AAA, NAC, Guest Access & BYOD

What protocol does Standby Publisher use to check the connectivity to other Subscriber nodes and its own Gateway before promoting itself as Publisher in Publisher failover scenerio

Environment         Cluster with Publisher, Standby Publisher and Subscribers

 

 

CPPM Publisher redundancy feature before 6.4 requires that the Standby Publisher should be able to ping all the other subscribers in the cluster, which meant that ICMP communication should be allowed to all the other subscribers in the cluster.

 

 

 

It was also required that the standby publisher should be able to ping the default gateway which meant that the default gateway should respond to ICMP ping.

 

 

 

In many customer deployments the firewalls do not allow ICMP communication and gateways are configured to not respond to ICMP ping. The publisher redundancy feature has been re-architected in 6.4 to avoid these requirements.

 

 

 

In 6.4, the requirement is that standby publisher should be able to reach other subscribers in the cluster through HTTPS - TCP port 443. Additional ports as required by cluster operations would still be required.


Below is the sample output from 6.4 Standby Publisher Server during failover showing the new implementation:


...
...
2014-07-25 17:36:02,467 ERROR Platform.PublisherHA check-publisher-availability Publisher availability check failed for 5 times
2014-07-25 17:36:02,467 ERROR Platform.PublisherHA check-publisher-availability Publisher seems to be unavailable, will attempt to trigger failover; resetting wait period
2014-07-25 17:36:02,467 WARNING Platform.PublisherHA check-publisher-availability Attempting to take over publisher status, checking for network split cases
2014-07-25 17:36:02,467 INFO Platform.PublisherHA check-publisher-availability Checking whether default gateway is accessible ...
2014-07-25 17:36:02,484 INFO Platform.PublisherHA check-publisher-availability Default gateway to ping :10.17.4.254
2014-07-25 17:36:02,484 INFO Platform.PublisherHA check-publisher-availability ARPinging 10.17.4.254
2014-07-25 17:36:08,492 INFO Platform.PublisherHA check-publisher-availability ARPing output ARPING 10.17.4.254 from 10.17.5.182 eth0
Unicast reply from 10.17.4.254 [00:15:63:7C:9E:C2] 4.424ms
Unicast reply from 10.17.4.254 [00:15:63:7C:9E:C2] 5.076ms
Unicast reply from 10.17.4.254 [00:15:63:7C:9E:C2] 4.549ms
Unicast reply from 10.17.4.254 [00:15:63:7C:9E:C2] 4.588ms
Unicast reply from 10.17.4.254 [00:15:63:7C:9E:C2] 6.008ms
Unicast reply from 10.17.4.254 [00:15:63:7C:9E:C2] 3.790ms
Sent 6 probes (1 broadcast(s))
Received 6 response(s)
2014-07-25 17:36:08,492 INFO Platform.PublisherHA check-publisher-availability ARPing is successful.
2014-07-25 17:36:08,492 INFO Platform.PublisherHA check-publisher-availability Default gateway is reachable.
2014-07-25 17:36:08,492 INFO Platform.PublisherHA check-publisher-availability Checking whether other subscribers are reachable ...
2014-07-25 17:36:08,496 INFO Platform.PublisherHA check-publisher-availability Got subscribers list: ['10.17.5.182']
2014-07-25 17:36:08,496 INFO Platform.PublisherHA check-publisher-availability Pinging CPPM 10.17.5.182 with curl on https://10.17.5.182/tips/
2014-07-25 17:36:08,564 INFO Platform.PublisherHA check-publisher-availability Curl Ping output 200
2014-07-25 17:36:08,564 INFO Platform.PublisherHA check-publisher-availability Curl Ping is successful.
2014-07-25 17:36:08,564 INFO Platform.PublisherHA check-publisher-availability 1 out of 1 subscribers are reachable
2014-07-25 17:36:08,565 INFO Platform.PublisherHA check-publisher-availability At least half of configured subscribers are reachable
2014-07-25 17:36:08,565 INFO Platform.PublisherHA check-publisher-availability Triggering failover ...
2014-07-25 17:37:01,951 INFO Platform.PublisherHA ha-is-standby-now-master Standby Publisher check - ownNodeId=2 isPublisher=False haEnabled=True haStandbyNode=2 haWaitPeriod=5
2014-07-25 17:37:02,912 INFO Platform.PublisherHA check-publisher-availability Unable to acquire lock, another process may be already holding it
2014-07-25 17:38:01,204 INFO Platform.PublisherHA ha-is-standby-now-master Standby Publisher check - ownNodeId=2 isPublisher=False haEnabled=True haStandbyNode=2 haWaitPeriod=5
2014-07-25 17:38:02,165 INFO Platform.PublisherHA check-publisher-availability Unable to acquire lock, another process may be already holding it
2014-07-25 17:39:02,029 INFO Platform.PublisherHA ha-is-standby-now-master Standby Publisher check - ownNodeId=2 isPublisher=False haEnabled=True haStandbyNode=2 haWaitPeriod=5
2014-07-25 17:39:02,984 INFO Platform.PublisherHA check-publisher-availability Unable to acquire lock, another process may be already holding it
2014-07-25 17:39:54,266 INFO Platform.PublisherHA check-publisher-availability Cluster control command exited with status 0 output INFO - Checking cluster connectivity
ERROR - Connection to publisher failed. Please check that:
ERROR - 1) Publisher IP address and cluster password is valid and synchronized
ERROR - 2) Publisher is up and accessible from this machine
INFO - Attempting to force promoting to publisher even if a node is down
INFO - Trying to bring all subscriber nodes to sync
....
...

 

Version history
Revision #:
1 of 1
Last update:
‎11-13-2014 01:18 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.