In the event of appliance failure, the Edge enters bypass mode to avoid becoming a single point of failure in your network. If you want optimization to continue in the event of appliance failure, you can deploy redundant appliances as failover buddies.

For details about failover redundancy, see the SteelHead Deployment Guide.

For a physical in-path failover deployment, you configure a pair of appliances: one as a master and the other as a backup. The master appliance in the pair (usually the appliance closest to the LAN) is active and the backup appliance is passive. The master appliance is active unless it fails for some reason. The backup is passive while the master is active and becomes active if either the master fails or the master reaches its connection limit and enters admission control status. A backup appliance does not intercept traffic while the master appliance is active. It pings the master appliance to make sure that it is alive and processing data. If the master appliance fails, the backup takes over and starts processing all of the connections. When the master appliance comes back up, it sends a message to the backup that it has recovered. The backup appliance stops processing new connections (but continues to serve old ones until they end).

For an out-of-path failover deployment, you deploy two server-side appliances and add a fixed-target rule to the client-side appliance to define the master and backup target appliances. When both the master and backup appliances are functioning properly, the connections traverse the master appliance. If the master appliance fails, subsequent connections traverse the backup appliance.

The master appliance uses an Out-of-Band (OOB) connection. The OOB connection is a single, unique TCP connection that communicates internal information only; it does not contain optimized data. If the master appliance becomes unavailable, it loses this OOB connection and the OOB connection times out in approximately 40 to 45 seconds. After the OOB connection times out, the client-side appliance declares the master appliance unavailable and connects to the backup appliance.

During the 40 to 45 second delay before the client-side appliance declares a peer unavailable, it passes through any incoming new connections; they are not blackholed.

While the client-side appliance is using the backup appliance for optimization, it attempts to connect to the master appliance every 30 seconds. If the connection succeeds, the client-side appliance reconnects to the master appliance for any new connections. Existing connections remain on the backup appliance for their duration. This is the only time (immediately after a recovery from a master failure) that connections are optimized by both the master appliance and the backup.

If both the master and backup appliances become unreachable, the client-side appliance tries to connect to both appliances every 30 seconds. Any new connections are passed through the network unoptimized.

In addition to enabling failover and configuring buddy peering, you must synchronize the RiOS data stores for the master-backup pairs to ensure optimal use of SDR for warm data transfer. With warm transfers, only new or modified data is sent, dramatically increasing the rate of data transfer over the WAN.