5 Replies Latest reply on Sep 4, 2015 1:37 PM by Spincoach

    WAN Public IP blockage

    wesleyorama

      I have the FOE server setup and replicating. I have tested it and it is working great. However I need to setup split brain avoidance. In order to do so, I want to ping the public IP of the Primary and Secondary servers. However even though the FOE is setup in a WAN configuration it is blocking the public IP on whomever is not currently active. These IP's are on different subnets and are, of course, different themselves. How can I make the FOE software not block traffic on the public interfaces?

       

      Things I have tried:

      Attempted to remove the IP from the Public tab of the FOE server configuration.

      Set the IP in the Public tab of the FOE server configuration to an fabricated IP.

        • Re: WAN Public IP blockage
          jim080

          Anyone have any idea on this issue? I have come across the same problem.

          • Re: WAN Public IP blockage
            aLTeReGo

            Split Brain avoidance should occur over the channel adapters IP address which is not blocked.

            1 of 1 people found this helpful
            • Re: WAN Public IP blockage
              Spincoach

              Packet filter should be enabled on the secondary to avoid duplicate names.

              If you don't think this is the case then you can try to go to your primary nic properties, uncheck Neverfail Packet Filter Driver

              That will allow communication to your primary nic.

              Do this at your own risk however.

              • Re: WAN Public IP blockage
                billyjbryant

                aLTeReGo's answer should be marked as such.  FoE manages (and mitigates) split-brain across the FoE Channel.  As long as your two engines are properly configured to default to 1) Active and 1) Secondary (and both are not configured to be the Active by default) then they should negotiate and handle split brain accordingly. 

                1 of 1 people found this helpful
                • Re: WAN Public IP blockage
                  Spincoach

                  DNS should point hostname to the server ip that is active.  You can uncheck neverfail packet filter on the primary nic on both devices.  If the dns task in foe is set up properly to change dns configuration, you will not get a duplicate hostname error.  I had a conf call with SW support and our DNS guy to work on this together.

                  From what I understood from support, neverfail packet filter is for ha/lan configurations and not wan.

                  I am currently set up this way. WAN/dr  neverfail is unchecked. I can get to both servers via primary nic.