Net Optics iBypass HD User Manual

Page 35

Advertising
background image

31

iBypass HD

HA mode—Link failure

In Figure 19, the active router failed and its link to the iBypass Switch went down. The bypass switch reacted to the link

down condition by entering Bypass On mode on the primary link and routing the traffic on the backup link through the

IPS. This action occurred automatically, without any manual intervention by the system administrator. The iBypass Switch

continues to mointor the primary link, and if the down link comes back up (that is, then both sides of the primary link are

connected), the IPS is moved back to the primary link and the backup link goes into Bypass On mode again.

Passive link

Active link

Internet

X

IPS

Active link

Active link

Passive link

Internet

IPS

Backup IPS

Backup IPS

Normal Operation

Operation When Primary Link Fails

Backup IPS

IPS

X

Operation When Primary IPS Fails

Passive link

Internet

Passive link

Active link

Internet

X

Operation When Primary Link

and Primary IPS Fail

Backup IPS

IPS

X

Figure 19: HA mode with a link failure

In some cases, the primary link might fail in a way that doesn't actually lose link. For example, it could fall victim to

a Denial of Service attack, or it could experience a major slowdown for some reason. In usch a case, an administator

or a management tool could switch to using the backup link. In such circumstances, the bypass switch can be forced to

move to the backup link by setting the DBM HA mode force (ha_mode=force) and assigning the link you want as the

primary_link and the tool you want as the primary_tool.

HA mode—IPS failure

In Figure 20, the primary IPS stopped passing Heartbeat packets so the bypass switch rerouted the traffic through the

backup IPS. This action occurred automatically, without any manual intervention by the system administrator. The

bypass switch continues to send Heartbeat packets to the failed IPS, and when it comes back online, the bypass switch

automatically changes the traffic routing so it goes through the primary IPS again.

If both IPSs fail to respond to Heartbeat packets, both bypass switches go into Bypass On mode, opening both links to

traffic flow without going through either IPS.

Passive link

Active link

Internet

X

IPS

Active link

Active link

Passive link

Internet

IPS

Backup IPS

Backup IPS

Normal Operation

Operation When Primary Link Fails

Backup IPS

IPS

X

Operation When Primary IPS Fails

Passive link

Internet

Passive link

Active link

Internet

X

Operation When Primary Link

and Primary IPS Fail

Backup IPS

IPS

X

Figure 20: HA mode with an IPS failure

Advertising
Popular Brands
Popular manuals