sandy16
Aug 01, 2012Altostratus
HA config in route-domains?
Our enterprise is going through a major network segmentation project (something similar to ITSG 22 and 38 standards). I decided to use route-domains(even though i could have lived without it as it is not a multi-tenant setup) in an active/standy pair.
I am creating different traffic groups for different route domains so that a failure in traffic-group one does not effect the other and only the effected traffic-group failsover.
I am running ver 11.2 hf1 on 1600 platforms.
Have few questions -
1. For each route domain i am defining a seperate external, internal and a HA vlan. The HA vlan is completely private tagged on directly connected links b/w the two 1600s. Should i define a separate HA-vlan for each route domain and then add them to the "failover unicast configuration" one-by-one as I go? It curently just has the mgmt interface and the HA interface of the default route domain.
2. Should I use mac-masqurade address in each traffic-group? I might have a total of 20+ traffic groups/route domains so should i go that far in defining each one with a seperate mac address or just leave it default?
3. Under the "mirroring configuration" I only have the primary local mirror address and the secondary local mirror address of the HA and the Internal interface of the default route domain. I might never do a connection mirroring as majority of the traffic will be HTTP, but just in case I have to do it in the future for a VIP residing in a seperate route-domain, then how will the connections be mirrored b/w the 2 devices for a differnt route-domain as I do not have an option to add another addresses in there?
thnx
Sandev