Security

last person joined: 2 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

how to make standby publisher become subscriber after the publisher come up again?

This thread has been viewed 3 times

  • 1.  how to make standby publisher become subscriber after the publisher come up again?

    Posted Jun 17, 2015 03:47 AM
    I Have configured VIP between 2 clearpass ,publisher and subscriber now I have noticed that the publisher fail and subscriber became publisher and when piblisher come up again it didnt preepmt to the publisher..how to fix this


  • 2.  RE: how to make standby publisher become subscriber after the publisher come up again?

    EMPLOYEE
    Posted Jun 17, 2015 03:50 AM
    What version of code


  • 3.  RE: how to make standby publisher become subscriber after the publisher come up again?

    EMPLOYEE
    Posted Jun 17, 2015 03:59 AM

    Screen Shot 2015-06-17 at 8.57.06 AM.pngScreen Shot 2015-06-17 at 8.57.19 AM.png



  • 4.  RE: how to make standby publisher become subscriber after the publisher come up again?
    Best Answer

    Posted Jun 17, 2015 04:39 PM

    If the publisher fails over to the standby then the original PUB come sback on line we DO NOT move the PUB functionality back automatically. Thus you don't want the VIP to move back to that box as its not in 'charge' of the DB so you don't want to fire say Guest creation or Onboard request to that node.



  • 5.  RE: how to make standby publisher become subscriber after the publisher come up again?

    Posted Jun 25, 2015 09:58 AM

    So what you say is that Don't create stand by publisher just VIP and leave every one for his role right?



  • 6.  RE: how to make standby publisher become subscriber after the publisher come up again?

    Posted Jun 25, 2015 12:34 PM

    No, I'm not saying that.

     

    I'm saying that the reason we don' move the VIP back the Publisher that failed when it comes back online is that we don't regress the standby-PUB (whch is now the active PUB) back to a standby-state and move the PUB functionality back to the origianl PUB. 

     

    The node that was the standy is now the active PUB and stays the active-PUB, it owns the cluster and the VIP.

     

    The failed-PUB that has come back online may think it the PUB but it does not own the cluster and you have have made chanegs to the rest of the cluster and you want the SUB's and your NAS devices to talk to the ACTIVE PUB which owns the VIP.

     

    Confusing I know....!!!

     

    Happy to discuss on a phone call.