Endpoint Protection

Hi All,

     Failover Concept

I Have setup a Failover with SQL database for the Symantec Manager console

The clients are Reporting to the  Priority  1 List server correctly and the symantec Port 8014 is open in Both the servers

My Questions is when I Checked the Port 8014 for a Client in the secondary Server where the is setup to failover if the first server fails  where the clients are not connected to the second server  the connection is established how is it possible the connection to be established in the command prompt

Please Explain the concept behind the failover any documents

Thanks & Regards

Gerald  

its failover and load balancing

server A; priority 1 u assign this policy to few groups

server B; priority 2 u assign this policy to few groups or all groups

the clients sylink.xml will have two servers ip..if first fails it goes to second..

I'm not able to understand u r query, can u explain it little bit plz

is the connection on port 8014?

http://www.symantec.com/business/support/index?page=content&id=TECH104519&locale=en_US 

I want to know the reason

The Setup is only for Failover

The clients are connecting correctly to the Priority 1 Server and the Secondary Server is Slient in a failover Setup

The Question would be:

When I Test a client for the port 8014 if the connection is establised in the secondary server it shows connection Established in the Secondary Server

and I dont Understand Why connection should be Establised in the secondary Server  If the client is reporting to the Priority 1 Server first server

Where I am concerned that the clients connect to both the server and it uses my bandwith even a failover is setup and the clients should Establish the connection only in one server for the port 8014 If there failover

Question: 

Will the client Establish Connection for the port 8014 in both server if a failover is setup and Test the connection in the command prompt

Thanks In Advance

Gerald 

Hi,

if u use netstat -ano

u see this client connected to server two, though its reporting to server1?

it should only try to reach server 2 when 1 is not available.

on client click on help and support, troubleshooting, which server do u see ? 1 or 2?

The clients are connected to the server 1 and in help and troubleshooting it shows server 1 only

So the question is that if I pick a client which is connected to server 1 correctly and I see the server the connection established for the port 8014 for both the server 1 and 2 why ? it should establish the connection in netstat only for 1 Server

Thanks

Yes Chatan I selected the Second Option only.

Can you doublechech your management server list once?Wheter both servers are listed with same priority or under different priority?

I Setup the MSL assigned to the group which the client i am checking  and Checked the MSL each servers has it own Priority

Thanks

Hi,

Do you see clients listed under second/failover SEPM ?

Is it possible for you to attach screen shot of your MSL ?

 Yes I see the client listed in the second server but without a green dot

But in the first server the client is with-out  a green dot  and it not connected but the connection is establised for the port 8014

If a client is showing green dot in a particular server means the client is currently online and connected to that server in the last heart beat.If it is not showing green dot means that the client is cuurntly not reporting to that particular server.The server got the client information may be through replication.

Post the sylink logs.

Is the client not with green dot on both the servers?

I agree that but My concern is why the client establish a connection for the port 8014 in CMD Netstat when it not connected with the server 2

Observer continuously.Is it happening for all clients or only for a particular client?It shows problem only today or it is showing same behaviour every time?

Hi,

As you can see clients are listed under second SEPM but they are without green dot .

Do you see any red arrow on those clients ?

You have mentioned that you don't see green dot on clients on primary SEPM as well ?

Please reconfirm status of clients on both sepm i.e with green dot, without green dot, with red arrow ?

Green dot -----> Primary Server

No Green Dot---- > Secondary Server

No red Arrow in the secondary or in the Primary Server.

Thanks

Hi,

Could you please run following command on secondary/Failover server.

netstat -anb >c:\netstat.log

Sure Will do it

you are using load balancing with failover, so there wont be any red dot on the SEPM,

On one SEPM there will be clients listed with green dot and on the other SEPM the clients will be visible but I dont think there will be a green dot.

So depending on the MSL priority the clients will be listed with our without green dot on the respective SEPM.

Hello,

Check this:

About failover and load balancing

http://www.symantec.com/business/support/index?page=content&id=HOWTO26809&actp=search&viewlocale=en_US&searchid=1300467021633

About Load Balancing and Failover Clustering in Symantec Endpoint Protection 11.0

http://www.symantec.com/business/support/index?page=content&id=TECH104519&locale=en_US

About installing and configuring the Symantec Endpoint Protection Manager for failover or load balancing

http://www.symantec.com/business/support/index?page=content&id=HOWTO26808&actp=search&viewlocale=en_US&searchid=1300467021633

Installing a management server for failover or load balancing

http://www.symantec.com/business/support/index?page=content&id=HOWTO26807&actp=search&viewlocale=en_US&searchid=1300467021633

Thanks for the document

My Is Questions is why Connection is Established in both the Servers for a Single Client if the Failover is done and the client is reporting to server 1

EXample :

10.10.211.55 Server 1 Pri ----1 
10.10.6.34 Client 
192.168.10.20 Server 2   ---- Pri -2

If we use netstat command connection for the client 10.10.6.34 Is Established from both the server

It should be Has follows

Server One ---1 Connection Establised for port 8014

Server Two---- Licsening for port 801

But for Both  the

Status Establised for port 8014

It seems there is some problem in algorithm defined in the product for Failover concept
because if it might establish connection in both the server then it does not
complainance  for the primary failover concept. Is that correct

Note : There is no Load Balance Setup

Thanks

Hello,

In a failover configuration, all clients send traffic to and receive traffic from server 1. If server 1 goes offline, all clients send traffic to and receive traffic from server 2 until server 1 comes back online.

Load balancing occurs between the servers assigned to Priority 1 in a Management Server list. If more than one server is assigned to Priority 1, the clients randomly choose one of the servers and establish communication with it. If all Priority 1 servers fail, clients connect with the server assigned to Priority 2

Failover configurations are used to maintain communication when clients are unable to communicate with a Symantec Endpoint Protection Manager. When all management servers at a higher priority level become unavailable, clients switch to failover servers, which are defined by their lower priority level in the Management Server List. At every heartbeat, clients check to see whether there is a higher priority server available. If there is, the clients switch to it immediately.

Whenever possible, failover servers should be at the same site as the management servers that they back up. All management servers at the same site share one database, so that data consistency is guaranteed. It is possible to configure management servers that are replication partners as failover servers, but there is a risk of data inconsistency between replication partners because replication does not always take place frequently enough.

Failover and load balancing installations are supported only when the original Symantec Endpoint Protection Manager uses Microsoft SQL Server. The SQL Server Native Client files also must be installed on the computer on which you install a site for failover or load balancing.

You do not install servers for failover or load balancing when the first Symantec Endpoint Protection Manager site is configured to use the embedded database.

If the SEPM's are sharing the same the database then you will see the same client with green dot on both the SEPM's as the DB is common.

but if the DB is different then you should not the see the client with green dot on both the SEPM's hope this answers your question.

Thanks for the Concept I Understand

My Question is Will a single client Establish Connection at the same time if the setup is failover

Sorry Still I am not Clear on This concept ,Please Help

My Question is Will a single client Establish Connection for the port 8014 if  I try a Netstat command in the both the servers at the same time

If it is reporting to a Single Server with a green dot  

I Think in one server it will Establish the connection for the Port 8014 and in the other server it will be in Liscening for the port 8014

But In My case it establishes connection from both the server for the Port 8014

Setup Is only Failover with SQL database

Thanks

Gerald

Any Update on the Issue

Hello,

Port 8014 will be open on both SEPMs, so if you did telnet on any server for port 8014, you will see that open.

Communication happen on one sepm but ports will be open on both, if the port is not open how will the client failover.

I agree with your Statement

Yes the ports will be open in both server for 8014

But the connection establish should happen in only one server

If we do a netstat in both the server it shows Establish connection in both the server

Where Else it should be Establish connection in one server

The second server it only Show Licensing for the port 8014

    Hi all I am closing