High Availabltiy States On Primary and Secondary Appliance
Nevyaditha
Moderator
The Primary SonicWall and Secondary SonicWall in High Availability Pair when configured go through different states.
These states are used to identify the current status of Primary Sonicwall or Secondary Sonicwall when setup in HA mode and also helps in Troubleshooting. These status are generally seen on both the Appliance GUI under the Monitor| Current Status | High Availability Status and also in Trace Logs .
Differnet HA States shown on Sonicwall are ACTIVE ,STANDBY ,ELECTION ,SYNC ,ERROR, REBOOT and NONE .
Please check the KB for details regarding the states:
I hope this information is usefull.
Thanks
Nevyaditha
Category: Mid Range Firewalls
Nevyaditha P
Technical Support Advisor, Premier Services
1
Comments
Hi @Nevyaditha
one of the things I'am wondering for years, is why a turn from primary to secondary (or vice versa) happened without any obvious reason. The log doesn't say much about it. All monitored links are up, all appliances are running. It's one of these questions I have to take a pass when asked from a customer.
I would like to know it for sure, no guessing. The log should show the reason.
--Michael@BWC
Hello Michael@BWC ,
If the firewall has rebooted, the GUI Logs are wiped out. We search for the reason in the tracelogs. Showing the following just as an example:
01/22/2018 21:12:31 - 1205 - High Availability - Alert - On HA peer firewall, Interface X8 Link Is Down
01/22/2018 21:13:06 - 1206 - High Availability - Alert - On HA peer firewall, Interface X8 Link Is Up
01/22/2018 21:13:09 - 1205 - High Availability - Alert - On HA peer firewall, Interface X8 Link Is Down
01/22/2018 21:14:33 - 149 - High Availability - Error - Secondary missed heartbeats from Primary
01/22/2018 21:14:33 - 145 - High Availability - Alert - Missed Peer heartbeat - Secondary firewall has transitioned to Active
Here you can see that the Secondary unit missed heartbeat from primary as the X8 link is flapping and that is the reason secondary device became active. This is clearly due to HA link issues. We will further compare both the device's tracelogs to figure out the problem.
Now, we have an option to save the logs to a built-in storage module which can help us deduce the reason for failover in a much better way.
I hope that helps!
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi @BWC ,
The Trace logs on both the Primary and Secondary devices provide the different states the devices are undergoing before the failover or reboot occurs.
For Instances like when the failover occurred when the Link IP and the Planes were working well then verifying the logs before the failover event occurred will help to identify what task was being handled by the units that got the failover trigger.
The Sample Logs below shows the Election and also shows Link fluctations
18:37:37.864: ha - HA Primary [I] : In NONE state - Peer was in NONE state
18:37:37.912: ha - HA Primary [I] : In ELECTION state - Peer was in NONE state
18:37:47.160: ha - HA Primary [I] : In ELECTION state - Peer was in NONE state
18:37:59.000: ha - HA Primary [I] : Not receiving heartbeats from peer firewall.
18:37:59.000: ha - HA Primary [A] : Firewall has become Active.
00:46:38.816: ha - HA Primary [I] : Link change for physical monitoring interface : X4, status : DOWN
00:46:38.848: ha - HA Primary [I] : Link change for physical monitoring interface : X5, status : DOWN
There are different reasons for the Failover and Failback to occur and it could be different based on differnt environments. I will work on this and come up with a article that briefs about what are the possible reasons for the failover to occur.
@shiprasahu93 Thank you for the above detailed information!!
Thank You.
Nevyaditha P
Technical Support Advisor, Premier Services
Hey @Nevyaditha ,
A KB article with all the different scenarios and possible reasons for HA failover would be just perfect! Good job on this one too!!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi NEVYADITHA ,
we are also having same issue firewall HA happens automatically without any specific reason and reboot or hardware failure and interface down
also there is no details about it in logs and NSM
@apanchal697kwt I have never seen a failover without some corresponding event in the tracelogs. The events may not say why, but at least they will say that the firewall transitioned from one state to another.