route to the back end server network (with next-hop pointing to floating interface IP of SE in front end network).

    route add -net 10.10.10.0/24 gw 10.10.40.11

  5. Back end server configuration.
    1. Configure the default gateway of back end server(s) to point to floating interface IP of SE (the one in server network). 
      route add default gw 10.10.10.11

      This ensures that all the traffic including, return (VIP) traffic from the back end network, uses SE for all northbound traffic.

  6. Configure the default gateway of SE to the front end as needed. Navigate to Infrastructure > Cloud Resources > VRF Context and click CREATE.
  7. Navigate to the Static Route tab. Click ADD under Subnets. Enter value for Gateway Subnet and Next Hop.