You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[MWAN Connector] Details on HA connections (#19824)
* added info on ha
* refined h3 and added DHCP info
* removed duplicate notes section
* Apply suggestions from code review
Co-authored-by: Jun Lee <[email protected]>
---------
Co-authored-by: Jun Lee <[email protected]>
Copy file name to clipboardExpand all lines: src/content/docs/magic-wan/configuration/connector/reference.mdx
+44Lines changed: 44 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,3 +32,47 @@ This feature allows you to have multiple [virtual LANs](https://www.cloudflare.c
32
32
A non-zero value set up for the VLAN ID field in your WAN/LAN is used to handle VLAN-tagged traffic. Cloudflare uses the VLAN ID to handle traffic coming into your Magic WAN Connector device, and applies a VLAN tag with the configured VLAN ID for traffic going out of your Connector through WAN/LAN.
33
33
34
34
You can setup VLAN IDs both for WAN and LAN. Refer to [Configure hardware connector](/magic-wan/configuration/connector/configure-hardware-connector/) or [Configure software connector](/magic-wan/configuration/connector/configure-virtual-connector/) to learn where you can set up VLAN IDs.
35
+
36
+
## High availability configurations
37
+
38
+
### Terminology
39
+
40
+
-**Primary/Secondary**: Used to identify the two nodes which are part of a high availability (HA) configuration pair of Magic WAN Connectors. This identity allows the node to identify which configuration is attributed to it — for example, specifying a primary and secondary IP in a LAN configuration. This identity is configured by the user on the Cloudflare dashboard.
41
+
-**Active/Standby**: These are states that the two nodes in a HA pair will dynamically assume based on an election process. Only one node at any time is expected to be active.
42
+
43
+
### High availability
44
+
45
+
A site set up in high availability (HA) mode has two Magic WAN Connectors with the same configuration but replicated in two nodes. In case of failure of a Connector, the other Connector becomes the active node, taking over configuration of the LAN gateway IP and allowing traffic to continue without disruption.
46
+
47
+
### Active/Standby Election
48
+
49
+
During the LAN configuration, one of the LAN links is configured as a HA link, which is used to exchange heartbeats, resulting in the active / standby election of nodes.
50
+
51
+
The state election uses a `PRIORITY` parameter where the node with the higher priority becomes active and the other assumes the standby state. If the priority is the same, the state machine automatically picks one of the nodes as active.
52
+
53
+
The HA pair is configured in non-preemptive mode, meaning that once a node becomes active, it will remain active unless its priority drops below that of the other node.
54
+
55
+
### Configuration
56
+
57
+
The two Connectors of a high availability (HA) pair are part of a single site. You designate the connectors [as primary and secondary](/magic-wan/configuration/connector/configure-hardware-connector/#create-a-high-availability-configuration) in the Cloudflare dashboard.
58
+
59
+
:::note
60
+
The HA link cannot be connected back-to-back. It has to be connected over a switch. This is because, in a direct connection, if the link is unplugged on one end, the other end also detects a link failure. Since we have configured the system to enter a `FAULT` state when the HA link goes down, the affected node will be unable to function as the active node.
61
+
:::
62
+
63
+
### Failure Detection and Failover
64
+
65
+
The Magic WAN Connector's health can be in one of three states:
66
+
67
+
-**Good** : All health parameters are good
68
+
-**Degraded** : One of the following is true:
69
+
- Health of at least one configured tunnel is `DOWN`
70
+
- At least one of the LAN links is disconnected (physically unplugged)
71
+
-**Down** : If one of the following is true:
72
+
- Health of all tunnels is `DOWN`
73
+
- All LAN interfaces are disconnected
74
+
- Connector software is not healthy
75
+
76
+
A failover happens when the active node's health declines to a level lower than that of the standby node. For example, from `GOOD` to `DEGRADED`, or from `DEGRADED` to `DOWN`. In the case of a failover where a Connector is acting as a DHCP server, DHCP leases will be synchronized.
77
+
78
+
When a failover occurs, traffic is moved to the new active node. It could take up to 30 seconds for traffic to be fully restored over the new active node.
Copy file name to clipboardExpand all lines: src/content/partials/magic-wan/connector/ha-configs.mdx
+1-6Lines changed: 1 addition & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,12 +18,7 @@ Because Connectors in high availability configurations share a single site, you
18
18
19
19
Make sure all IPs are part of the same subnet.
20
20
21
-
:::note
22
-
23
-
- Failure conditions include Connector down or software restart, LAN or WAN link down, tunnel health down.
24
-
- High availability (HA) is run in non-preempt mode, which means either the primary or the secondary node can come up as active through an election process which includes node health parameters.
25
-
- In the case of a failover where a Connector is acting as a DHCP server, DHCP leases will be synchronized.
26
-
:::
21
+
For detailed information about the expected behavior of high availability configurations, refer to [High availability configurations](/magic-wan/configuration/connector/reference/#high-availability-configurations).
0 commit comments