In this article, we invite you to see how we designed a high-availability electrical and Ethernet device for a customer in the field of cybersecurity.

We are going to detail each step from the design to its realization in a Rack Matrix model M1 1U rackmount case.

The entire software management part of failure detection and switching from one motherboard to another is not covered here, because it depends heavily on the software and operating systems implemented on the motherboards and how you want to handle it.

Goal

The goal is to ensure optimal service continuity of the device to the maximum of its capacities and for as long as possible. The duration of service continuity strongly depends on the source of the failure.

Thus,

• During a power outage lasting from a few seconds to a few tens of minutes, the motherboards must be powered for as long as possible until the power source is restored.
• When a motherboard fails, it must be possible to detect this failure and switch processing to the other motherboard present for this purpose.
• When an Ethernet connection breaks, you need to be able to tell the other motherboard to take over.

Prerequisites

Have the operation of the device ensured regardless of the following events:

1. motherboard failure
2. failure or breakage of an Ethernet connection point
3. DC power supply failure
4. failure of one motherboard and DC power supply of the other motherboard
5. total breakdown of the electrical source of the mains 100~220V

Here is the final outline of the design with the above prerequisites

Basis appliance

Here is the 1U router used as the basis for our design.

• A 100~220V mains power supply with transformer to 12V DC
• A motherboard with 3 network ports

Solutions

Here we present the stages of the design responding to each point mentioned in the prerequisites above.

#1 motherboard failure

To overcome the failure of a motherboard, the solution is to add a second. The 2 cards are connected to the same transformer. This involves doubling the power of the transformer to be able to power the 2 motherboards at the same time.

#2 failure or breakage of an Ethernet connection point

To overcome this failure, we add an Ethernet interconnection between the two motherboards of the previous solution #1.

The connection being located internally (inside the box) this has the advantage of not being able to be manipulated or removed by a third person (the customer or an employee) and at the same time there is no unnecessary cable on the front of the router.

#3 DC power supply failure

to overcome this failure, we add a transformer to the previous solution #2 to power the second motherboard.

• The transformer on the right supplies the motherboard on the right
• The transformer on the left supplies the motherboard on the left

If a motherboard's power supply fails, the standby motherboard detects it because there is no more response to ping or any other mechanism from the more powered motherboard.

Ethernet interconnection between the two motherboards (white cable)

#4 failure of one motherboard and the power transformer of the other motherboard

To overcome this unlucky scenario, we add a redundancy module between the two transformers and the two motherboards from the previous solution #3.

#5 total breakdown of the electrical source of the mains 100~220V

To compensate for the total power failure on the 2 mains sources (really bad luck), we are adding an internal battery for each motherboard to the previous solution. Thus depending on the age of the battery and the consumption of the motherboards with their options, the duration of the power supply can be from 20 minutes to more than 2 hours. This is more than enough for the cases of micro cuts (from a few seconds to 5 min) which are the most common, or even gives the motherboard equipped with a 4G modem the time to send the information of the total cut.

Here is the final result for the high-availability router from the company WaWuWe