Failover and failback
Failover is a process that stops replication on a link and results in a situation in which, for read-write access:
- For an active/active link, applications should use only the HCP system to which the link was failed over
- For an active/passive link, applications should use only the replica
Typically, you fail over a link when one of the systems involved in the link becomes unavailable. With an active/passive link, this system must be the primary system. You don’t need to fail over the link when the replica fails.
You can fail over a link while both systems are available. You might do this, for example, if you need to shut down one of the systems for maintenance.
Depending on the link configuration, failover either is a manual procedure or occurs automatically. When automatic failover is enabled for a link, the link fails over automatically after the applicable system is unavailable for a specified amount of time.
You enable or disable automatic failover separately for each system involved in an active/active link. For an active/passive link, you enable or disable automatic failover only for the replica.
Failback is the process that restarts replication on a link that has been failed over and returns the HCP systems involved in the link to normal operation. Typically, you fail back a link when an unavailable system becomes available again.
If connectivity was lost between the two systems involved in a failed-over link, before failback can occur, connectivity must be restored. Connectivity exists when the network infrastructure through which the two systems communicate is healthy and the applicable SSL server certificates have been shared between the two systems.
In a disaster recovery situation in which the system that became unavailable has been rebuilt, the link no longer exists on that system. In this case, before failback can occur, the link must be restored to the rebuilt system.
With an active/active link, failback is a manual procedure. With an active/passive link, the failback procedure can be partially automated.