We have two ISR4K CUBEs in the same DC by using network redundancy (VPC). Is there any advantage to configure HA with redundancy group? I am planing to use three sub-interfaces used for communicating with the internal network, ITSP and heartbeat, is that OK? Any advice would be appreciated.
I am planning to use two sub-interfaces for the deployment, one is used for the internal and the external (mapped to two public IP on the FW), another is used for the heartbeat. I tested the way in the lab and all is good. Not sure any advantage to place the CUBEs in the DMZ and use three sub-interfaces for communicating with the internal network, the external network and the heartbeat?
Any benefit to separate the LAN (Talk to the internal network) and WAN (other VLAN, could be DMZ) interface on the CUBE? Any idea would be appreciated.
Box to Box is mostly a L3 next-hop redundancy Concept , it works based on Redundancy Interface Identifier (RII) virtual interfaces that is a similar concept to hsrp but for voice, therefore 3 ip's for lan and 3 ip's on the wan towards the telephony provider are allways needed. both the LAN and WAN side will then comunicatin with their respective cube virtual ip address. So in the end it boils down to what your itsp provider supports to interconnect to their voip network.
You should defnitley seperate the LAN from the WAN, into different sub-nets, since this is the backbone of the cube concept, the cube acts as a voip proxy between your voice lan and the providter itsp voip network.
aditionally a 3rd physical or virtual interface needs to be configured for keep-alive between both cube boxes as depicted above.
A VPC in this case can be configured if you have enough phyisical interfaces on the cube box but it will add only access redundancy not voice failover.
Bellow the configuration guide for cube HA