High Availability
1136
SonicOS 5.8.1 Administrator Guide
• Preempt - Applies to a post-failover condition in which the Primary unit has failed, and the
Backup unit has assumed the Active role. Enabling Preempt will cause the Primary unit to
seize the Active role from the Backup after the Primary has been restored to a verified
operational state.
Virtual MAC Address
The Virtual MAC address allows the High Availability pair to share the same MAC address,
which dramatically reduces convergence time following a failover. Convergence time is the
amount of time it takes for the devices in a network to adapt their routing tables to the changes
introduced by high availability.
Without Virtual MAC enabled, the Active and Idle appliances each have their own MAC
addresses. Because the appliances are using the same IP address, when a failover occurs, it
breaks the mapping between the IP address and MAC address in the ARP cache of all clients
and network resources. The Backup appliance must issue an ARP request, announcing the
new MAC address/IP address pair. Until this ARP request propagates through the network,
traffic intended for the Primary appliance’s MAC address can be lost.
The Virtual MAC address greatly simplifies this process by using the same MAC address for
both the Primary and Backup appliances. When a failover occurs, all routes to and from the
Primary appliance are still valid for the Backup appliance. All clients and remote sites continue
to use the same Virtual MAC address and IP address without interruption.
By default, this Virtual MAC address is provided by the SonicWALL firmware and is different
from the physical MAC address of either the Primary or Backup appliances. This eliminates the
possibility of configuration errors and ensures the uniqueness of the Virtual MAC address,
which prevents possible conflicts. Optionally, you can manually configure the Virtual MAC
address on the High Availability > Monitoring page.
The Virtual MAC setting is available even if Stateful High Availability is not licensed. When
Virtual MAC is enabled, it is always used even if Stateful Synchronization is not enabled.
Crash Detection
The High Availability feature has a thorough self-diagnostic mechanism for both the Primary
and Backup SonicWALL security appliances. The failover to the Backup SonicWALL occurs
when critical services are affected, physical (or logical) link detection is detected on monitored
interfaces, or when the SonicWALL loses power.
The self-checking mechanism is managed by software diagnostics, which check the complete
system integrity of the SonicWALL device. The diagnostics check internal system status, system
process status, and network connectivity. There is a weighting mechanism on both sides to
decide which side has better connectivity, used to avoid potential failover looping.
Critical internal system processes such as NAT, VPN, and DHCP (among others) are checked
in real time. The failing service is isolated as early as possible, and the failover mechanism
repairs it automatically.
Stateful High Availability Overview
This section provides an introduction to the Stateful High Availability feature. Stateful High
Availability is supported on SonicWALL NSA appliances, but not on SonicWALL TZ series
appliances.
This section contains the following subsections:
• “What is Stateful High Availability?” on page 1137