Astaro Deployment Guide
High Availability Options
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
4
Manual Configuration
The manual configuration of an Active/Passive HA is very simple, too. However, it gives you some more options
like which LAN port to use for synchronization, device names, node IDs and encryption key.
Manual Setup of a Hot Standby Node
Once this data is entered on the first node you only need to connect the slave node to the master node and
either take the same configuration steps as for the first node or use the automatic configuration feature to add
the second node automatically.
Total Synchronization
Astaro Gateways working in either high availability mode, continuously exchange data over the HA interface to
stay totally synchronized. Synchronization only is effected between the master and slave node. Worker nodes
are not part of the synchronization process. The synchronization is key when a hardware failure occurs and the
surviving node takes over at the exact point where the failing devices quit.
In this way for example, an IPsec VPN tunnel will keep working during a hardware failure even without the need
to reconnect.
The following list includes the data that is synchronized between the master and the slave node of a HA
system:
Complete ASG Configuration
E-mail queue (e-mails older than five minutes)
E-mail quarantine
Reporting data
Update packages
System time
Firewall state
IPsec state
DHCP Leases
