Re: [IPsec] Issue #177. (was: HA/LS terminology)

"Dan Harkins" <> Wed, 24 March 2010 01:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 01FCC3A6BD1 for <>; Tue, 23 Mar 2010 18:05:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.535
X-Spam-Status: No, score=-2.535 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1DhtLSfiFxou for <>; Tue, 23 Mar 2010 18:05:32 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E424C3A6BB2 for <>; Tue, 23 Mar 2010 18:05:32 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id 03AF91022404A; Tue, 23 Mar 2010 18:05:52 -0700 (PDT)
Received: from (SquirrelMail authenticated user by with HTTP; Tue, 23 Mar 2010 18:05:52 -0700 (PDT)
Message-ID: <>
In-Reply-To: <>
References: <> <> <> <> <> <>
Date: Tue, 23 Mar 2010 18:05:52 -0700 (PDT)
From: "Dan Harkins" <>
To: "Yoav Nir" <>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: Rodney Van Meter <>, "" <>, Melinda Shore <>
Subject: Re: [IPsec] Issue #177. (was: HA/LS terminology)
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 24 Mar 2010 01:05:34 -0000


  "hot standby" implies a box sitting ("hot") twiddling its thumbs doing
little but waiting for another box to fail ("standby"). It's the VRRP

  There is a HA model which supports dynamic load balancing as well as
active session failover. Nodes in such a cluster are not "standby". They
each have loads that they can shed and add to based upon some heuristic.
A neat attribute of such a system is that an IPsec SA can be established
on node A, move to node B after a while, and come back to A some time
later without any actual node failure. State moves around to keep the
cluster balanced.

  I would very much prefer "session failover" to "hot standby" and a
mild preference of "load balancing" over "load sharing". An HA model
doing VRRP could be termed "session failover" but the HA model described
above really can't be called "hot standby". And load can be shared but
just sharing a load can result in a mis-balanced cluster if sessions on
one node terminate naturally and it sits doing little while another node
whose sessions haven't terminated is huffing-and-puffing. Balancing can
imply sharing but not vice versa.



On Tue, March 23, 2010 2:43 pm, Yoav Nir wrote:
> On Mar 23, 2010, at 2:31 PM, Melinda Shore wrote:
>> On Tue, March 23, 2010 1:20 pm, Yoav Nir wrote:
>>> - For the cluster with just one member doing IKE and IPsec, I propose
>>> "hot-standby cluster"
>>> - For the cluster with several members doing IKE and IPsec, I propose
>>> to
>>> keep "load-sharing cluster"
>> I think "failover" is in broader use than "hot standby"
>> and would tend to prefer it myself, but I think either is clear.
>> Melinda
> I did not want to use "fault tolerant" because some would take that term
> is broad and sometimes taken to mean things I would not like to specify,
> like RAID arrays, and dual power supplies.  I don't think we should use
> this item to mandate that the two cluster members should not be connected
> to the same power strip.
> Anyway, "failover cluster" is OK, except that we've already used
> "failover" to describe an event that happens to both types of clusters.
> So I think we can stay with "hot standby" and "load sharing"
> Yoav
> _______________________________________________
> IPsec mailing list