Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 1958 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HA, active-passive does not synchronize.

IvanildoGalvão

Hello, greetings to all. I set up an active-passive cluster, using QuickCluster, everything went smoothly, all settings were replicated from the primary to the secondary XG. But I am realizing that from then on, any change in rules in the primary XG, or creation of new objects, is not replicated to the secondary XG, is this normal? I don't see error logs related to the cluster, but I was struck by the fact that the Sync Auxiliary Device button is disabled.

I'm sending here some images with configuration information.

console> system ha show details
 HA status              : Enabled
 Current Appliance Key  : C330ACFCHKHRB5B
 Peer Appliance Key     : C330ACGTK64MQF7
 Current HA state       : Standalone
 Peer HA state          : Fault
 HA Config Mode         : Active-Passive
 Load Balancing         : Not Applicable
 Dedicated Port         : Port7
 Current Dedicated IP   : 169.254.192.1
 Peer Dedicated IP      : 169.254.192.2
 Monitoring Port        : Port1,Port2,Port3
 Auxiliary Admin Port   : Port1
 Auxiliary Admin IP     : 10.107.32.3
 Auxiliary Admin IPv6   :
 HA Cluster ID          : 0
 Keepalive request interval     : 250
 Keepalive attempts     : 16
 Hypervisor assigned MAC addresses      : Disabled
 HA preemption          : Disabled

Any idea what might be going on?



This thread was automatically locked due to age.
Parents
  • 0

    Hi IvanildoGalvão,  Unfortunately your current HA status is not proper and Device showing Current HA state : Standalone & Peer HA state : Fault and due to that your configuration not in sync over both the appliance. 

    You may check the required log files for HA services to confirm why HA status is not proper and once HA status will be proper both the device will sync settings.

    Log file details:

    https://support.sophos.com/support/s/article/KB-000038142?language=en_US

  • 0 in reply to Vishal_R

    I collected this information, but there is a network cable connected to port7 on both devices. It was even through this connection that the HA was configured and the information replicated.

    XG330_WP02_SFOS 18.0.4 MR-4# tail -f ctsyncd.log
    [Wed Dec 30 12:19:29 2020] (pid=12623) [notice] resync requested by other node
    [Wed Dec 30 12:19:29 2020] (pid=12623) [notice] sending bulk update
    [Wed Dec 30 12:19:34 2020] (pid=12623) [ERROR] no dedicated links available!
    [Wed Dec 30 12:20:41 2020] (pid=12623) [notice] resync with master conntrack table
    [Wed Dec 30 12:20:41 2020] (pid=12623) [notice] sending bulk update
    [Wed Dec 30 12:20:44 2020] (pid=12623) [notice] committing all external caches
    [Wed Dec 30 12:20:44 2020] (pid=12623) [notice] Committed 0 new entries
    [Wed Dec 30 12:20:44 2020] (pid=12623) [notice] commit has taken 0.015433 seconds
    [Wed Dec 30 12:20:44 2020] (pid=12623) [notice] flushing external cache
    [Wed Dec 30 12:20:47 2020] (pid=12623) [notice] resync with master conntrack table

  • 0 in reply to IvanildoGalvão

    Hi IvanildoGalvão, You may check applog.log and msync.log as well to confirm more. If no clue then you may open a support case to conclude the issue further OR  try to disable HA and have fresh HA setup again to see how it goes.

  • 0 in reply to Vishal_R

    Problem solved.


    One of the WAN ports had no cable connected, so after it connected and the port linked, the cluster normalized, the button if Sync Auxiliary was available and also the Switch to passive device.
    It was an interesting lesson for me, because now I know that in an active / passive cluster if one of the auxiliary XG WAN ports is not linked, it configures the cluster, even synchronizes the initial information, but does not leave it as a 100% configured cluster.

    Thanks !

Reply
  • 0 in reply to Vishal_R

    Problem solved.


    One of the WAN ports had no cable connected, so after it connected and the port linked, the cluster normalized, the button if Sync Auxiliary was available and also the Switch to passive device.
    It was an interesting lesson for me, because now I know that in an active / passive cluster if one of the auxiliary XG WAN ports is not linked, it configures the cluster, even synchronizes the initial information, but does not leave it as a 100% configured cluster.

    Thanks !

Children
No Data