Manual Failover

Posted on August 7, 2012

1



Failover can we generate with a lot of way. One way is with cphaprob, the most complicated way if you do not know it, but I am here for you to understand and use it instead of just an ifdown/ifup for an interface. :-)
On the other hand it is an important command for the exam.

cphaprob usage:

cphaprob state
cphaprob [-a] if

The following commands are NOT applicable for 3rd party:

cphaprob -d  -t  -s  [-p] register
cphaprob -f  register
cphaprob -d  [-p] unregister
cphaprob -a unregister
cphaprob -d  -s  report
cphaprob [-i[a]] [-e] list
cphaprob igmp .................. IGMP membership status
cphaprob [-reset] ldstat ....... Sync serialization statistics
cphaprob [-reset] syncstat ..... Sync transport layer statistics
cphaprob fcustat ............... Full connectivity upgrade statistics
cphaprob tablestat ............. Cluster tables

Test:
The Firewalls are in Load sharing multicast mode now. The actual state is clear, there is no problem with the cluster.

[Expert@myfirewall]# cphaprob stat

Cluster Mode:   Load Sharing (Multicast)

Number     Unique Address  Assigned Load   State

1 (local)  192.168.168.10  50%             Active
2          192.168.168.20  50%             Active

[Expert@myfirewall]# cphaprob -ia list

Built-in Devices:

Device Name: Problem Notification
Current state: OK

Device Name: Interface Active Check
Current state: OK

Device Name: HA Initialization
Current state: OK

Device Name: Load Balancing Configuration
Current state: OK

Registered Devices:

Device Name: fwd
Registration number: 0
Timeout: none
Current state: OK
Time since last report: 0.2 sec

Device Name: cphad
Registration number: 1
Timeout: none
Current state: OK
Time since last report: 0.2 sec

Add a device, named SHIT and report a problem of it.

[Expert@myfirewall]# cphaprob -d SHIT -t 0 -s ok -p register
Registered SHIT in failure detection mechanism.
Registration no. 2
[Expert@myfirewall]# cphaprob -d SHIT -s problem report
[Expert@myfirewall]#
[Expert@myfirewall]# cphaprob -ia list

Built-in Devices:

Device Name: Problem Notification
Current state: problem

Device Name: Interface Active Check
Current state: OK

Device Name: HA Initialization
Current state: OK

Device Name: Load Balancing Configuration
Current state: OK

Registered Devices:

Device Name: fwd
Registration number: 0
Timeout: none
Current state: OK
Time since last report: 0.8 sec

Device Name: cphad
Registration number: 1
Timeout: none
Current state: OK
Time since last report: 0.8 sec

Device Name: SHIT
Registration number: 2
Timeout: none
Current state: problem
Time since last report: 9.3 sec

The cluster member is down:

[Expert@myfirewall]# cphaprob state

Cluster Mode:   Load Sharing (Multicast)

Number     Unique Address  Assigned Load   State

1          192.168.168.10  100%            Active
2 (local)  192.168.168.20  0%              Down

[Expert@myfirewall]#

Delete the device from failure detection mechanism:

[Expert@myfirewall]# cphaprob -d SHIT -p unregister
Unregistered SHIT from failure detection mechanism

The cluster member is up

[Expert@myfirewall]# cphaprob state

Cluster Mode:   Load Sharing (Multicast)

Number     Unique Address  Assigned Load   State

1          192.168.168.10  50%             Active
2 (local)  192.168.168.20  50%             Active

[Expert@myfirewall]# cphaprob -ia list

Built-in Devices:

Device Name: Problem Notification
Current state: OK

Device Name: Interface Active Check
Current state: OK

Device Name: HA Initialization
Current state: OK

Device Name: Load Balancing Configuration
Current state: OK

Registered Devices:

Device Name: Synchronization
Registration number: 0
Timeout: none
Current state: OK
Time since last report: 1572.1 sec

Device Name: Filter
Registration number: 1
Timeout: none
Current state: OK
Time since last report: 140.4 sec

Device Name: fwd
Registration number: 2
Timeout: 2 sec
Current state: OK
Time since last report: 0.6 sec

Device Name: cphad
Registration number: 3
Timeout: 2 sec
Current state: OK
Time since last report: 0.6 sec
Advertisements