Hi,
I've inherited a network where there are 2 separate VSX clusters (using 8320s) that are both on the same LAN fibre ring.
One cluster is configured as the 'live' cluster routing traffic to the WAN, with the other cluster intended to be used in a disaster recovery situation should the 'live' cluster fail (it has a point-to-point link to a secondary site). The DR cluster is also an active member of the LAN network.
Looking at the config, I can see that the VLAN serving our clients has been configured with the
same active gateway IP and MAC on both VSX clusters.
For example:
CLUSTER1-SWI-1:
interface vlan10
vsx-sync active-gateways
description CLIENTS
ip address 10.1.10.1/24
active-gateway ip 10.1.10.5 mac 00:00:00:00:10:05
CLUSTER1-SWI-2:
interface vlan10
vsx-sync active-gateways
description CLIENTS
ip address 10.1.10.2/24
active-gateway ip 10.1.10.5 mac 00:00:00:00:10:05
CLUSTER2-SWI-1:
interface vlan10
vsx-sync active-gateways
description CLIENTS
ip address 10.1.10.3/24
active-gateway ip 10.1.10.5 mac 00:00:00:00:10:05
CLUSTER2-SWI-2:
interface vlan10
vsx-sync active-gateways
description CLIENTS
ip address 10.1.10.4/24
active-gateway ip 10.1.10.5 mac 00:00:00:00:10:05
My question is does this configuration meet best practices when it comes to VSX active gateways? Or should active-gateway IPs and MACs be only used once on 1 VSX cluster? And therefore the second VSX cluster should be re-configured?
I think the idea was that this could be a way of creating a failover for a gateway IP address if one cluster fails but I'm unsure if this might cause issues on the network. (I'm not currently seeing any issues as it is.)
Thanks for your help.
------------------------------
Adam Bishop
------------------------------