ADC

Configuring route monitors

You can use route monitors to make the HA state dependent on the internal routing table, whether the table contains any dynamically learned or static routes. In an HA configuration, a route monitor on each node watches the internal routing table to make sure that a route entry for reaching a particular network is always present. If the route entry is not present, the state of the route monitor changes to DOWN.

When a Citrix ADC appliance has only static routes for reaching a network, and you want to create a route monitor for the network, you must enable monitored static routes (MSR) for the static routes. MSR removes unreachable static routes from the internal routing table. If MSR is disabled on static routes, an unreachable static route can remain in the internal routing table, defeating the purpose of having the route monitor.

Route Monitors are supported both in non-INC and INC mode.

Route Monitors in HA in non-INC mode Route Monitors in HA in INC mode
Route monitors are propagated by nodes and exchanged during synchronization. Route monitors are neither propagated by nodes nor exchanged during synchronization.
Route monitors are active only in the current primary node. Route monitors are active on both the primary and the secondary node.
The Citrix ADC appliance always displays the state of a route monitor as UP irrespective of whether the route entry is present or not in the internal routing table. The Citrix ADC appliance displays the state of the route monitor as DOWN if the corresponding route entry is not present in the internal routing table.
A route monitor starts monitoring its route after 180 seconds in the following cases [This is done to allow dynamic routes to get learned, which may take 180 secs]: reboot, failover, set route6 command for v6 routes, set route msr enable/disable command for v4 routes, adding a new route monitor. -

Route monitors are useful in a non-INC mode HA configuration where you want the non-reachability of a gateway from a primary node to be one of the conditions for HA failover.

Consider an example of a non-Inc mode HA setup in a two-arm topology that has Citrix ADC appliances NS1 and NS2 in the same subnet, with router R1 and switches SW1, SW2, and SW3.

Because R1 is the only router in this setup, you want the HA setup to failover whenever R1 is not reachable from the current primary node. You can configure a route monitor (say, RM1 and RM2, respectively) on each of the nodes to monitor the reachability of R1 from that node.

Figure 1.

Localized image

With NS1 as the current primary node, the execution flow is as follows:

  1. Route monitor RM1 on NS1 monitors NS1’s internal routing table for the presence of a route entry for router R1. NS1 and NS2 exchange heartbeat messages through switch SW1 or SW3 at regular intervals.
  2. If switch SW1 goes down, the routing protocol on NS1 detects that R1 is not reachable and therefore removes the route entry for R1 from the internal routing table. NS1 and NS2 exchanges heartbeat messages through switch SW3 at regular intervals.
  3. Detecting that the route entry for R1 is not present in the internal routing table, RM1 initiates a failover. If the route to R1 is down from both NS1 and NS2, failover happens every 180 seconds until one of the appliances is able to reach R1 and restore the connectivity.

Adding a route monitor to a high availability node

A single procedure creates a route monitor and binds it to an HA node.

Note:

If you have configured admin partitions, make sure that you add route monitors from the default partition.

To add a route monitor by using the command line interface

At the command prompt, type:

  • bind HA node <id> (-routeMonitor <ip_addr|ipv6_addr> [<netmask>])
  • show HA node

Example

> bind HA node 0 -routeMonitor 10.102.71.0 255.255.255.0
 Done
> bind HA node 0 -routeMonitor 1000:0000:0000:0000:0005:0600:700a:888b
 Done
<!--NeedCopy-->

To add a route monitor by using the GUI

Navigate to System > High Availability and, on the Route Monitors tab, click Configure.

Removing route monitors

To remove a route monitor by using the command line interface

At the command prompt, type:

  • unbind HA node <id> (-routeMonitor <ip_addr|ipv6_addr> [<netmask>])
  • show ha node

Example

unbind HA node 3 -routeMonitor 10.102.71.0 255.255.255.0
unbind HA node 3 -routeMonitor 1000:0000:0000:0000:0005:0600:700a:888b
<!--NeedCopy-->

To remove a route monitor by using the GUI

Navigate to System > High Availability and, on the Route Monitors tab, delete the route monitor.

Configuring route monitors