Redundant Head-end Config


#1

We currently have a 380 unit acting as a head-end for all of our remote 210 and 310 units. We happen to have a redundant internet connection down the road that is connected to corporate through a metropolitan area network. If I put a second 380 head-end unit at the redundant internet connection, how do I configure SpeedFusion on the remote 210/310 units to have one 380 as primary and the other as secondary?

For example, I want all of the remote to have a designated primary head-end for normal operation and a designated backup head-end in case the primary 380 fails.

Maybe this is very simple to do, but I do not see anything in the SpeedFusion config to assign priority/preference.

Any comments would be greatly appreciated.

Thanks.

Update: I don’t think I’ll be able to get this to work without dynamic routing on the Peplink LAN interfaces. Since my routers currently rely on static routes pointing to the Peplink 380 in order to reach the remote sites, this would prohibited a dynamic change in routing when a remote site connects to the other 380. Any word on if OSPF is in the works??? I’d take RIP at this point.


#2

You can deploy the high-availability 380 in this manner.


#3

Our two ISP connections are at different physical locations with routing between the sites. We do not want to co-locate the appliances since that would limit us to one ISP connection. We really need dynamic routing on the Peplink LAN interfaces.


#4

Unfortunately the Peplink LAN does not support dynamic routing. If you can share with us the current and coming network diagram, we will try to work out a solution on it.


#5

I had a call with our re-seller who helped design a solution. First we will make Site A a highly available pair. Then, we’ll dedicate a WAN interface from each unit(Site A and Site B) to build a SpeedFusion tunnel over our internally routed network from Site A to Site B. Our static routes will always point to Site A Peplink for all remote Peplink networks. Then, Site A Peplink will either have a direct SpeedFusion tunnel or use the partial mesh SpeedFusion route through Site B to reach the remote networks. Essentially, we are using a SpeedFusion mesh to replace the need for a standard routing protocol(OSPF/RIP). The big advantage being that SpeedFusion will maintain session persistence for us.


#6

Just to clarify. Under HA deployment, the Peplink will be in Active/Passive mode.

It will be good if you can extend the WAN connection between Site A and Site B. Then you can enjoy a full HA setup.


#7

Yes. We will be doing an Active/Passive HA pair at Site A and a standalone unit at Site B with Speedfusion between them across our WAN.


#8

In this case you can have SpeedFusion between Site A and Site B. Then all the branches will have 2 SpeedFusion VPNs (1 to Site A and another 1 to Site B). This will ideally provide redundancy to the network without any manual configuration during failover as there is a dynamic routing in the SpeedFusion.