Skip to main content

HA with CGW and MultiWAN Failover

This document explains how to set up high availability (HA), Cloud Gateway (CGW), and MultiWAN Failover, which is compiled from different sources.

High Availability (HA)

High Availability (HA) is a system in which two devices (a master and a backup) are always up and running, and if the master device fails, the backup immediately takes over. This ensures that services and data are always available, even if there is a hardware or software failure. HA uses techniques such as load balancing to distribute work so that services continue uninterrupted.

Key aspects of HA configuration include:

  • Interface Configuration: Configure the network settings for both the master node and the backup node. Enter information such as a fixed IP address, netmask, gateway, and DNS server. It's important to note that a Floating IP address is not used in this interface configuration; instead, each node will have its dedicated IP address. For example, Set IP 192.168.1.2 for the master node and IP 192.168.1.3 for the backup node, with gateway 192.168.1.1 and DNS 192.168.1.1.
  • Node Creation: Create a master node and a backup node, and configure the heartbeat settings so that if the master node encounters an issue and shuts down, the backup node automatically starts working. This setup includes specific scripts on the master node: rsync.sh for synchronization and wan_connected.sh for WAN connectivity checks. These scripts are only present on the master node and will not be visible on the backup node.
  • Synchronization Settings: Changing synchronization settings so that the backup node is always connected to the master node and both have the same data.
  • Verification: To see if the HA configuration is working properly, check the status of both nodes and see if one node is down, and then the other node is working.

For detailed configuration instructions, refer to the High Availability Documentation.

MultiWAN Failover

Failover means that when the main system stops working, another backup system automatically starts up. MultiWAN failover also works similarly for network connections. If the master goes down, traffic automatically switches to the backup. This keeps the network always up and running.

Key aspects of MultiWAN Failover configuration include:

  • Ethernet Interface Configuration: Setting up an Ethernet port for more than one internet connection and making sure the correct type is selected.
  • Failover Settings: Enable and configure MultiWAN failover. This includes sending information via email and checking if the interface is working properly.
  • Member Creation: To add new people to Lucy, combine the matrix and weights using the MultiWAN interface.
  • Policy Configuration: To create rules to determine how to send information through another route if one route is blocked.
  • Rules Configuration: To understand what traffic is like and to create traffic rules to regulate it.

For detailed configuration instructions, refer to the MultiWAN Failover Documentation.

Cloud Gateway (CGW)

A cloud gateway (CGW) is like a door that helps in reaching another network. It helps different networks to communicate with each other and exchange data. CGW can work in different ways.

  • Global Mode: All external traffic goes through the CGW.
  • Full Mode: All international, domestic, and special types of internet access go through CGW.
  • Selective Mode: CGW will only use the designated domain and its address.

Key aspects of CGW configuration include:

  • Enabling/Disabling CGW: Turning CGW on or off when needed.
  • Mode Selection: Choose the right working method for CGW.
  • Policy Configuration: For traffic coming in or going out of the CGW, decide whether to allow it or not.
  • Whitelist/Blacklist Configuration: Create whitelists and blacklists to decide which traffic to allow and which to block.
  • Source Subnet Configuration: To tell where network traffic is coming from, type the source subnet IP.

For detailed configuration instructions, refer to the Traditional Cloud Gateway Documentation

Combining HA, MultiWAN, and CGW

Combined Benefits

Combining HA, MultiWAN, and CGW creates a robust and never-failing network that includes:

  • High Availability: Redundancy to prevent downtime.
  • Enhanced Connectivity: For increased bandwidth and failover, use more than one Internet connection.
  • Traffic Control: CGW is used to organize network traffic and keep it secure.

Example Scenario

For continuous internet access, two internet providers will be required, which will filter and control traffic.

  1. HA: Configure the master and backup nodes with their dedicated IP addresses to ensure that they remain operational even if the network fails. The master node is configured with rsync.sh for data synchronization with the backup and wan_connected.sh for monitoring the primary WAN connection. To add it, navigate to Services → Keepalived → Scripts and click the Add button, then go to the script there and add the script. For more details, refer to the documentation provided here: Synchronization Settings for Master_Node & Backup_Node
  2. MultiWAN: ​​Set MultiWAN to automatically switch to a second internet connection if the first internet connection goes down.
  3. CGW: Implement CGW to block specific access and enforce internet usage policies.