Two installed SASE Orchestrator instances are required to initiate replication.
- The selected standby is put into a
STANDBY_CANDIDATE
state, enabling it to be configured by the active server. - The active server is then given the address and credentials of the standby and it enters the
ACTIVE_CONFIGURING
state.
STANDBY_CONFIG_RQST
is made from active to standby, the two servers synchronize through the state transitions.
The two Orchestrators on which Disaster Recovery (DR) need to be established must have same time. Before you initiate
SASE Orchestrator replication, ensure you check the following NTP configurations:
- The Gateway time zone must be set to Etc/UTC. Use the following command to view the NTP time zone.
vcadmin@vcg1-example:~$ cat /etc/timezone Etc/UTC vcadmin@vcg1-example:~$
If the time zone is incorrect, use the following commands to update the time zone.
echo "Etc/UTC" | sudo tee /etc/timezone sudo dpkg-reconfigure --frontend noninteractive tzdata
- The NTP offset must be less than or equal to 15 milliseconds. Use the following command to view the NTP offset.
sudo ntpqvcadmin@vcg1-example:~$ sudo ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *ntp1-us1.prod.v 74.120.81.219 3 u 474 1024 377 10.171 -1.183 1.033 ntp1-eu1-old.pr .INIT. 16 u - 1024 0 0.000 0.000 0.000 vcadmin@vcg1-example:~$
If the offset is incorrect, use the following commands to update the NTP offset.
sudo systemctl stop ntp sudo ntpdate <server> sudo systemctl start ntp
- By default, a list of NTP Servers are configured in the
/etc/ntpd.conf
file. The Orchestrators on which DR need to be established must have Internet to access the default NTP Servers and ensure the time is in sync on both the Orchestrators. Customers can also use their local NTP server running in their environment to sync time.