Static Redundancy (VRRP)
Static redundancy is the easiest way to achieve appliance redundancy. In this setup the appliances form a cluster using the Virtual Router Redundancy Protocol (VRRP) and are configured with a virtual IP (VIP) which is shared between the appliances. The VIP is configured as the next hop on the LAN side for all traffic that should be sent via the SCION network.
Static redundancy is recommended when no dynamic routing protocols are available in the organization's network zone where the EDGE appliances are placed. It is required that the EDGE appliances are placed within a layer 2 network on the LAN side, such that they can form a VRRP cluster.
In the static redundancy setup, only one EDGE appliance will be used for outgoing traffic, the second EDGE appliance acts as a backup. Incoming traffic from the SCION network may arrive on both EDGE appliances and is not tied to the state of the VIP.
Refer to the Getting Started Setup guide for step-by-step instructions on how to interact with the Anapaya appliance.
Information
The configuration examples below are based on the connected EDGE setup and need to be adapted to your specific setup.
Additional information provided by the customer
- LAN VIP address:
10.10.0.254/24
Network interfaces
Refer to the connected EDGE deployment example for more information about basic
network interfaces configuration. The lan interface is extended with the VRRP configuration. In
this example, the virtual router ID is 1. The EDGE 1 appliance is configured as the primary, and
the EDGE 2 appliance as the backup. This is expressed through the priority field. A higher
priority means that the appliance is preferred to be the primary. The addresses field contains the
VIP address that is shared between the appliances.
- EDGE 1
- EDGE 1 (diff)
- EDGE 2
- EDGE 2 (diff)
Complete configuration
For completeness, we provide the full configuration of both EDGE appliances:
- EDGE 1
- EDGE 1 (diff)
- EDGE 2
- EDGE 2 (diff)