HA mode using Keepalived

HA mode using Keepalived

High Availability Mode of Trisul ensures that a Trisul cluster always alive in the event of a single node failure. This article describes how it can be configured step by step.

Keepalived

It is a Linux implementation of the VRRP Protocol which allows for establishing a Virtual IP. We will be using HA based on VRRP protocol in this article.

Architecture

Steps

1. Install Trisul Network Analytics on both HA DR nodes.

LICENSE: You need the UNLIMITED license to enable redundancy HA and DR features

2. Configure keepalived on both MASTER and SLAVE

Follow instructions in Configure keepalived

Ensure the PRIORITY of MASTER is atleast 50 higher than the priority specified in the SLAVE node.

3. Use IPTABLES on MASTER

During normal operation both nodes will be in active-active mode. The NETFLOW sent to the MASTER node will be mirrored to the SLAVE node using IPTABLES rule. You can also use the netflow-shim-tunnel to accomplish this

iptables DNAT rule

iptables -t nat -A PREROUTING \
    -p udp -m udp --dport 2055 -j DNAT \
        --to-destination 10.10.100.116

systemctl start iptables

systemctl enable iptables

Make it persistent using the iptables-services package

dnf install iptables iptables-services

iptables-save > /etc/sysconfig/iptables

To list the NAT rule

iptables -t nat -v -L -n --line-number

To delete (for testing)

iptables -t nat -D PREROUTING 1

Table of Contents