• High Availability
  • About High Availability
    • High Availability Terminology
    • High Availability Modes
    • High Availability Encryption
    • Crash Detection
    • Virtual MAC Address
    • Dynamic WAN Interfaces with PPPoE HA
    • Stateful Synchronization with DHCP
    • Stateful Synchronization with DNS Proxy
    • About HA Monitoring
  • About Active/Standby HA
    • Benefits of Active/Standby HA
    • Working of Active/Standby HA
  • About Stateful Synchronization
    • Benefits of Stateful Synchronization
    • How Does Stateful Synchronization Work?
    • Example of Stateful Synchronization
  • Active/Standby and Active/Active DPI Prerequisites
    • Supported Platforms and Licensing for HA
    • Physically Connecting Your Security Appliances
    • Connecting the Active/Active DPI Interfaces for Active/Active DPI
  • Maintenance
    • Removing an HA Association
    • Replacing a SonicWall Security Appliance
      • Replacing an HA Primary Unit
      • Replacing an HA Secondary Unit
• High Availability Status
  • Active/Standby High Availability Status
    • High Availability Status
    • High Availability Config
    • High Availability Licenses
• Configuring High Availability
  • Configuring Active/Standby High Availability Settings
  • Configuring HA with Dynamic WAN Interfaces
  • Configuring Network DHCP and Interface Settings
    • Disabling the SonicOS DHCP Server
    • Configuring Virtual IP Addresses
    • Configuring Redundant Ports
• Fine Tuning High Availability
  • Advanced Settings
  • Configuring Advanced High Availability Settings
• Monitoring High Availability
  • Configuring Active/Standby High Availability Monitoring
  • IPv6 High Availability Monitoring
  • IPv6 HA Monitoring Considerations
• SonicWall Support
  • About This Document

Example of Stateful Synchronization

In case of a failover, the following sequence of events occurs:

1. A PC user connects to the network, and the Primary Security Appliance creates a session for the user.
2. The Primary Security Appliance synchronizes with the Secondary Security Appliance. The Secondary now has all of the user’s session information.
3. The administrator restarts the Primary unit.
4. The Secondary unit detects the restart of the Primary unit and switches from Standby to Active.
5. The Secondary Security Appliance begins to send gratuitous ARP messages to the LAN and WAN switches using the same Virtual MAC address and IP address as the Primary Security Appliance. No routing updates are necessary for downstream or upstream network devices.
6. When the PC user attempts to access a Web page, the Secondary Security Appliance has all of the user’s session information and is able to continue the user’s session without interruption.