This is an old revision of the document!
Table of Contents
HA mode using Keepalived
High Availability Mode of Trisul ensures that a Trisul cluster always alive in the event of a single node failure. This article describes how it can be configured step by step.
Keepalived
It is a Linux implementation of the VRRP Protocol which allows for establishing a Virtual IP. We will be using HA based on VRRP protocol in this article.
Architecture
Steps
1. Install Trisul Network Analytics on both HA DR nodes.
2. Configure keepalived on both MASTER and SLAVE
Follow instructions in Configure keepalived
3. Use IPTABLES on MASTER
During normal operation both nodes will be in active-active mode. The NETFLOW sent to the MASTER node will be mirrored to the SLAVE node using IPTABLES rule. You can also use the netflow-shim-tunnelhttps://github.com/trisulnsm/netflow-shim-tunnel to accomplish this
iptables DNAT rule
dnf install iptables iptables-services
iptables -t nat -A PREROUTING \ -p udp -m udp --dport 2055 -j DNAT \ --to-destination 10.10.100.116 systemctl start iptables systemctl enable iptables
Make it persistent
iptables-save > /etc/sysconfig/iptables
To list the NAT rule
iptables -t nat -v -L -n --line-number
To delete (for testing)
iptables -t nat -D PREROUTING 1