Configure Gigamon Resiliency for Inline Protection

Gigamon Resiliency for Inline Protection (GRIP)™ is an Inline Bypass solution that connects two GigaVUE nodes together so that one node provides high availability to the other node when there is a loss of power. This redundant arrangement of two GigaVUE nodes maintains traffic monitoring by inline tools when one of the nodes is down.

GRIP makes use of the bypass protection switch relays for protected inline networks on GigaVUE‑HC3, GigaVUE‑HC1, and GigaVUE-HC1P nodes. The following modules are required to provide physical protection:

■   bypass combo modules (BPS), for a protected pair of optical inline network ports on GigaVUE‑HC3, GigaVUE‑HC1, or GigaVUE-HC1P
■   TAP-HC1-G10040 module, for a protected pair of copper inline network ports on GigaVUE‑HC1

Note:  GRIP is supported on GigaVUE‑HC3 only when there are other modules installed in the node that can provide the stack link. The GRIP solution synchronizes the nodes through a signaling link using a stack link between two stack ports.

In the GRIP solution, two GigaVUE nodes are cabled so that traffic is guided through one GigaVUE node, acting in the primary role, while the other GigaVUE node is on standby, acting in a secondary role. If the primary node fails, the bypass protection switch relays on the modules switch the traffic over from the primary node to the secondary node.

Using the physical protection for either copper or fiber, traffic is guided through inline tools by one of the GigaVUE nodes. The GigaVUE node with the open bypass protection switch relays is the one through which traffic flows. The traffic only flows through one GigaVUE node or the other.

To configure the GRIP solution for copper, use two TAP-HC1-G10040 modules on GigaVUE‑HC1. The capacity will be 1Gb.

To configure the GRIP solution for fiber, use the following:

■   two BPS-HC1-D25A24 modules on GigaVUE‑HC1. The capacity will be 10Gb.
■   two BPS-HC3-C25F2G modules on GigaVUE‑HC3. The capacity will be either 100Gb or 40Gb, depending on the configured port speed of the inline network port pairs.

Between the two GigaVUE nodes, a 10Gb fiber signaling link is cabled using stack ports. Also, two inline tools are needed for the GRIP solution.

Refer to 1 Traffic Flows Through Node with Primary Role, 2 Traffic Flows Through Node with Secondary Role after Primary is Lost, and 3 Both Nodes Fail; No Traffic Monitoring.

1 Traffic Flows Through Node with Primary Role shows traffic coming from a network (for example, the Internet) through an edge router at the top of the figure. Two GigaVUE nodes with an inline monitoring tool attached to each node are shown in the middle of the figure. Traffic to end devices on a private network are shown at the bottom of the figure.

The GigaVUE node on the left of the figure is acting in the primary role, while the GigaVUE node on the right is acting in the secondary role. The nodes are synchronized through a signaling link using a stack link between two stack ports.

As shown in 1, traffic only flows through the node with the primary role. On the primary node, the bypass protection switch relays are open. Traffic is directed to the inline tool attached to the primary node. The node with the secondary role watches the state of the signaling link. If the primary node is up, the link is up, and the secondary node takes no action. The bypass protection switch relays on the secondary node are in a closed state. In 1 Traffic Flows Through Node with Primary Role, the dotted lines depict the inactive traffic path.

1 Traffic Flows Through Node with Primary Role

In 2 Traffic Flows Through Node with Secondary Role after Primary is Lost, power is lost to the GigaVUE node in the primary role. The bypass protection switch relays on the primary node close automatically when the node is down. The secondary node receives a signal through the signaling link that the primary node is down. The secondary node opens its bypass protection switch relays. Now traffic flows through the secondary node and traffic is directed to the inline tool attached to the secondary node.

2 Traffic Flows Through Node with Secondary Role after Primary is Lost

In 3 Both Nodes Fail; No Traffic Monitoring, both nodes have lost power. The bypass protection switch relays are closed on both GigaVUE nodes. Traffic flows between the networks, but without going through the inline tools, which are both bypassed.

3 Both Nodes Fail; No Traffic Monitoring

How to Handle Recovery

In the scenario in 2, after traffic is flowing through the secondary node, at some point the primary node will come back up. The primary node will establish the configured inline traffic paths, bring the signaling link up, and open its relays. Traffic will then flow through the primary node again.

Both Nodes Go Down and Only Secondary Comes Up

In the GRIP solution, if both primary and secondary nodes are powered down or if there is a power outage causing both primary and secondary nodes to go down, powering up the secondary alone without the primary ever coming up will cause network traffic to be bypassed instead of being sent to inline tools.

It is not recommended to power up/recover only the secondary node without the primary. The recommendation is to eventually bring the primary up also.

If the primary node is prone to failures or frequent power outages, another recommendation is to change the role of the secondary node to the primary.

How to Cable GigaVUE Nodes

To cable two GigaVUE nodes, as shown in 1 with the primary on the left and the secondary on the right:

■   Connect the network shown at the top of 1 to inline network port A on the primary node.
■   Connect inline network port B on the primary node to inline network port A on the secondary node.
■   Connect inline network port B on the secondary node to the network shown at the bottom of the 1.
■   Connect the signaling port on the primary node to the signaling port on the secondary node.

Configure GRIP Solution Software

To configure the GRIP solution in software:

1.   On the left navigation pane, click on > Nodes.Click on the Left Node in which the configuration needs to be done.
2. From the left navigation pane, go to System > Ports > >Ports>All Ports. Select the port that would act as the signaling port and click Edit.
3. Select Enable for Admin.
4. Select Type Stack.
5. Click OK.
6. Repeat Steps 1 through 5 on the right node to complete the signaling port type configuration.
7. On the left navigation pane, go to Physical > Orchestrated Flows > Inline Flows, and then click Configuration Canvas to create a new Flexible Inline Canvas.
8. In the Flexible Inline Canvas that appears, select the required device and click the ‘+’ icon next to the Redundancy option.
9. Enter a name for the profile in the Alias field.
10. Click on the Signaling Port field and select the stack port configured in Step 4. Select Primary for Protection Role.
11. Click OK.
12. Repeat Steps 8 through 11 for the right node to complete the Redundancy Profile Configuration but select Protection Role as Secondary.

The redundancy profile specifies the following:

■   Signaling Port—specifies the ports used to signal the state of the two GigaVUE nodes to each other. The ports provide the mechanism to detect loss of power in one of the GigaVUE nodes.
■   Protection Role—specifies the role of the GigaVUE node, as primary, secondary, or suspended. The default is suspended. When suspended, the protection role is on hold. Changing a GigaVUE node from the primary role to the suspended role can be used to manually force the primary node down so the secondary node can become active. The suspended role is also used when performing maintenance. Refer to Limitation for Suspended Role and How to Use Suspended Role for Maintenance.

The link between the signaling ports on the two GigaVUE HC Series nodes is for synchronization. When the node acting in the primary role is up, the signaling link is up, and the node acting in the secondary role sees the link as up. When the primary node loses power, the signaling link is brought down, and the secondary node sees the link as down and takes over.

The redundancy profile combines the protection role with the signaling port. The same redundancy profile is applied to the inline networks, so they have the same properties. If multiple inline networks on each GigaVUE node share the signaling link, they must be configured with the same protection role.

The primary and secondary roles on the two GigaVUE nodes do not change. That is, the role of the primary node stays the same and the role of the secondary node stays the same. The secondary always watches the state of the signaling port for whether the link is up or down.

For example, in 2 Traffic Flows Through Node with Secondary Role after Primary is Lost, after the primary node recovers, it will open its bypass protection switch relays. Through the signaling port, the primary node will indicate that it is ready to receive traffic by setting the link state to up. The secondary node will notice that the link is up and will close its bypass protection switch relays. After recovery, the primary node automatically goes back into service.

Limitation for Suspended Role

Though GRIP is supported in a cluster, there is a limitation when the suspended protection role is used on the standby node in the cluster. The recommendation is to either switch the standby to the leader or apply the suspended role in the redundancy profile to the leader.

Configure Synchronization

You must synchronize the configuration of the two GigaVUE nodes involved in the GRIP solution. The configuration items that must be synchronized are as follows:

■   the signaling ports, as dictated by the signaling link cabling
■   the inline networks, as dictated by the network path cabling between the two GigaVUE nodes
■   the redundancy profiles. The redundancy profile of each GigaVUE nodes needs to have the same signaling port as well as a redundancy role that is compatible with the redundancy role on the other GigaVUE node. For example, one is configured with the primary role and one is configured with the secondary role.
■   the inline tools
■   the inline maps

For a configuration example of two GigaVUE‑HC3 nodes, refer to Example: Gigamon Resiliency for Inline Protection. In the example, the configuration is the same on both nodes, except for the protection role (primary or secondary).

Display Redundancy Control State

To display the Redundancy Control State, go to the Inline Networks page and click on the alias of the Inline Network for which you want to display the redundancy control state. The state is displayed on the Quick View under Configuration.

Table 4: Redundancy Control States

Table 4: Redundancy Control States

State

Description

Neutral

No redundancy profile is configured.

Suspended

The protection role is configured as suspended.

Primary Forwarding

The protection role is configured as primary. The node is acting in the primary role. Traffic flows through this node.

Secondary Bypass

The protection role is configured as secondary. The node is acting in the secondary role. Traffic bypasses this node.

Secondary Forwarding

The protection role is configured as secondary. The node is acting in the primary role due to a loss of power on the primary node. Traffic flows through this node.

How to Use Suspended Role for Maintenance

Use the suspended protection role to perform maintenance activities on the primary and secondary nodes. Maintenance activities include: bringing up a module, shutting down a module, or swapping a module.

For example, to remove a module on one of the GigaVUE‑HC3 nodes (Primary node), use the following steps on that module:

1.   Select Physical > Orchestrated Flows > Inline Flows > Configuration Canvas > Redundancy.
2. On the Redundancies page, for Protection Role, select suspended, and then clickOK.
3. Once this is configured, the Primary node will be moved to 'Suspended' and the Secondary node will be moved to 'Secondary Forwarding' state. All the traffic will now be forwarded to the Secondary node and the Inline Tool inspection takes place.
4. Perform the maintenance activity in Primary node, like bringing up a new module, shutting down a module, swapping the modules, replacing the external inline tool.
5. Once the maintenance is done, revert the Protection Role in Primary Node back to 'primary'. This will move the Redundancy Control State back to the Primary Forwarding and traffic will start flowing via the Primary Node.

In case of a maintenance activity (chassis, card, external inline-tool) required in Secondary node follow the below steps:

1.   Set the Protection Role to 'suspended' in the redundancy profile.
2. Once this is set, the Secondary node will be moved to 'Suspended' and the Primary node will remain in the 'Primary Forwarding' state and will handle the traffic.
3. Do the required maintenance activity in secondary node.
4. Once the maintenance is done, revert the Protection Role in Secondary Node back to 'secondary'.
5. This will move the Redundancy Control State back to the “Secondary Bypass”.

GRIP for Mixed Topologies

GRIP supports mixed topologies. The two nodes in the GRIP configuration do not both have to be the same GigaVUE® HC Series nodes but the speed of both nodes must be matching. For example, one node can be a GigaVUE‑HC1 and the other node can be a GigaVUE‑HC1-Plus. However the port speed on both nodes (10Gb) must match.

Upgrade Procedure

There are no specific procedures for upgrading the nodes in the GRIP deployment, but we would recommend the below steps to be on the safer side. Even when the upgrading device goes into an issue state, traffic will be inspected in any one of the nodes.

■   Refer the "Supported Upgrade Path—Standalone Nodes" to know about the order of build version in which the GigaVUE-OS needs to be upgraded.
■   Save the configuration and take the backup of both Primary and Secondary node.
■   First upgrade the secondary node so that traffic will get inspected in the Primary node.
■   Once the Secondary node upgrade gets completed then go for the Primary node upgrade.
■   When the Primary node upgrade is in progress, traffic will be inspected in the Secondary node as the failover kicks in, with the help of the signaling port.
■   As soon as the Primary node upgrade is complete, the signaling port will come up, and the Primary Node will start inspecting the traffic.

Pros and Cons

Upgrade Secondary Node followed by Primary Node

Pros:
■   Traffic will always be inspected, except for the delay during the primary to secondary node switch.
■   Even when the primary node falls under some unreachable state or gets a continuous reboot during the upgrade, the traffic will still be inspected in the secondary.
Cons:
■   Time-consuming as upgrades need to be done one by one.

Upgrade both nodes together

Pros:
■   Time taken for upgrade will be minimal as both the nodes will get upgraded together.
Cons:
■   During the upgrade, all the traffic will get bypassed, and no inspections will be done.
■   If the primary node falls into any issuing state and only the secondary comes up, then traffic will still not get inspected in the tool and bypassed.

Rules and Notes

Keep in mind the following rules and notes when you work with the Gigamon Resiliency for Inline Protection feature:

1. Physical Bypass should not be enabled when the redundancy profile is configured in inline network ports.

2. The signaling port type should be a stack port, and only one port should be used.

3. Adding the Inline Networks in the Inline Network Bundle and deploying the Solutions is recommended, which will be easy to export and import across the GRIP Nodes.

4. Post-reload or Power Cycle, the signaling port link stays down when the redundancy profile is attached to the inline network and no maps have been configured. A map should be configured to bring the signaling port up. If a map exists, the signaling port will appear without any issues.

5. Link Failure Propagation is not recommended when copper ports (TAP card ports) are involved in Inline Network ports, and only one path (a-to-b alone) is available. If the Inline Network has both paths, then it is a best practice to leave LFP enabled.

6. Gigamon Resiliency for Inline Protection (GRIP™) is not supported in GigaVUE-HCT devices.

7. GRIP is not supported in other GigaVUE TA Series devices due to the absence of BPS modules.

Refer to Flexible Inline Arrangements—Rules and Notes, which also apply to GRIP.

Limitations

■   All the inline components should be located in the same box within the cluster..
■   Although GRIP is supported in a cluster, there is a limitation when the suspended protection role is used on the standby node in the cluster. It is recommended to either switch the standby to the leader or apply the suspended role in the redundancy profile to the leader.

Troubleshoot

If any of the below issues occur then kindly follow the given steps to isolate the issue.

Signaling Ports Down

1. Check if the power is proper from the optics; if not, try replacing the optics with new ones in a maintenance window

2. If the issue occurs after reloading, check if the maps are configured on the inline network to which the redundancy profile is attached.

3. If maps are not configured, deploying a map will bring up the signaling ports.

4. If a map is available and the signaling ports are still down, contact Gigamon Support for assistance.

Traffic outage in Inline Tool

1. Check if the Redundancy Control State is set to Primary Forwarding in the Primary node or Secondary Forwarding in case traffic is handled in the Secondary Node.

2. Check if the Inline Tool Flex Traffic Path is configured as “Bypass” by mistake. If so, revert to To-Inline-Tool to recover the traffic.

3. Check if the Inline Tool ports are in downstate and failover kicked into tool bypass (the default failover for Inline Tool). If so, correct the optics power, cable, and external Inline Tool faultiness.

4. If the issue persists, contact Gigamon Support for assistance.

Network Traffic Outage

1. Check if any of the Inline Tool’s Flex Traffic Paths is set to “Drop” by mistake. If so, revert the Flex Traffic Path to To-Inline-Tool.

2. Check if any Inline Tool ports are down and failover kicked into tool-drop or network-drop. If so, check the optics power, cable, and External Inline Tool Faultiness and correct the same.

3. Check if the traffic hits the map and drops in any Inline Component ports using 'show port stats port-list <port-alias>.'

4. Try redeploying the Flex Inline Solution from GigaVUE-FM and check if the traffic resumes. If not, contact Gigamon Support for assistance.

FAQs

This section answers frequently asked questions when configuring the Gigamon Resiliency for Inline Protection feature.

How many members can we have in the GRIP configuration?

It is recommended to have two nodes to do the GRIP configuration where one node acts as the Primary and the other acts as the Secondary.

What happens if the primary node becomes unresponsive?

Even if the Primary node becomes unresponsive, traffic should not be impacted as the unresponsiveness is from Software, whereas traffic will be forwarded to the Hardware level. Also, unresponsiveness in the Primary Node will not trigger the failover switch to the Secondary.

Is GRIP Supported in Flexible Inline Maps?

Yes, GRIP is supported in both Classic and Flexible Inline Maps.

What happens if we delete a map on the primary?

When we delete a map on the primary node, irrespective of the inline-network traffic path, the traffic is switched to the secondary node.

Will the configuration between the Primary and Secondary nodes get synchronized automatically?

.The user needs to ensure that all the configuration changes made in the Primary node are also made in the Secondary node. Refer to Configuration Synchronization for more details.