Failover Limitations
There are a few limitations in the LogLogic LMI failover feature.
- The Real-Time report for Active VPN Connections (under Connectivity) is not available on the standby appliance. It uses a specific shared memory structure that cannot be replicated on the standby appliance.
- The public IP address assigned to the failover function is an alias of the main network interface of the appliance. This is required as part of the mechanism used to update the Address Resolution Protocol (ARP) tables in case failover occurs. Since some routers fail to release the cache of IP and hardware addresses stored in their ARP tables (or store the cache for as long as 10 minutes), the LogLogic appliance sends out an ARP-release packet once per minute. This causes the router to broadcast a discovery request to find the IP address and hardware address of the devices connected to it. When failover occurs, (or when we set up a High Availability (HA) pair), the router ARP tables will be updated automatically.
- The virtual public IP address cannot be used for remote authentication (RADIUS, TACACS). Record the private IP addresses of both appliances in the remote server.
- While setting up an HA pair, various configuration files are automatically synced between the master and slave node. If any configuration file is updated after the setup is complete, you must:
- Manually sync the changes to the slave node by running the command /loglogic/bin/loadsettings on the master node.
- Restart the corresponding engine on both nodes, in the following sequence:
This applies to the following files, defined in /loglogic/conf/rsync_conf_files:
- /root/.ssh/id_dsa
- /root/.ssh/id_dsa.pub
- /etc/ssh/ssh_host_rsa_key.pub
- /etc/ssh/ssh_host_rsa_key
- /etc/issue
- /etc/localtime
- /etc/resolv.conf
- /loglogic/conf/tcpcoll.conf
- /loglogic/conf/ll_tunnel.conf
- /loglogic/conf/ll_tunnel.id
- /loglogic/conf/ll_tunnel.key
- /loglogic/conf/ll_tunnel_c.conf
- /loglogic/conf/dbtablerules/tablerule40.txt
- /loglogic/conf/preloadFmtConf.txt
- /loglogic/conf/activeFmtConf.txt
- /loglogic/conf/arc_limit
- /loglogic/conf/archive_config
- /loglogic/conf/archive.sql
- /loglogic/conf/agg.conf
- /loglogic/conf/snmpd.conf
- /loglogic/conf/mtask.conf
- /loglogic/tomcat/conf/truststore
- /loglogic/data/dfas/*
- /loglogic/data/lea_cert*.p12
- /loglogic/status/database_backup_status.txt
- /loglogic/status/tcp_parser.bfq.cursor
- /loglogic/tmp/lastbackup
- /loglogic/conf/centera.pea
- /loglogic/conf/ffrf/*
- The SSL certificates for HTTPS and LDAP are not replicated from master to slave when using HA.
- Advanced Features are not accessible on the standby appliance in an HA configuration. Before HA configuration, disable Advanced Features on both appliances.
- After a failover, Active Queries tabs are not retained on the new master appliance.
- When logging into the Web GUI for the first time after HA failover, you might see a "Security violation" error when CSRF is enabled. If you see this error, log in again by using the Public IP in a new browser session.
Warning: In failover configuration, the administrator must modify archive mounting points on both master and standby appliances.
- Configure mounting points for SAN or NAS through public IP.
- On the master (appliance A), modify the mounting points from the page.
- When the system prompts you to reboot, click OK.
The former standby (appliance B) becomes the new master after the former master starts the reboot process. The administrator needs to modify the mounting points from the
page for the new master (appliance B) again, before the former master (appliance A) finishes the rebooting process.
Copyright © Cloud Software Group, Inc. All rights reserved.