[snip] > >> "Failover" is the event where a one member takes over some load from > >> some other member. In a hot standby cluster, this hapens when a > >> standby memeber becomes active due to a failure of the former active > >> member, or because of an administrator command. In a load sharing > >> cluster this usually happens because of a failure of one of the > >> members, but certain load-balancing technologies may allow a > >> particular load (an SA) to move from one member to another to even > >> out the load, even without any failures. > > > > The parenthetical "an SA" implies that SAs are never shared between > > members. I suggest that the initial definition of "cluster" mention > > whether we expect IKE and IPsec SAs to be shared between members. > > That is not part of terminology. It's mentioned in section 3. How about I > change the parenthetical remark to "such as all the flows associated with a > particular SA" ?
OK, with a nit: "such as all the flows associated with a particular IKE SA". > > >> "Loose Cluster" is a cluster where each member has a different IP > >> address. Peers find the correct member using some method such as DNS > >> queries or [REDIRECT]. > > > > Upon failure, members' IP addresses are reallocated to other members. > > They are? > > OK, not necessarily (but it's one reasonable way to reduce the fail-over time): Upon failure, members' IP addresses may be reallocated to other members. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
