on the stateful failover active / standby

Similar Questions

• Help about LAN-based failover active / standby on pix 7.0

  Hello

  I wonder why my status active / standby faiover having to wait. And when I do sh failover state he failed on Hello not hear talk of companion to the standby state (see attachment)

  Failover on

  Status of cable: n/a - active LAN failover

  Unit of primary failover

  Failover LAN Interface: failover GigabitEthernet1 (top)

  Frequency of survey unit 1 seconds, 3 seconds hold time

  Interface frequency of survey 15 seconds

  1 political interface

  Watched 3 Interfaces maximum 250

  failover replication http

  Last failover to: 02:39:25 MYT on April 15, 2006

  This host: primary: enabled

  Activity time: 184985 (s)

  Interface inside (10.103.1.15): Normal (pending)

  Interface to the outside (210.187.51.2): Normal (pending)

  DMZ (210.187.51.81) of the interface: Normal (pending)

  Another host: secondary - ready Standby

  Activity time: 0 (s)

  Interface (0.0.0.0) inside: Normal (pending)

  Interface (0.0.0.0) outdoors: Normal (pending)

  Interface (0.0.0.0) dmz: Normal (pending)

  Failover stateful logical Update Statistics

  Link: failover GigabitEthernet1 (top)

  Stateful Obj xmit rcv rerr xerr

  101718 General 0 419 0

  sys cmd 419 0 419 0

  time 0 0 0 0

  RPC services 0 0 0 0

  Conn 74719 TCP 0 0 0

  Conn 21655 UDP 0 0 0

  ARP tbl 4928 0 0 0

  Xlate_Timeout 0 0 0 0

  VPN IKE upd 0 0 0 0

  VPN IPSEC upd 0 0 0 0

  VPN CTCP upd 0 0 0 0

  VPN SDI upd 0 0 0 0

  VPN DHCP upd 0 0 0 0

  Logical update queue information

  Heart Max Total

  Q: recv 0 2 419

  Xmit Q: 0 2 104936

  Is there something wrong with my setup?

  I use active LAN failover / standby.

  I am attached to my firewall configuration, failover, failover state sh sh and sh story of failover.

  looking at your configs... IP addresses for the rescue unit are missing... It should read something Central this:

  interface Ethernet0

  nameif outside

  IP 209.165.201.1 255.255.255.224 watch 209.165.201.2

• Eve activates for the pair of active standby

  Hi all
  The standby database will take over of duty of the current database when the database fails?
  If this is not only a read-only database on hold and how high-availability works pair active support?
  
  
  Thank you

  As I mentioned earlier, there are two aspects to this. failover of the database and the client failover. The database failover is initiated by calling the internal commands that I described earlier. Something outside of TimesTen should do when it detects a failure and decides to failover. You can write. / script your own framework to do this (very complex and difficult to get right) or use Oracle Clusterware (one free of the fresh product but can be a little complex to install and need some resources). Client failover is based on failover of the database; the database failover occurs when all clients configured for client failover are failed over at that time. You cannot failover of client without the failover of the database happening. Note that this client failover works for true client/server connections. It cannot be used for connections in live mode.

  Chris

• How to restore primary after the managed failover to standby using sql

  Please take note of measures to restore a back-end database after failing during the eve. The old standby mode is now the main role. Don't use only not the broker. You use SQL statements to restore the old primary back in custody of data.
  
  Published by: 783527 on January 31, 2012 13:39

  Hello;

  If you want a preview my quick test scores are here:

  http://www.Visi.com/~mseberg/Data_Guard_Failover_Test_using_SQL.PDF

  Best regards

  mseberg

• Safe way to restart the pair active / standby

  Hello

  I need to reboot my ASA5520. We have a pair of active / standby and I want to make sure they come in playing well and not in a fierce struggle.

  Any advice on how to reload these machines and optimize operating times?

  Thank you

  Pedro

  Pedro

  If you are not bothered in regards to he who becomes primary then simply pick one, reboot, wait until it has developed and then reload it.

  As long as you have properly configured failover, there should be minimal downtime, just the time it takes to switch when you reload.

  If you want to stay as the main primary school, then you need to recharge it first, let it come as standby, then reload the other and the former primary school will now become primary.

  Note that recharge the standby is firstly the best approach simply because you then have only a failover IE. When Eve comes backup and resumes, it's a standby feature then you recharge the primary here will be a failover.

  Jon

• The networking redudancy, 2 network cards, active/active or active / standby?

  I have two network cards available for my management network.   More 'design' documents that I saw an active set to NIC and the other in standby mode.  What is the advantage of this approach compared to their definition both active?  Suppose I have no limitation of NIC and these 2 ports are dedicated to management only.

  greenpride32 wrote:

  I have two network cards available for my management network.   More 'design' documents that I saw an active set to NIC and the other in standby mode.  What is the advantage of this approach compared to their definition both active?  Suppose I have no limitation of NIC and these 2 ports are dedicated to management only.

  If you have no other exchanges on this vSwitch then you can leave them as an asset with no problems.

  Sometimes, the VMK vMotion interface is placed on the same vSwitch as VMK and if yes, it is good to separate them for different vmnic with active / standby.

• Is this declaration for the creation of correct active standby pair?

  Hi, I have two servers, one is "baal" and the other is "diablo".
  I want to create a pair of active standby with the RETURN of TWOSAFE and disable the BACK after that 5 times timeout happens and resume BACK if less than 8 ms recognize.
  I do not sure if 8 ms is reasonable if the starting node is far behind the active node (assuming the starting node is to hardware failure).
  Here's my response:
  --------------------------------
  PAIR of EVE ACTIVE CREATE eppdb WE "baal", eppdb ON "diablo."
  RETURN TWOSAFE
  STORE eppdb WE 'baal '.
  DISABLE THE BACK EVERY 5
  CURRICULUM VITAE OF RETURN 8;
  -------------------------------
  Is what I'm not clear on the key word "STORE."
  I noticed that there are a lot of 'STORE' after RETURN of TWOSAFE and make that confused me for a while.
  If this assertion is false, please correct me.
  
  Thank you.

  In fact, these options apply to the store level so that the statement is as follows:

  CREATE A PAIR OF ACTIVE STANDBY
  eppdb WE 'baal', eppdb ON TWOSAFE of RETURN "diablo."
  STORE eppdb WE 'baal '.
  DISABLE THE RETURN ALL 5 HP BACK 20
  RETURN SERVICES TURNED OFF WHEN THEY ARE ARRESTED
  SUSTAINABLE COMMITMENT ON
  COMMIT LOCAL ACTION VALIDATION
  WAIT BACK 30 TIMES
  STORE eppdb ON "diablo."
  DISABLE THE RETURN ALL 5 HP BACK 20
  RETURN SERVICES TURNED OFF WHEN THEY ARE ARRESTED
  SUSTAINABLE COMMITMENT ON
  COMMIT LOCAL ACTION VALIDATION
  WAIT BACK 30 TIMES;

  All these options and what they mean are described in detail in the (very good) documentation. I would recommend that you read in order to understand that you configure here... Just a summary.

  Whenever the wait isn't available, application commits will experience timeouts (TT WARNING 8170). Request code must be prepared to receive and respond to this warning. Finally (according to the options DISABLE RETURN and RETURN WAIT [see below]) TT come back asynchronously and wait times stops. Once sleep is available and the stores are back in sync TT will increase from TWOSAFE BACK mode once again.

  DISABLE BACK every 5 - turn off the twosafe return (i.e. emergency in asynchronous mode) treatment after 5 consecutive times (each timeout will be 30 seconds)

  BACK to the TIME of WAITING 30 - wait up to 30 seconds (a very long time) for recognition in return for service to the peer

  The combination of these two parameters means that in the event of network failure or the eve past active offline will be waiting for about 150 seconds (5 x 3) before disabling the twosafe return processing. During this time of transaction request will be and experience timeouts. I would suggest smaller values such as 2 and 10 maybe but only t = OU can decide what is reasonable for your environment.

  SUSTAINABLE if ENGAGING ON - whenever the return services are then disabled, force all commits to be sustainable (synchronous disk). This will degrade performance, but provides continuous data protection when the instance of relief is not available. If you don't want this feature so do not configure (but then when the watch is not available you are exposed to data loss if the assets fails).

  RETURN SERVICES OFF when THEY are ARRESTED - disable services return (spend in asynchronous mode) each time the replication agent stops.

  LOCAL validation ACTION COMMIT - if a validation Gets a time-out warning (TT8170) then the transaction status is uncertain. The application can choose to engage locally (allowing it to continue the treatment), in which case the txn is committed. will be added to the queue of replication for a (possible) retransmission in asynchronous mode. It is the recommended behavior and is defined by this option. The other option is NO ACTION, which is also the default value. With this option, the application must implement the logic for its own decision, and then call a few specific TT builtin functions to decide how to deal with the uncertain state. This adds significant complexity. Until the application makes a decision, it is impossible to continue.

  See the documentation for more information.

• Procedure to upgrade (Active-Standby) ASA

  Hi all

  I just want to check if our upgrade scheduled SAA causes no problems during the procedure.

  Material: ASA5525-X

  Existing IOS: 9.1.2

  Update to: 9.4.2 (11)

  Setup: Active standby

  We intend to be upgraded the first start, after that, is the day before still will to resume after we force a failover him so that we can then pass the main firewall.

  Thank you very much!

  Yes, it's the process. I did it several times it it works perfectly when you follow the documented procedure.

  http://www.Cisco.com/c/en/us/support/docs/security/ASA-5500-x-series-NEX...

• Cisco ASA CX active / standby

  Hello friends

  One of my clients has a couple of ASA 5545 work quite well as active / standby failover. But the configuration that is not copied to the secondary unit is CX. Do you know how to get it? Please, do not hesitate to request further information, comment or document will be appreciated.

  Kind regards!

  The CX configurations are not part of the active reserve ASA replication.

  How to synchronize the configurations of CX is to use PRSM (first Security Manager - product under separate license, not the one provided with the CX) running on a virtual machine in device mode.

  Reference.

  Once you find out what pair CX with a PRSM "out of area", all configuration changes are deployed both to the pair.

• Cisco ASA active / standby Mac addresses

  Hi all

  Please advise on the underside.

  Say that I have to active / standby. I have two interfaces on each firewall configured as below

  For the primary (active)

  interface GigabitEthernet1 / 0--> Say burned in mac address is 6c41.6bb0.1111
  nameif test1
  security-level 0
  10.1.1.1 IP address 255.255.255.0 ensures 10.1.1.2

  im int 2/0

  Test2 nameif--> Say burned in mac address is 6c41.6aa0.1111
  security-level 0
  10.2.1.1 IP address 255.255.255.0 ensures 10.2.1.2

  For secondary school (currently idle)

  interface GigabitEthernet1 / 0--> Say burned in mac address is 6c41.6bb0.2222
  nameif test1
  security-level 0
  10.1.1.1 IP address 255.255.255.0 ensures 10.1.1.2

  im int 2/0

  Test2 nameif--> Say burned in mac address is 6c41.6aa0.2222
  security-level 0
  10.2.1.1 IP address 255.255.255.0 ensures 10.2.1.2

  According to my understanding of the DOC.

  To transfer traffic, other devices will use the main unit mac address and IP addresses.

  Please consider under the scenario:

  My primary unit has failed and secondary took over as active unit.

  Primary (standby)

  Secondary (active)

  secondary Q1) so now will use the IP address and Mac address as below? Please confirm

  10.1.1.1 & 6c41.6bb0.1111

  10.2.1.1 & 6c41.6aa0.1111

  Q2) I believe that the ip address of the primary (Standby) in aid will be

  10.1.1.2

  10.2.1.2

  It will use what mac addresses? What is the BIA of the secondary unit? Please notify

  Thanks in advance.

  Q1 Yes), IP address and the MAC will be moving to the new active unit so no matter who the network except the switch will notice failover event

  Q2) Yes, primary (watch now) will use IP addresses and MAC addresses available for secondary:

  6C41.6bb0.2222

  6C41.6aa0.2222

  Kind regards.

• ASA 5520 Active standby and ssl vpn loadbalancing

  I have a pair of Asa 5520 failover active rescue running. Can I use these two machines in a cluster of ssl vpn load balancing?

  N ° when a couple active / standby is part of a cluster of VPN, the rescue unit is still pending - she will not be actively terminate user sessions. Only the active cluster members (and non-failover) will do.

• ASA 5520's active / standby, do not sync AnyConnect Profles

  I'm working on two ASA 5520 configuration in a configuration active / standby.  I have almost all the same between the two units for AnyConnect work waiting for both of the following:

  AnyConnect Client profiles

  AnyConnect Client software

  If I download the software manually to the standby unit I get warning against them are not synchronized, and on the active unit if I do a 'writing' standby does not copy the profile or the software.  Anyone has any ideas on this?

  Thank you

  Dan

  Hello

  Bug CSCsr31403

  When you configure the ASA in a failover pair, you must manually copy the AnyConnect and CSD images for the primary and the secondary ASA.   You must also do the same for the Anyconnect profile file if you use it.

  Either force the ASA shall become active and copy the files to the new ASA assets using ASDM or copy files directly from the console ASA ensures using tftp or ftp.

  Kind regards

  Note the useful messages

  Julio

• ASA (Active standby) site-to-Site VPN Question

  Hello

  I had the question as below

  Site A - 1 unit of VPN Netscreen firewall

  Site B - 2 units of ASA VPN firewall

  

  I'm trying to set up a VPN from Site to Site, but a problem with the configuration of the active standby.

  Initially, I tried Site A 1 unit Netscreen and Site B 1 unit ASA vpn site-to-site. There's no problem.

  but joins another ASA at site B and configure it as active / standby then I saw a few questions that I need help from here

  Things that confuse me.

  (1) do I need to use 2 public IP address on the SAA? (public IP for assets and the other a public IP ensures IP. it seems like a waste of the public IP address.)

  (2) link failover and dynamic failover can be configured on the same interface?

  Please help in this case, configuring VPN from Site to Site with active configuration / standby.

  just to add to this,

  just be careful when you dedicate an interface for dynamic failover, make sure that it is the highest capacity, or at least the same ability as an interface offers th

  so if you use concert for passing traffic interface uses a concert for dynamic failover port, several times we saw people using the management for steful interface when they ports of concert and they run into issues where the dynamic function does not work as expected

  You can read more here

  https://www.Cisco.com/en/us/docs/security/ASA/asa80/configuration/guide/failover.html#wp1051759

• automatic creation service_name to sleep while the other fails in standby mode

  Hello

  my environment:

  1 primary, standby active 2

  DataGuard without CARS

  Fast-start failover active

  DB 11 G 2

  I wonder how to solve the following scenario:

  Watch 'first' with noms_service 'first_sn' db fails.

  Watch 'second' with noms_service 'second_sn' db is still in place as well as the primaries.

  HOWTO manage creation automatic service_name on standby db 'second' due to the redirection of the connections client read-only?

  in other words, as soon as one of the eve broke down, the other waiting Gets the service name from the database failed, as in this example the

  Watch 'second' db would have these Service_Name:

  view the service_name parameter

  first_sn, second_sn

  Thank you very much!

  The trigger to start the service on the two standbys. The tnsnames would deal with the connection.

  http://docs.Oracle.com/CD/B28359_01/network.111/b28317/tnsnames.htm#NETRF262

  In light of what you really want you can avoid the trigger and use several address lists in your tnsnames file.

  Best regards

  mseberg

• T60 - problems with long active standby

  Hi all

  Hopfully, can someone point me in the right direction with a problem I encounter with one of the ThinkPad T60.

  Here's the run down:

  We did 3 of the T60 (type 6369-A56) last December (online sales of web). 1 of the three displays problems when dealing with the day before. If the laptop goes into sleep mode during more than anywhere between 30 minutes to 1 hour that the laptop is not repeated mode standby when you open the lid of the laptop or use the Fn function key. When two approaches to bring the laptop leaves standby mode the Moon cresent LED stays on, the HARD Drive LED turns on for a brief second and then turns off, the power light and strong say, the screen remains blank at any time. When this happens, you can hear/feel the disk HARD turns to the top and doing something and you can also hear the CPU fan spin in the action as if it came out the day before. Does not seem to have taken power to make a difference with this problem.

  I already talked to Lenovo support RELATIVE to this subject and they believe it's a software problem. I did a few more tests to try to determine that this is what I did...

  I took a Norton Ghost image of one of the 2 working T60 HDD (Eve works perfectly on two other laptops) and used this Image for ghost in the T60 defective HARD drive, this gave me two identical laptops (hardware and software). Power for laptop mode is as follows, turn off the display @ 5 minutes, switch Mode suspend @ 15 minutes. I left computers laptops only at exactly 09:05, 5 minutes later so empty screens, @ 15 minutes later, the two went in standby mode. 45 min after sleep mode had struck I returned to two laptop computers and for laptops (at the same time), use the Fn key and the defective T60 does not return from the day before and the same symptoms as mentioned earlier it happened.

  After this I decied to see what would happen if I changed the HARD drive between laptops (from the laptop failed drive in the laptop to work), failed hard drive of the laptop working in laptop. After the passage of the HARD drive, I ran the same tests as above. Yet once, 45 minutes after the day before had been very active, I used the Fn key to get out of sleep mode and the laptop with the failed hard drive from the laptop worked directly at the exit of the batt, but the hard drive of the laptop from work to the faulty laptop displayed the same problems as mentioned above thus excluding the software as the cause of the problem.

  My question is, knowing all this, where is the problem likely to be? Is - it's going to be RAM related or associated with Board?

  The result of likley going to be back to Lenovo for repair?

  See you soon
  Chris

  Hello

  Yes, after trying one number of other things I determinined it was the motherboard at fault. Introduced a job guaranteed with Lenovo and returned to the unit for repair. Less a week we had it back, running without problem (they replaced the sys Board).

  See you soon
  Chris