------------------ Original ------------------
From: "Jakub Hrozek";<jhro...@redhat.com>;
Date: Mon, Jan 9, 2017 07:04 PM
To: "Matrix"<matrix...@qq.com>;
Cc: "freeipa-users"<freeipa-users@redhat.com>;
Subject: Re: [Freeipa-users] ipa_server and ipa_backup_server failover time
(please keep CC-ing the list..)
On Mon, Jan 09, 2017 at 04:39:04PM +0800, Matrix wrote:
> Sorry, i did not trigger authentication at all. Just to check sssd logs.
> around 15 minutes later, I saw below messages shown:
>
> (Mon Jan 9 01:46:35 2017) [sssd[be[fwmrm.net]]] [fo_set_port_status]
> (0x0100): Marking port 0 of server 'ipa02.example.com' as 'working'
>
> Re-check it with authentication, failover will be happened immediately.
Yes, then that is expected, the identity lookup was probably answered from
the cache.
>
> >> No, sorry, the timeouts for switching between back up and primary
> >> servers are hardcoded.
>
> May I know how long it will take for worst case?
> Seems to be 30 minutes:
>
> https://github.com/SSSD/sssd/blob/master/src/providers/data_provider_fo.c#L49
It should be 30 seconds? 30 min is too long. and in man page, has been
explained as 30 seconds
Matrix
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project