Gateway and Tunnel HA Options

Overview

The Aviatrix Controller monitors your cloud networking deployment, detects problems, and handles failover resolution automatically. There are 3 options to choose from when deploying Aviatrix in a highly available architecture:

HA Option

Recovery Time *

Backup Gateway and Tunnel(s)

~30 seconds

Single AZ Gateway

4-5 minutes

Backup Gateway(deprecated)

1-2 minutes

* Recovery times vary based on many factors including the number of tunnels established.

These options give you the flexibility to select the one that meets your requirements for recovery time. For production environments, a quicker recovery time is typically very important. But, for development environments, a longer delay is acceptable. With Aviatrix HA, you can mix and match these options in your deployment to meet your needs.

As the recovery time decreases, there may be additional costs to consider. Single AZ has no additional costs. Backup Gateway will incur additional instance charges (for the additional gateway provisioned). Backup Gateway and Tunnel(s) will also incur additional costs.

How is a Gateway or Tunnel Determined to be Down?

See more details here.

HA Options

Backup Gateway and Tunnel(s)

Note

The recovery time for this option is approximately 30 seconds.

imageGwBackupTunnel imageTimer30Sec

The backup gateway has its own EIP and active tunnel(s). The backup gateway and tunnels are provisioned when HA is enabled for this gateway.

If a problem with the primary gateway or connected tunnel(s) is detected:

  1. Update the routing table in the VPC/VNet so the target for routes is the backup gateway.

  2. An email notification is sent to the administrator.

Single AZ Gateway

Note

The recovery time for this option is approximately 4-5 minutes.

imageGwSingleAZ imageTimer5Min

The gateway is actively monitored by the Controller. If there is a problem with the gateway or tunnel(s):

  1. The gateway is stopped and started again.

  2. Any configured tunnels are established from the new gateway to their respective terminating gateway.

  3. An email notification is sent to the administrator.

Please look here for more information.

Backup Gateway

Note

The recovery time for this option is approximately 1-2 minutes. This feature has been deprecated. Not recommended for new customers.

imageGwBackup imageTimer2Min

A backup gateway in a different Availability Zone is created when this option is enabled. There are no tunnels terminating with the backup gateway and it does not have its own EIP.

If a problem with the primary gateway or connected tunnel(s) is detected:

  1. The EIP is moved to the backup gateway from the active.

  2. Tunnels currently connected to the primary gateway are rebuilt on the backup gateway.

  3. An email notification is sent to the administrator.

Deployment Guide

Deploying your desired HA model is simple. Follow these steps to enable HA on your gateway:

  1. Log in to the Controller.

  2. Click on the Gateway navigation item.

  3. Select the gateway in the table and click Edit in the upper right.

    imageEditGW

  4. Follow the steps below for the desired HA option.

    • Backup Gateway and Tunnel HA

      1. Scroll to Gateway for High Availability Peering.

      2. Select the subnet where the backup gateway should be deployed.

        Tip

        Select an Availability Zone that is different from where your primary gateway is installed.

      3. Click +Create button.

      imageEnableBackupGWAndTunnel

    • Single AZ HA

      Click Enable below Gateway Single AZ HA.

      imageEnableSingleAZ

    • Backup Gateway HA (deprecated)

      1. Scroll to Gateway for High Availability.

      2. Select the subnet where the backup gateway should be deployed.

        Tip

        Select an Availability Zone that is different from where your primary gateway is installed.

      3. Click the Enable HA button.

      imageEnableBackupGW