Layer 2 nac controller redundancy -31, Layer 3 nac controller redundancy -31, Figure 5‐9 – Enterasys Networks 9034385 User Manual
Page 95
Inline NAC Design Procedures
Enterasys NAC Design Guide 5-31
Figure 5-9 Layer 2 NAC Controller Redundancy
For a Layer 3 NAC Controller, redundancy is achieved by implementing redundant Layer 3
NAC Controllers on adjacent, but separate networks as shown in
. The NAC
Controllers must be in different networks, and a dynamic routing protocol such as OSPF or
RIP must be configured between the upstream and downstream routers that are positioned on
either side of the NAC Controllers. Redundant Layer 3 NAC Controllers are active‐active, in
that traffic from a downstream router may pass through either of the redundant Layer 3 NAC
Controllers with equal cost multipath forwarding implemented for the configured dynamic
routing protocol. If NAC Controller #1 (PEP or NAC Engine) stops forwarding traffic, the
network will automatically converge using the configured routing protocol to forward traffic
through NAC Controller #2. Note that the NAC Controllers do not route packets and do not
participate in the layer 3 topology.
Figure 5-10 Layer 3 NAC Controller Redundancy