High Availability Network Failure Detection, Actions, and Monitoring

WebApp Secure high availability systems now have the ability to detect network card and/or interface failures. When traffic interfaces (or the HA interconnect) goes down, WebApp Secure can react by failing over to the other system, sending an alert to a specified contact person, performing both actions, or performing no action.

To instruct WebApp Secure to listen on a certain interface, enter the CLI and type:

cli system set ethmonitor <interface>

Once the command is run, it will add a monitor on the interface and also add it into the colocation group along with the rest of the data services. Technically, you could add multiple interfaces to monitor, and the monitored interfaces are the same across both system in the pair.

In the case of a failure condition described below, the appropriate failover or other action will take place.

Table 10: Failure Scenarios

Symptom

Log

Alert

Failover

Split Brain

Recommended Action

Notes

Loss of interconnect

yes

yes

no

no

none

No alerting is sent out directly from the failure but an alert will be sent from monitoring based on DRBD falling out of sync.

Loss of Monitored Interface on Slave

yes

yes

no

no

none

none

Loss of Monitored Interface on Master

yes

yes

yes

no

none

none

Loss of Monitored Interfaces on Master and Slave

yes

yes

no

no

Connectivity of traffic interfaces should be fixed immediately.

No traffic will be processed.

Loss of Monitored Interface on Master and Interconnect

yes

yes

yes

no

Connectivity of interconnect interface should be fixed immediately.

Some data may be lost in this state.

Loss of Interconnect and Management Interfaces

yes

yes

no

yes

Connectivity of interconnect and/or management interfaces should be fixed immediately.

None

Related Documentation