Got it

[Configuration and Deployment Instructions] Configure a Protection Tunnel When a Shared Address Pool Is Deployed in a Dual-Device Hot Backup Scenario

531 0 0 0 0

未标题-1


Configure a Protection Tunnel When a Shared Address Pool Is Deployed in a Dual-Device Hot Backup Scenario

A protection tunnel must be configured when a shared address pool is deployed in a dual-device hot backup scenario. If the master device's user-side link fails but no protection tunnel is configured, downstream traffic cannot enter the protection tunnel. As a result, traffic loss occurs.


Scenario

Deploying exclusive address pools requires a large number of address pools to be planned, which wastes address resources. To resolve the preceding issue, deploy a shared address pool. When a shared address pool is deployed, the following requirements must be met:
  • The address pool cannot be bound to a remote backup profile (RBP).
  • Both the master and backup devices must advertise the address pool's network segment route. A routing policy must be configured, so that the address pool's network segment route advertised by the master device has a higher priority. This configuration prevents load balancing on the network-side device.
  • A protection tunnel (for example, an LSP) must be established between the master and backup devices. If a user's uplink fails, the user's downstream traffic is switched to the protection tunnel.
  • The ip-pool pool-name command must be run in the RBS view to bind the address pool to the RBS. This configuration ensures that network-side traffic can be forwarded through the protection tunnel before host routes are generated.
    imgDownload?uuid=09e1c6b4c08a40c19bcbbf5 NOTE:

    Only the master device's address pool must be bound to the RBS.


imgDownload?uuid=b1bac458ca624ba18292494

Configuration Requirements

For details, see Configuring User Information Backup in Shared IP Address Pool Mode.

Misconfiguration Risks

Risk description:

When a shared address pool is configured in a dual-device hot backup scenario, downstream traffic arriving at the master device is switched to the backup device through a protection tunnel if the master device's user-side link fails. If no a protection tunnel is configured, downstream traffic is lost and cannot reach the user side.


imgDownload?uuid=040104af79714f788bef79a

Identification method:

  • Run the display remote-backup-service service-name command to check all RBS information.
    • Check whether a shared address pool is bound to an RBS.

      Check whether an address pool name exists in the ip pool field in the command output.

      If an address pool name exists in the ip pool field, a shared address pool has been bound to the RBS. Go to the next step.

      If no address pool name exists in the ip pool field, the configuration requirements are not involved.

    • Check whether a protection tunnel is configured for the RBS.

      Check whether the command output contains the Protect-type and Out-interface fields.

Recovery measures:

Perform configurations according to the configuration requirements.


Click to Read The Full Documentation...

The post is synchronized to: Configuration and Deployment Instructions

  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.