13-9
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
13






Configuring

High

Availability
Understanding
ACE

Redundancy
To
outside

nodes

(clients

and

servers),

the

active

and

standby

FT

group

members

appear

as

one

node
with
respect

to

their

IP

addresses

and

associated

VMAC.

ACE

provides

active-active

redundancy

with
multiple
contexts

only

when

there

are

multiple

FT

groups

configured

on

each

ACE

and

both

devices
contain
at

least

one

active

group

member

(context).

With

a

single

context,

the

ACE

supports
active-backup
redundancy

and

each

group

member

is

an

Admin

context.
The
ACE

sends

and

receives

all

redundancy-related

traffic

(protocol

packets,

configuration

data,
heartbeats,
and

state

replication

packets)

on

a

dedicated

FT

VLAN.

You

cannot

use

this

dedicated

VLAN
for
normal

traffic.
To
optimize

the

transmission

of

heartbeat

packets

for

multiple

FT

groups

and

to

minimize

network
traffic,
the

ACE

sends

and

receives

heartbeat

messages

using

a

separate

process.

The

ACE

uses

the
heartbeat
to

probe

the

peer

ACE,

rather

than

pr

obe

each

context.

When

an

ACE

does

not


receive

a
heartbeat
fro

m

th

e

peer

ACE,

al

l

the

co

ntexts

i

n

the

standby

state

become

active.

The

ACE

sends
heartbeat
packets

over

UDP.

You

can

set

the

frequency

with

which

the

ACE

sends

heartbeat

packets

as
part
of

the

FT

peer

configuration.

For

details

about

configuring

the

heartbeat,

see

the

“Configuring

ACE
High
Availability

Peers”

section

on

page

13-15 .
The
election

of

the

active

member

within

each

FT

group

is

based

on

a

priority

scheme.

The

member
configured
with

the

higher

priority

is

elected

as

the

active

member.

If

a

member

with

a

higher

priority

is
found
after

the

ot

her

member

becomes

active,

the

new

member

becomes

active

because

it

has


a

higher
priority.
This

behavior

is

known

as

preemption

and

is

enabled

by

default.

You

can

override

this

default
behavior
by

disabling

preemption.

To

disable

preemption,

use

the

Preempt

parameter.

Enabling

Preempt
causes
the

member

with

the

higher

priority

to

assert

itself

and

become

active.

For

details

about
configuring
preemption,

see

the

“Configuring

ACE

High

Availability

Groups”

section

on

page

13-17 .
For
additional

information

about

ACE

redundancy,

see

either

the

Cisco

Application

Control

Engine
Module
Administration

Guide

or

t

he

Cisco

4700

Series

Application

Control

Engine

Appliance
Administration
Guide.
Related
Topics


Understanding
ACE

Redundancy,

page
13-6


ACE
High

Availability

Polling,
page
13-7
ACE
Stateful

Failover
The
ACE

replicates

flows

on

the

active

FT

group

member

to

the

standby

group

member

per

connection
for
each

context.

The

replicated

flows

contain

all

the

flow-state

information

necessary

for

the

standby
member
to

take

over

the

flow

if

the

active

member

becomes

unresponsive.

If

the

active

member

becomes
unresponsive,
t

he

replicated

fl

ows

on

t

he

st

andby

member

become

active

when

the

st

andby

member
assumes
mastership

of

the

context.

The

active

flows

on

the

former

active

member

transition

to

a

standby
state
to

fully

back

up

the

active

flows

on

the

new

active

member.
Note
For
t

he
replication
process
t

o

function
properly
and
successfully
replicate
the

configuration
for

a

use

r
context
when

switching

from

the

active

context

to

the

standby

context,

ensure

that

the

user

context

has
been
added

to

the

FT

group.

All

applicable

user

contexts

must

be

part

of

an

FT

group

for

redundancy

to
function
properly.
Note
By
default,

connection

replication

is

enabled
in
the

ACE.