------------------ Original ------------------
From:  "Jakub Hrozek";<jhro...@redhat.com>;
Date:  Mon, Jan 9, 2017 07:04 PM
To:  "Matrix"<matrix...@qq.com>; 
Cc:  "freeipa-users"<freeipa-users@redhat.com>; 
Subject:  Re: [Freeipa-users] ipa_server and ipa_backup_server failover time

(please keep CC-ing the list..)

On Mon, Jan 09, 2017 at 04:39:04PM +0800, Matrix wrote:
> Sorry, i did not trigger authentication at all. Just to check sssd logs. 
> around 15 minutes later, I saw below messages shown:
> (Mon Jan  9 01:46:35 2017) [sssd[be[fwmrm.net]]] [fo_set_port_status] 
> (0x0100): Marking port 0 of server 'ipa02.example.com' as 'working'
> Re-check it with authentication, failover will be happened immediately. 

Yes, then that is expected, the identity lookup was probably answered from
the cache.

> >> No, sorry, the timeouts for switching between back up and primary
> >> servers are hardcoded.
> May I know how long it will take for worst case? 

> Seems to be 30 minutes:
> https://github.com/SSSD/sssd/blob/master/src/providers/data_provider_fo.c#L49

It should be 30 seconds? 30 min is too long. and in man page, has been 
explained as 30 seconds

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to