Two installed SASE Orchestrator instances are required to initiate replication.
- The selected standby is put into a
STANDBY_CANDIDATEstate, enabling it to be configured by the active server. - The active server is then given the address and credentials of the standby and it enters the
ACTIVE_CONFIGURINGstate.
STANDBY_CONFIG_RQST is created from Active to Standby, the two servers synchronize through the state transitions.
The two Orchestrators for Disaster Recovery (DR) that will be established, must have the same time. Before you initiate
SASE Orchestrator replication, ensure you check the following NTP configurations:
- The Gateway time zone must be set to Etc/UTC. Use the following command to view the NTP time zone.
vcadmin@vcg1-example:~$ cat /etc/timezone Etc/UTC vcadmin@vcg1-example:~$
If the time zone is incorrect, use the following commands to update the time zone.
echo "Etc/UTC" | sudo tee /etc/timezone sudo dpkg-reconfigure --frontend noninteractive tzdata
- The NTP offset must be less than or equal to 15 milliseconds. Use the following command to view the NTP offset.
sudo ntpqvcadmin@vcg1-example:~$ sudo ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *ntp1-us1.prod.v 74.120.81.219 3 u 474 1024 377 10.171 -1.183 1.033 ntp1-eu1-old.pr .INIT. 16 u - 1024 0 0.000 0.000 0.000 vcadmin@vcg1-example:~$If the offset is incorrect, use the following commands to update the NTP offset.
sudo systemctl stop ntp sudo ntpdate <server> sudo systemctl start ntp
- By default, a list of NTP Servers are configured in the
/etc/ntpd.conffile. The Orchestrators on which DR need to be established must have Internet to access the default NTP Servers and ensure the time is in sync on both the Orchestrators. Customers can also use their local NTP server running in their environment to sync time.
Note: Before you set up your Standby Orchestrator to begin the Replication process, you must enable the
network.public.address system property.
