SD-WAN

 View Only
Back to discussions
Expand all | Collapse all

In EdgeHA deployments, what criteria do EC appliance use to determine which is the master & backup

This thread has been viewed 21 times

  • 1.  In EdgeHA deployments, what criteria do EC appliance use to determine which is the master & backup

    Posted Jul 15, 2025 12:21 PM

    My understand with EdgeHA is, there shouldn't be asymmetric routing e.g. branch traffic egresses EC-1, return traffic should never ingress EC-2.

    • Assuming a pair of ECs are deployed in EdgeHA
    • MPLS-A terminates to EC-1, MPLS-B terminates to EC-2
    • Local SVIs DHCP scopes etc. remain defined on the upstream layer-3 switches

    We're seeing asymmetric from other sites to the location above.

    What criteria do the ECs use to determine which is master/backup?

    Would defining a bogus VRRP segment on the ECs be enough to designate EC-1 is the master or do we need to resort to route policies?

    Thanks



    ------------------------------
    DennisS
    ------------------------------


  • 2.  RE: In EdgeHA deployments, what criteria do EC appliance use to determine which is the master & backup

    Posted Jul 16, 2025 02:45 AM

    In EdgeHA there is no Primary/secondary from an SD-WAN perspective. Tunnels are formed from both appliances over all underlays that you would normally attach to in a single box setup (MPLS-A and MPL-SB in your setup) to the remote locations. It doubles the number of tunnels you need. 

    In your setup EC-1 will get access to the interface that connects to MPLS-B via the HA-cable and EC-2, and EC-2 will connect to MPLS-A vice versa. The EC that will do most of the forwarding ("primary" if you want to call it that) will be the one that is the VRRP-master as it attracts all outbound traffic. Inbound traffic arrives via the tunnel chosen by the remote side which is depending on various factors like tunnel affinity and precedence


    Original Message


Related Content