Hey guys.. for active passive HA.. do you preconfigure the passive UTM with the same interface\IP as the active info before enabling HA and plugging up eth3?
No, you would leave it as it was delivered from the factory and connect it to eth3. When you enable HA it will search for it and do all the needed work.
Yeah, I noticed that a while back. It was annoying because then I had to disable it until I was ready to actually do HA. You do not want it automatically starting HA on a production box when you add a node. It should really be disabled.
When you have only one box, just disable it and enable it when needed.
The second box needs no setup configuration, just connect via eth3 and HA is up and running.
So it is a very nice feature to Setup a HA Cluster or exchange a node from a Cluster.
Astaro user since 2001 - Astaro/Sophos Partner since 2008
Hiya Bob, autoconfig for HA in UTM appliances has been there for quite a while. (I'd have to check, all through v8 and probably v7?)
Out of the box, you just hook up another UTM to the existing one and they will set everything up. This is why if you want to repurpose ETH3 to another use on any appliances you have to disable that in the HA settings so the nic can be made available. This is not on software (as you might only have 2 nics for example) so is an appliance-only behavior as to how eth3 acts by default.
ha.. yeah the auto HA through me off when I hooked up eth3.. I actually re setup HA manully because I wanted to understand how to set it up.
So my next conundrum is the HA but only a single ISP connection. My options are:
1. Put a unmanaged switch in front of the UTMs
2. Simply move the ISP cable if the master failed
I am leaning towards option 2 as 1 just introduces another piece of hardware that could fail causing me having to move a cable anyway.. plus I'd hope a UTM would outlast a cheap switch. [:)]
