Hello @Jose_Luis_Gonzalez,
The Peplink engineering team are going to need a few more details. These details can not get posted on the forum (for security reasons), so you’ll need to create a Support Ticket via the Peplink website at
In your support ticket, add-in:
Diagnostic files from both routers (master and slave when the slave has become the master)
You network topology as shared in your post
Details on the Optimizer brand and configurations
& any other details that may assist engineering in reproducing the issue
Once you have created your support ticket, post your ticket number here so the engineering team can follow up with your via the support ticket.
Happy to Help,
Marcus
I am setting up HA on two 580 with three ISPs. I have seen where four separate switches are used for the connections of the LAN, ISP1, ISP2, ISP3. Can a single 24 port high end managed switch be used for all the connection and if so, can they all be in the default VLAN1 or different VLANS will be needed? I do know it provides a single point of failure
Why are you considering running a Single switch with HA routers? The purpose of HA is to reduce/remove a single point of failure, so why a single switch?
It is technically possible to use a single switch such as a Peplink SD Switch using a bunch of VLANs to isolate all of the WANs, though you undo the purpose of HA with a single point of failure.
Recommendation:
Source enough eight (8) port Peplink SD Switches to cover the WANs (one per WAN port).
Use InControl2 to monitor & manage the solution; you will always have a recoverable backup of the system should the need arise.
There really is no point in doing HA when you are running everything through a single switch; you risk losing the benefit of the investment in the second router from the single switch.
Doing HA properly takes not just two routers capable of HA; it involves designing the solution correctly from the power, cabling, equipment spacing, distribution of the WANs (with multiple switches) to the distribution of the LAN side, and considering the configuration, operation & monitoring of the HA solution.
We have some Transits setup in HA all running SpeedFusion back to the same FusionHubs.
The Transits are setup in HA and the FusionHubs are used in disaster recovery mode.
Two questions;
We have seen the HA fail over occur when the ethernet satellite WAN failed but there is still cellular connectivity. Is this expected?
Does the following comment refer to just ethernet WAN or cellular would have to disconnect too?
HA Group Number - As all our different locations are connected via SpeedFusion, should each HA pair have a unique group number or could they all use the same group number?
One feature request;
HA Slave remote access and/or visibility in InControl2
Once a HA goes into slave, you can no longer access the device via InControl2 (assuming you have it set to synchronise configurations). It would be nice if there was a link on the master device to login to the slave device. This would be like there currently is for the AP controller to log into APs and also now on the WAN if a Peplink product is installed on the WAN.
It would also be nice if the master device could act as a proxy for the slave device to report to InControl2 that the slave device is functioning as expected.
We have tested it but have been getting some errors in the event log of “MAC address conflict: Received packet claiming to be from our MAC address” and been trying to isolate the error as it doesn’t happen on all the installations!
Could you elaborate on that? In our HA pairs (B380s, HD2s) we see both members of the pair in IC2, and can access reports and remote web admin pages for the slave as well as the master.
If we enable this on the slave device, we can see both devices in InControl2.
We don’t want to use this as you can not use configuration sync at the same time.
Once we disable this option and re-enable config-sync then the slave device shows offline in InControl2 unless it becomes the master.
open an IC2 remote web admin connection to the slave, and from there the ability to change its status (as appropriate for a slave unit with limited local autonomy), incl. turning off Configuration Sync.
These observations are w.r.t two pairs, one being a couple of Pepwave MAX HD2 (HW5) FW 8.1.1 build 5040, the other being a couple of Balance 380 (HW6) FW 8.1.1 build 5006.
[Update after the incipient baldness reported below:
I am exploring a possible correlation - a port assignment mismatch between the slave and the master prior to setting up the HA coupling. Stay tuned.]
Now I am tearing my hair out as well.
I changed one thing - the group # - and suddenly I am in the same situation as yours.
@Harry_Thompson,
By any chance the Master has a static route 0.0.0.0 in the LAN settings ? If yes, the special firmware is required for Slave to be online in IC2.
Anyway, please, submit a ticket so support can check where the problem is.
Update:
I had a HA pair of HD2 IP67 working fairly well (more on that in a new thread).
After a few reconfigurations of the interfaces (for reasons that seemed good at the time), the slave started exhibiting the symptoms reported earlier by @Harry_Thompson (i.e., a lack of accessibility to the slave unit).
What made the slave accessible again was to make sure the port configurations of the two units were identical. (The HD2 IP67 allows one to change a WAN port into a LAN port - that change seems to have been the culprit).
Once they were, the two members of the HA pair both became visible to IC2 (and by remote and direct Web UI connection) (as in the screenshots provided earlier).
Hello @RolandasR,
Please post/share the URL links to these special releases to do HA.
With the special firmware for HA, will this be rolled into the next GA release?
Happy to Help,
Marcus
Hi @mldowling,
It won’t be in the upcoming GA, but in the later one for sure.
If you wish to have this special build, please submit a ticket, because the firmware has to be built.
Also I would recommend to wait for 8.1.3 GA to come out first.