The NSX Edge router can be deployed in a highly available configuration, by creating two edge appliances. When you are installing your first edge router you get the option to enable HA, as seen here:
I wrote in detail about deploying an edge router in this post. If you didn’t choose to enable HA when installing, you can enable it later on. HA for the edge router works in an active/standby configuration, with the primary edge appliance being active, and the secondary in the standby state. The configuration of the primary appliance is replicated to the standby.
Failover from primary to secondary occurs if a heartbeat (sent every second) isn’t received after a specified amount of time (the default is fifteen seconds). After this time the standby appliance transitions to the active state, and starts the services that were previously running on the primary appliance. There is a brief outage for load balancer and VPN sessions whilst it switches over, but other services/connections should be unaffected.
Configuring HA After Deployment
To enable HA for a already deployed Edge router, head to ‘Networking and Security’ in the vSphere Web Client, then the ‘NSX Edges’ menu item. Double click the edge router that you want to enable for HA. Once there, select the ‘Manage’ tab and then the ‘Settings’ sub-tab:
In the HA Configuration area, click change:
After clicking OK, a new edge router instance will be deployed which will become the standby router. Once the task completes, HA should show as ‘Enabled’ and you will see a second router instance:
You can check the status of HA by establishing a console session to the edge router and running the ‘show service highavailability’ command:
vShield-edge-4-0> show service highavailability
Highavailability Status: running
Highavailability Unit Name: vshield-edge-4-0
Highavailability Unit State: active
Highavailability Interface(s): vNic_1
Unit Poll Policy:
Frequency: 3 seconds
Deadtime: 15 seconds
Stateful Sync-up Time: 10 seconds
Highavailability Healthcheck Status:
Peer host [vshield-edge-4-1 ]: good
This host [vshield-edge-4-0 ]: good
Highavailability Stateful Logical Status:
File-Sync running
Connection-Sync running
xmit xerr rcv rerr
141792 0 141240 0