4-21
Cisco NAC Appliance Hardware Installation Guide
OL-20326-01
Chapter 4 Configuring High Availability (HA)
Installing a Clean Access Server High Availability Pair
Figure 4-10
Active CAS in an HA-Pair
Note
If a CAS was previously configured and added to the CAM as a standalone CAS, it must be deleted prior
to configuring it for HA. After HA configuration is complete on both CASs, the Service IP is then
entered in the
New Server
form to add the HA-CAS pair to the CAM.
Note
To ensure heartbeat redundancy, Cisco recommends configuring optional Heartbeat UDP Interface 2 or
3 between the HA CASs in your deployment.
Failover Events
•
If multiple heartbeat UDP interfaces are configured, then they must all fail for the standby system
to take over. See
Physical Connection, page 4-22
for additional details.
•
If the CAS is unable to communicate with the CAM:
–
Users that are already connected will not be affected.
–
New users will not be able to log in.
•
You can configure link-based failover. Two IP addresses that are external to the CAS are configured
for Link-detect: one on the trusted network, the other on the untrusted network.
–
The active and standby CAS will send ICMP ping packets via eth0 to the IP address on the
trusted network.
–
The active and standby CAS will send ICMP ping packets via eth1 to the IP address on the
untrusted network.
Note
If your network topology restricts Link-detect functionality between your CAS HA pair
appliances, you can also use the
/etc/ha.d/linkdetect.conf
file to enforce Link-detect behavior
on your eth0 and/or eth1 interfaces. See
Link-Detect Interfaces, page 4-45
for more details.
The status of these ping packets is communicated between the CASs via the heartbeat signal:
–
If the active and standby CAS can ping both external IPs, no failover occurs
–
If the active and standby CAS cannot ping either of the external IPs, no failover occurs
–
If the active CAS cannot ping either of the external IPs, but the standby CAS can ping them,
failover occurs
•
Both the Clean Access Manager and Clean Access Server are designed to automatically reboot in
the event of a hard-drive failure, thus automatically initiating failover to the standby CAM/CAS.
Содержание NAC-3310
Страница 8: ...Contents 6 Cisco NAC Appliance Hardware Installation Guide OL 20326 01 ...
Страница 172: ...A 4 Cisco NAC Appliance Hardware Installation Guide OL 20326 01 Appendix A Open Source License Acknowledgements Notices ...
Страница 176: ...Index IN 4 Cisco NAC Appliance Hardware Installation Guide OL 20326 01 ...