Configure fail-safe mode

In a high availability configuration, fail-safe mode ensures that one node is always primary when both nodes fail the health check. Fail-safe mode ensures that when a node is only partially available, backup methods can activate and can handle traffic.

You configure high availability fail-safe mode independently on each node.

The following table shows some of the fail-safe cases. The NOT_UP state means that the node failed the health check and yet the node is partially available. The UP state means that the node passed the health check.

Table 1. Fail-safe mode cases

Node A (primary) health state Node B (secondary) health state Default high availability behavior Fail-safe enabled high availability behavior Description
NOT_UP (failed last) NOT_UP (failed first) A (Secondary), B (Secondary) A (Primary), B (Secondary) If both nodes fail, one after the other, the node that was the last primary node remains primary.
NOT_UP (failed first) NOT_UP (failed last) A (Secondary), B (Secondary) A (Secondary), B (Primary) If both nodes fail, one after the other, the node that was the last primary node remains primary.
UP UP A (Primary), B (Secondary) A (Primary), B (Secondary) If both nodes pass the health check, no change in behavior with fail-safe enabled.
UP NOT_UP A (Primary), B(Secondary) A (Primary), B (Secondary) If only the secondary node fails, no change in behavior with fail-safe enabled.
NOT_UP UP A (Secondary), B(Primary) A (Secondary), B(Primary) If only the primary fails, no change in behavior with fail-safe enabled.
NOT_UP UP (STAYSECONDARY) A (Secondary), B (Secondary) A (Primary), B (Secondary) If the secondary is configured as STAYSECONDARY, the primary remains primary even if it fails.

To configure fail-safe mode

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand System and then click High Availability.
  2. In the details pane, on the Nodes tab, select a node and then click Edit.
  3. In the Configure Node dialog box, under Fail-Safe Mode, select Maintain one Primary node even when both nodes are unhealthy and then click OK.
Configure fail-safe mode