Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Failover Engine (FoE) > How to Configure Split-Brain Avoidance in a LAN or WAN

How to Configure Split-Brain Avoidance in a LAN or WAN

Created by Seamus.Enright, last modified by MindTouch on Jun 23, 2016

Views: 36 Votes: 2 Revisions: 5

Overview

This procedure introduces the use of additional IP addresses on the principal network adapters of both the primary and secondary server for use during Split-brain Avoidance configuration.

 

Note: The IP addresses shown below are for illustration purposes only. 
Please use IP addresses that are appropriate to your network ensuring that the IP addresses selected are not in the same subnet as the principal or SolarWinds Channel subnet. 

Environment

FoE with LAN or WAN

Steps 

 

To configure Split-brain Avoidance when implemented in a LAN, follow the steps below:

 

  1. Add the following IP address to the principal network adapter on the primary server (11.0.0.1).  This does not need to be the first IP address in the list.
  2. Add the following IP address to the principal network adapter on the secondary server (11.0.0.2).  This does not need to be the first IP address in the list.
  3. Ping 11.0.0.1 and 11.0.0.2 in both directions.
  4. Configure Split-brain Avoidance to use 11.0.0.1 and 11.0.0.2 IP addresses following the procedure below.
    1. Open the SolarWinds Orion Failover Manager.
    2. Select the Server: Monitoring tab.
    3. Click the Configure Failover button. 
    4. Select the Prevent failover if channel heartbeat is lost but Active server is still visible to other servers (recommended) check box to enable Split-Brain Avoidance.
    5. Click OK.
    6. Click the Configure Pings button. 
    7. Select the Ping Settings tab and configure the Ping Interval and Ping Echo Timeout fields.
    8. Select the Ping Routing tab and enter the appropriate newly assigned IP addresses for both the primary and secondary server.
    9. Click OK

 

Using this procedure removes the problem of having multiple IP's on the same subnet and also removes all of the DNS registration issues 
that can be seen as the above addresses are normally outside of the client's normal subnet.

How to Configure Split-Brain Avoidance in a WAN

Summary

This Knowledge Base article provides the procedure for configuring Split-Brain Avoidance when Orion Failover Engine is implemented in a Wide Area Network (WAN) environment.

More Information

Split-brain Avoidance can be configured after the installation of Orion Failover Engine via the SolarWinds Orion Failover Manager. 
Split-brain Avoidance is used in WAN installations to ensure that only one server becomes active should the channel connection be lost, but both servers are still connected to the principal network. 

Split-brain Avoidance works by "pinging" from the passive server to the active server across the principal network. 
If the active server responds, failover will be prevented, even if the channel connection is lost. 
This feature requires that the active and passive servers have different IP addresses on the principal network, which is typically the case for WAN installations.

Procedure

To enable this feature:

You will need to configure "Auxiliary IP addresses" on both principal network cards. 
This is required to allow the passive server to send a "ping". Auxiliary IP addresses are additional IP addresses that are assigned to the network card, which is connected to the principal network. 
They are used to allow the passive server to communicate, because unlike the principal network address, they are not filtered. 
This allows the passive server to send "pings", and is also required to allow the passive server to send email alerts.

To configure an auxiliary IP address on the principal network cards, follow the procedure below:

Note: If the management IP address will be configured on an additional network card, 
SolarWinds Orion Failover Engine Packet Filter driver should not be enabled on this card to allow it to communicate over the network.

To configure a management address on the  principal network card itself:

  1. Open Network Connections.
  2. Right-click the required principal network connection and click on Properties.
  3. Under the TCP/IP protocol, click Properties.
  4. The first IP address of the NIC is displayed.
  5. Note the first IP address and then adjust the first IP address of the card to the management IP address.  
  6. To add the principal IP address (old first address) back in as a secondary address, click the Advanced and click Add.
    Note: For Windows 2008, the order of addresses is unimportant.
  7. Specify the principal IP address and clear the Register this connection in DNScheck box from the DNS tab.
  8. Static DNS entries must now be added to the DNS server in order to maintain connectivity, as this was previously carried out dynamically. 
    Please consult appropriate Microsoft documentation on how to Add Static Host and PTR records as required.
  9. From a command prompt, run c:>route print to verify the main principal IP address does not appear in the Interface column 
    - only the MANAGEMENT address, addresses on other NICs, and 127.0.0.1 should appear in this column.
    Note: Normal TCP/IP troubleshooting commands can be used to verify connectivity, for example, C:>ping 10.0.0.1

SolarWinds Orion Failover Manager

To configure Split-Brain Avoidance using the Solarwinds Orion Failover Manager, follow the steps below:

  1. Open the SolarWinds Orion Failover Manager.
  2. Select the Server: Monitoring tab.
  3. Click the Configure Failover button. 
  4. Select the Prevent failover if channel heartbeat is lost but Active server is still visible to other servers (recommended) check box to enable Split-Brain Avoidance.
  5. Click OK.
  6. Click the Configure Pings button. 
  7. Select the Ping Settings tab and configure the Ping Interval and Ping Echo Timeout fields.
  8. Select the Ping Routing tab and enter the IP addresses for both the primary and secondary server principal NICs as appropriate.
  9. Click OK.
Last modified
19:28, 22 Jun 2016

Tags

Classifications

Public