13-11
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
13






Configuring

High

Availability
Understanding
ACE

Redundancy
For
multiple

contexts,

the

fault-tolerant

VLAN

resides

in

the

system

configuration

data.

Each
fault-tolerant
VLAN

on

the

ACE

has

one

unique

MAC

address

associated

with

it.

The

ACE

uses

these
ACE
MAC

addresses

as

the

source

or

destination

MACs

for

sending

or

receiving

redundancy

protocol
state
and

configuration

replication

packets.
Note
The
IP

ad

dress

an

d

the

MAC

add

ress

of

th

e

faul

t-tolerant

VLAN

do

not

change

at


switchover.
For
additional

information

about

ACE

redundancy,

see

either

the

Cisco

Application

Control

Engine
Module
Administration

Guide

or

t

he

Cisco

4700

Series

Application

Control

Engine

Appliance
Administration
Guide.
Related
Topics
Understanding
ACE

Redundancy,

page

13-6
ACE
Configuration

Synchronization
For
redundancy

to

function

properly,

both

members

of

an

fault-tolerant

group

mus

t

have

identical
configurations.
The

ACE

automatically

replicates

the

active

configuration

on

the

standby

member

using
a
pr

ocess

called

configuration

synchronization

(config

sync).

Config

sync

automatically

replicates

any
changes
made

t

o

the

configuration

of


the

active

member

t

o

the

standby

member.

After

the

ACE
synchronizes
the

redundancy

configuration

from

the

active

member

to

the

standby

peer,

it

disables
configuration
mode

on

the

standby.

See

the

“Configuring

ACE

High

Availability

Peers”

section

on
page
13-15 .
Note
The
Application

Networking

Manager
manages
l

ocal

configurations

only.
When
ANM

detects

a

pair

of

ACE

peers

operating

in

high

availability

(HA),

ANM

allows

you

to

make
configuration
changes

on

either

the

active

or

standby

ACE.

ANM

then

automatically

(and

seamlessly)
pushes
the

configuration

to

the

active

ACE

and

locally

replicates

the

configuration

on

the

standby
imported
into

ANM.

This

action

is

similar

to

what

is

performed

by

the

ACE

to

the

peers.
Note
Keep
in

mind

that

the

configuration

pushed

while

the

standby

ACE

has

been

selected

does

not

mean

that
ANM
pushed

the

configuration

to

the

standby

ACE.

Typically,

with

auto-sync

turned

off,

configuration
changes
are

disabled

on

the

standby

ACE.

In

this

case,

ANM

tries

to

push

the

configuration

to

the

active
ACE
in

the

HA

device

pair.
For
additional

information

about

ACE

redundancy,

see

either

the

Cisco

Application

Control

Engine
Module
Administration

Guide

or

Cisco

4700

Series

Application

Control

Engine

Appliance
Administration
Guide.
Related
Topics


Understanding
ACE

Redundancy,

page
13-6


Synchronizing
ACE

High
Availability
Configurations,

page
13-30


Synchronizing
SSL

Certificate

and

Key

Pairs

on

Both
ACE
Peers,

page
13-32