Enabling Edge Gateway High Availability

This document describes Aviatrix Secure Edge High Availability feature.

Before reading this document, you should be familiar with the following:

Aviatrix Secure Edge High Availability architecture supports Active-Active and Active-Standby peering to the Transit Gateway.

When you create the primary Edge Gateway for a site, you have the option to enable High Availability mode. When Edge Gateway High Availability is enabled a second HA Edge Gateway is deployed.

Edge Gateway to Transit Gateway HA

Active-Active Edge

In an Active-Active deployment, the primary Edge Gateway and HA Edge gateway connects to the Transit Gateway with two active peerings. Network traffic between Transit and Edge gateways is load balanced and forwarded across both active peerings.

By default, if a High Availability mode is not selected, Edge Gateways deployed in the same site will default to Active-Active Mode.

Active-Standby Edge

In an Active-Standby deployment, the primary Edge Gateway and the HA Edge gateway connect to the Transit Gateway with one active peering and one standby peering. Only the primary Edge Gateway actively forwards network traffic. The HA Edge Gateway takes over when the primary gateway goes down.

If you select Active-Standby mode, you can also switch Preemptive option On or Off (default) to determine the network’s behavior when the primary gateway goes down.

  • When Preemptive is On, the network automatically switches back to using the primary gateway when the primary gateway connection is back up.

  • When Preemptive is Off, the network continues to use the standby gateway even after the primary gateway is back up, until you initiate a manual switchover.

  • High Availability mode cannot be changed after the primary Edge Gateway and the HA Edge Gateway is deployed. To change the High Availability mode, you must first delete the HA Edge Gateway.

Edge Gateway to LAN Router HA

Aviatrix Edge Gateway can be peered with a BGP router on the LAN interface.

Active-Active Edge

In an Active-Active deployment, the primary Edge Gateway and HA Edge gateway connect to the LAN router with two active BGP peerings. Network traffic between the LAN router and Edge gateways is load balanced and forwarded across both active peering.

Active-Standby Edge

In an Active-Standby deployment, the primary Edge Gateway and the HA Edge gateway connect to the LAN router with one active and one standby BGP peering. Only the primary Edge Gateway actively forwards network traffic. The standby Edge Gateway takes over when the primary gateway goes down.

Edge Gateway to VLAN HA (Aviatrix Edge Platform)

In the Aviatrix Edge Platform, an Edge Gateway can support multiple virtual LANs (VLANs). This is applicable when using Aviatrix Edge Gateway on-premise where the Edge Gateway is the default LAN router with VLANs terminating on the Edge Gateway. Virtual Router Redundancy Protocol (VRRP) is supported in this scenario with Active-Standby Edge. The VLANs are configured symmetrically on the Active and Standby gateway. You configure the VLAN only on the primary gateway. The VLAN is automatically configured on the standby gateway.

This diagram shows Edge Gateways in active-standby mode connected to multiple VLANs.

edge multi vlans
vRRP is not supported if High Availability is disabled for a site.

  • Creating an Edge Gateway