Cisco Cisco Email Security Appliance C160 Mode D'Emploi
39-20
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 39 Centralized Management Using Clusters
Cluster Communication
If all attempts to communicate with a particular machine fail, then the machine that has been trying to
communicate will log a message saying that the remote host has disconnected. The system will send an
alert to the administrator that the remote host went down.
communicate will log a message saying that the remote host has disconnected. The system will send an
alert to the administrator that the remote host went down.
Even if a machine is down, the verification pings will continue to be sent. When a machine rejoins the
cluster network, a synchronization command will be issued so that any previously offline machines can
download any updates. The synchronization command will also determine if there have been any
changes on one side but not the other. If so, then the previously down machine will silently download
the updates.
cluster network, a synchronization command will be issued so that any previously offline machines can
download any updates. The synchronization command will also determine if there have been any
changes on one side but not the other. If so, then the previously down machine will silently download
the updates.
Disconnect/Reconnect
A machine may be disconnected from a cluster. Occasionally, you may intend to deliberately disconnect
the machine, for example, because you are upgrading the machine. A disconnect could also occur by
accident, for example, due to a power failure or other software or hardware error. A disconnect can also
occur if one appliance attempts to open more than the maximum number of SSH connections allowed in
a session. A machine that is disconnected from a cluster can still be accessed directly and configured;
however, any changes made will not be propagated to other machines within the cluster until the
disconnected machine becomes reconnected.
the machine, for example, because you are upgrading the machine. A disconnect could also occur by
accident, for example, due to a power failure or other software or hardware error. A disconnect can also
occur if one appliance attempts to open more than the maximum number of SSH connections allowed in
a session. A machine that is disconnected from a cluster can still be accessed directly and configured;
however, any changes made will not be propagated to other machines within the cluster until the
disconnected machine becomes reconnected.
When a machine reconnects to the cluster, it tries to reconnect to all machines at once.
In theory, two machines in a cluster that are disconnected could commit a similar change to their local
databases at the same time. When the machines are reconnected to the cluster, an attempt will be made
to synchronize these changes. If there is a conflict, the most recent change is recorded (supersedes any
other changes).
databases at the same time. When the machines are reconnected to the cluster, an attempt will be made
to synchronize these changes. If there is a conflict, the most recent change is recorded (supersedes any
other changes).
During a commit, the appliance checks every variable that is being changed. The commit data includes
version information, sequence identification numbers, and other information that can be compared. If
the data you are about to change is found to be in conflict with previous changes, you will be given the
option to discard your changes. For example, you might see something like this:
version information, sequence identification numbers, and other information that can be compared. If
the data you are about to change is found to be in conflict with previous changes, you will be given the
option to discard your changes. For example, you might see something like this:
(Machine mail3.example.com)> clustercheck
This command is restricted to "cluster" mode. Would you like to switch to "cluster"
mode? [Y]> y
Checking Listeners (including HAT, RAT, bounce profiles)...
Inconsistency found!
Listeners (including HAT, RAT, bounce profiles) at Cluster enterprise:
mail3.example.com was updated Mon Sep 12 10:59:17 2005 PDT by 'admin' on
mail3.example.com
test.example.com was updated Mon Sep 12 10:59:17 2005 PDT by 'admin' on
mail3.example.com
How do you want to resolve this inconsistency?