ISE Primary/Secondary max latency

Similar Messages

• Generating license for ISE high availability primary/secondary nodes

  We have two ISE servers that will act as primary/secondary in a high availability setup.
  The ISE 1.0.4 installation guide, page 93, mentions that "If you have two Cisco ISE nodes configured for high availability, then you must include both the primary and secondary Administration ISE node hardware and IDs in the license file."
  However, after entering the PAK in the licensing page, the only required fields are:
  - Primary Product ID
  - Primary Version ID
  - Primary Serial No
  In this case, how can i include both primary and secondry HW and IDs?
  Thanks in advance.

  I am refering you a Cisco ISE Nodes for High Availability configuration guide, Please check:
  http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_dis_deploy.html#wp1128454

• How do I calculate the max latency of a PXI 8135 (controlle​r) to PXI 6528 (DIO) output?

  We are using a PXIe- 8135 Controller and a PXI-6528 DIO module in a PXIe-1082 chassis.  We are sending DIO input and output commands using Powershell in Windows 7 on the controller.  Due to tight requirements I need to know what is the max latency from when the Powershell command is issued to when the read input or write output command will take place in the DIO I/Os.
  If this should be in a different Community Board Location please let me know.
  Thanks for the help in advance,
  Dan_F

  Hello dan_f,
  As the latency of Powershell and Windows are not tested, it is hard to determine the latency of your setup.  The latency from the PXIe-8135 to the PXI-6528 should be in the realm of nanoseconds.  The PXI-6528 does have a couple of latency numbers that can be found within the user manual on Page 24, and they are as follows:
  Minimum pulse-width for change detection - 150 µs
  Propagation delay - 65 µs, typical
  You may be able to do some testing to ballpark the latency of the controller OS/software side of the input/output commands, but depending on how critical this latency is to your measurements, you may want to look into using a real-time OS instead.
  Chris H
  Applications Engineer
  National Instruments

• OPS에서 PRIMARY/SECONDARY INSTANCE 개념 및 구성

  제품 : ORACLE SERVER
  작성날짜 : 2004-08-13
  OPS에서 PRIMARY/SECONDARY INSTANCE 개념 및 구성
  ========================================
  PURPOSE
  OPS를 이용하는 고객 중에는 OPS를 primary와 secondary 형태로 사용하는 경우가
  종종 있다. 즉 OPS 2 node로 구성하여 평상 시에는 한쪽 node만을 사용하다가,
  사용하던 node나 instance에 fail이 발생하면 문제가 없는 다른 node의 instance를
  이용하는 것이다.
  이러한 경우의 고객의 입장에서는 평소 한쪽 instance만을 사용하기 때문에,
  다른 쪽 instance에는 memory 등의 접근이 전혀 없을 것으로 생각한다. 그러나
  실제 OPS에서 각 resource의 master node는 hash 형태로 고정된 것으로 node 별로
  균등하게 나누어진다. 그러므로 data block 절반은 사용하지 않은 다른 node가
  master node가 되어 해당 block buffer의 lock 정보 등을 위해 master 정보를
  확인할 때 backup 형태로 standby하고 있는 다른 node를 계속해서 접근하게 된다.
  이러한 문제점을 보완하기 위해서 Oracle 8.1.6부터는 Primary/Secondary 형태로
  OPS를 구성하여 primary node에 모든 resource의 master 정보를 유지하는 것이
  가능하도록 하였다.
  SCOPE
  Oracle Parallel Server(OPS) Option은 8~9i Standard Edition에서는
  지원하지 않는다.
  Explanation
  Primary/Secondary 구성은 기본적으로 각 node의 initSID.ora file에
  active_transaction_count=1을 지정함으로써 이루어진다.
  이렇게 지정한 상태에서 먼저 start시키는 instance가 primary가 되는 것이다.
  primary instance가 fail이 되면 secondary instnace가 다시 primary가 된다.
  client의 접속은 listener를 통해 primary instance로 접속되어진다.
  MTS와 dedicated mode 둘 다 구성 가능하며, dedicated인 경우는 dynamic
  registration 형태로 구성되어야 한다.
  이 예에서는 mts의 경우는 특별히 주의할 점이 없기 때문에 dynamic registration
  형태로 구성된 dedicated mode에서 test하였다.
  client에서는 primary instance fail 후 secondary instance 접속 시에도, primary
  접속 시 이용한 동일한 tnsnames.ora 내의 service 명을 이용하면 된다.
  단, 이와 같이 active_instance_count가 1로 설정된 상태에서는, session의 끊김없이
  다른 instance로 fail-over되는 TAF(Transparent Failover)가 현재 test 결과 불가능
  하였다.
  TAF 구성이 반드시 필요한 환경에서는 OPS의 한 node를 backup 용으로 사용하고자
  할 때에도 active_instance_count 지정없이 사용하도록 권한다.
  이러한 구성에서 secondary node의 경우 standby db처럼 단지 backup 용으로
  대기만 하고 있어야 하는 것은 아니고 직접 server에서 접속하여 batch 성
  transaction같은 것을 수행하여도 문제가 없다. 단 telnet 등을 이용해 server로
  직접 login 후 instance로 접속하여야 한다.
  Example
  이 test는 Oracle 8.1.7.4/Sun solaris 2.8에서 test되었다.
  (1) initSID.ora
  - A node의 initSID.ora
  active_instance_count = 1
  service_names=INS1, DB1
  local_listener="(address=(protocol=TCP)(host=krtest1)(port=1521))"
  - B node의 initSID.ora
  active_instance_count = 1
  service_names=INS2, DB1
  local_listener="(address=(protocol=TCP)(host=krtest2)(port=1521))"
  service_names는 여러 개를 지정 가능한데, 중요한 것은 두 node가 공통으로
  사용할 service name 한 가지는 반드시 지정하여야 한다.
  일반적으로 db_name을 지정하면 된다.
  host= 부분은 hostname이나 ip address를 지정하면 된다.
  (2) listener.ora
  LISTENER =
  (DESCRIPTION =
  (ADDRESS =
  (PROTOCOL = tcp)
  (HOST = krtest1)(PORT= 1521)))
  B node에서는 krtest1 대신 b node의 hostname 혹은 ip address를 지정하면
  된다.
  MTS라면 뒤에 sid_list_listener를 적으셔도 상관없는데, dedicate인 경우는
  반드시 이와 같이 sid_list_listener없이 지정하여 dynamic registration이
  되도록 해야 한다.
  (3) tnsnames.ora
  ops =
  (description =
  (load_balance=off)
  (address=(protocol=tcp)(host=krtest1) (port=1521))
  (address=(protocol=tcp)(host=krtest2) (port=1521))
  (connect_data = (service_name = DB1)))
  ops라는 service 명은 임의의 이름으로 지정하여 사용하면 된다.
  primary instance가 fail이 되면 같은 ops라는 service 명을 이용하여 다시
  접속을 시도하면 이번에는 secondary instance가 primary로 변경되어
  접속이 이루어진다.
  Reference Documents
  none

• Setting up Primary/Secondary DNS in Weblogic

  Hi,
  Can we setup primary & secondary DNS IP in Weblogic server? .. Please provide some reference.
  Regards,
  NC

  You will also need to add the name of the secondary server in your domain name server list (where you registered your domain)
  Note necessarily. If this is only serving your LAN then you need to tell your LAN clients about this server, but entering this server's address in their DNS servers field (which may be populated via DHCP if you're using that).
  You only need to register the domain if you're serving public DNS to external clients but I'm guessing that's already handled elsewhere.

• Cisco ASA - Invert primary/secondary

  Hello
  This is my first post in this forum.
  I haven't found an answear to my issue, so I decided to open a new discussion
  We take care of 2 Cisco ASA 5580 (primary/secondary) working as usual (active/standby). Image version 8.2.5.
  Today I found that the firewall that has been supposed to rule as primary, actually has been the secondary and vice-versa.
  How can I configure (and what's the impact, as they are active im customer/business environment) to invert the situation: the primary become the secondary and the secondary become the primary.
  I'm not talking about to perform a failover, but a config to fix that confusion with roles.
  Regards
  Christian

  Hi,
  Welcome to the CSC
  Since we are talking about an Active/Standby ASA Failover environment then configuring the "primary" and "secondary" in the "failover" configurations of the ASAs doesnt to my understanding have much meaning to the firewall operation other than deciding which becomes Active WHEN they BOTH boot at the same time.
  If we for example have the below situation
  We have ASA1 and ASA2 in Active/Standby Failover
  ASA1 is configured as "primary" and ASA2 is configured as "secondary"
  ASA1 is originally the Active unit and ASA2 the Standby unit
  Now lets assume that either ASA1 boots or becomes Standby because of one of its interfaces failing THEN to my understanding there is NO mechanism in the Active/Standby Failover that would return the Active role back to the ASA1 when it becomes operational.
  However in the case of Active/Active Failover its possible to configure a "preempt" parameter that defines that the unit that you have decided as the Active unit will return to Active role after network outage after a configured perioid of time. This is NOT possible on Active/Standby.
  So in normal networking operation to my understanding the only way to really keep the preferred physical ASA as Active is to monitor the Failover and manually set the original physical ASA Active if there has been a failover.
  There doesnt seem to be any automatic mechanism for the Active role to return to the original Active physical ASA.
  IF you are just talking about changing the commands "failover lan unit primary" and "failover lan unit secondary" to the correct physical ASAs THEN sadly I can't say for sure (without testing) what effect configuring those commands have (when changing them around). I'd presume that changing these wont have any effect on the operation of the firewall as in production they DONT actually decide which unit STAYS Active
  According to the Command Reference of 8.2 software the default setting is Secondary
  I imagine you could possibly do the following (But cant say for 100% certainty without testing it myself)
  remove the possible configuration "failover lan unit secondary" from the other unit
  remove the "failover lan unit primary" from the other unit
  configure the "failover lan unit primary" on the correct unit
  And finally if you want configure the other unit with the "secondary" option (even though the default setting should be secondary according to the command reference)
  Maybe I'll try to check if I have a identical Failover pair of ASA (physical) to test this out for you.
  Heres link to the Command Reference for 8.2 software and the command "failover lan unit"
  http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/ef.html#wp1930580
  Hope the information was helpfull.
  - Jouni

• Cisco 5508 HA VS Primary/Secondary- Feedback

  Anyone having issues with 5508 HA switching between the pair? Would you say that the Primary/secondary fail over is good enough?

  Hi Leo, Scott
  So I was doing a bit more reading on this http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/69639-wlc-failover.html it is an old document but working through it the document suggested that you didn't need to specify the IP address of the Primary or Secondary controller in the Wireless -> All AP -> AP_NAME -> High Availability. I removed this from one of the APs that was at the time serving no clients and tried to move it to the secondary and it worked. I then moved it back to the primary and it worked again.
  Any reason why this would happen? The IP addresses I was using were 100% correct. The only difference I see for this controller as opposed to others we manage is the introduction of new interface types i.e. 'redundancy management' , 'redundancy port' ,etc. I do not have redundancy enabled so I'm guessing not, but having trawled through the configuration this is the only difference I can see?

• Primary, Secondary and Tertiary Pass

  Dear OTN Members:
  I am working on Locale builder utility for the development of URDU locale. As u all must have
  been aware there are 4 options (language definition, territory definition, character set,linguistic sorting). I have configured the first two options (language definition, territory definition) working on third option(Character set) and will move on the linguistic sorting in just couple of hours.
  I have to develop a multilingual locale in URDU. I checked GENERIC_M locale in Locale builder
  and tried to understand its development technique But unable to grab anything from it.
  I am workign on the option "UNICODE COLLATION SEQUENCE" present in Linguistic sorting. But in this
  screen a tree has been made comprises of Primary, Secondary and Tertiary Pass.
  Will any one have this idea that
  1)
  "How this tree of primary, secondary and tertiary pass be
  made in any English"
  2)
  How this sort of tree can be configured in Arabic / Urdu language
  Plz reply soon..
  REgards
  SAlman

  1)
  "How this tree of primary, secondary and tertiary pass be
  made in any English"
  There is a white paper on OTN that explains this:
  http://otn.oracle.com/tech/globalization/pdf/TWP_Sorting_10gR1.pdf
  2)
  How this sort of tree can be configured in Arabic / Urdu language
  That's a tough one because there doesn't seem to be a standard for Urdu sorting. Probably modifying GENERIC_M for whatever your requirements are is best.

• Simultaneous Primary & Secondary MARS design soultion

  Hi,
  How can we implement & design the primary & secondary MARS appliances simultaneously in our production environment?
  I've read from the PDFs that an NAT device needed or the primary one should be shutdown while the secondary MARS restoring from the NAS storage.
  The shutting down solution is not accepted from our patron, but the NAT solution ... how to implement & design?
  Our primary MARS eth0 = 10.85.38.1/24
  Our primary MARS eth1 = 10.85.40.1/24
  Our NAS storage is at 10.85.40.100/24
  where the NAT & Secondary MARS to implement?
  The important is our patron wants to access both specific history & realtime data at the same time.

  Dear ...
  Here are our production scenarios:
  1.) 2 ASA5580-40 appliances in the Active/Standby failover mode.
  2.) ASA5580-40 only permits the primary MARS appliance for SNMP query & Syslog delivering.
  3.) 2 MARS55 appliances have their own IP address & hostname
  4.) Primary & secondary MARS55's eth0 & NAS storage NIC1 are all at the same subnet-1.
  5.) Primary & secondary MARS55's eth1 & NAS storage NIC2 are all at the same subnet-2.
  6.) Primary MARS55 exports the archiving data to the NAS storage with :/MARS shared folder.
  When time goes by, the queriable data from the primary MARS55 purged and there is a need to investigate & analyze the past purged data from the NAS storage.
  At that time, we shouldn't shutdown the primary MARS55 for the restoring purpose.
  That means the primary MARS55 should still process the real time log analysis for the production ASA5580-40.
  Now we can use the same NAS shared folder (:/MARS) for the restoring data to the secondary MARS55.
  After testing, we can query & analyze the real time data from the primary MARS55 and the past purged data (e.g., Syslog Raw Message data) from the secondary MARS when need it.
  Of course, at that time, the SNMP traffic will increase a little but no drastic Syslog traffic occur (because we won't modify the ASA5580-40 syslog & SNMP configuration at all)
  FYI ~

• ASA primary/secondary downgradation impact

  In a primary/secondary setup of ASA for remote VPN what will be the impact of service during downgrading the ASA firmware from 8.0.3(19) to 8.0(3). Can we do the activity with out disruption in service? Appreciate your inputs.

  Hi,
  I have replied with the downgrade procedure in your other post.
  If you have Remote VPN, there is no way to do it without a service interruption.
  Even in a normal fail over scenario (from the primary to the secondary) all the remote VPN users will be disconnected and they will need to manually re-connect.
  Please rate if this helped.
  Regards,
  Daniel

• Primary & Secondary Languages?

  Hi,
    What is the differentce between primary and Secondary langues with inheritence and current langues?
  Thanks In advance
  Vijay

  hi,
  Primary & secondary languages:
  Repository can be maintained in multiple languages. In the console we will define in how many languages repository is maintained ( 3 0r 4 languages), you can maintain N number of language layers. when ever you are logging into the repostory using language English, if it is not maintained it will be opened in other language in the order you maintained in the repository.  we can compare the data in different languages, colour coding.
  MDM multilingual support fully addresses all of the requirements for multiple languages side-by-side within a single MDM repository. It starts with an end-to-end Unicode implementation that supports both Western and Eastern languages, reflects a data model with multiple language layers that avoids data duplication while ensuring data
  integrity, and features an innovative user interface that offers flexibility and efficiency during the entry, editing, browsing, and publishing of multilingual data.
  An individual MDM repository can be defined as storing data for an effectively unlimited number of languages, chosen from a list of languages and locales recognized by the system (e.g. English [US] and English [UK]), including both western European and Eastern languages.
  follow these links:
  http://help.sap.com/saphelp_mdm550/helpdata/en/43/e0dbe6b4310a29e10000000a11466f/frameset.htm
  http://help.sap.com/saphelp_mdm550/helpdata/en/43/e0dbe6b4310a29e10000000a11466f/frameset.htm
  hope this may help you,
  regards,
  srinivas

• Primary secondary syslog

  hello ,
  We have multiiple syslog server in our network , I was adding 6509 switch to send logs to these server .
  I want to configure them in primary secondary mode  cant find command to make one syslog primary and second secondary . as I dont want to send logs to secondary syslog when primary is avaiable

  Amit
  I don't think you can do this. I think you have to send the syslog messages to both servers.
  In fact this would be what you want. Imagine if the main syslog server crashed and you needed to see the logs before and after the server crashed. If you set it up the way you want then the secondary server would only have syslog messages after the primary server had crashed so you would not get the full picture.
  I appreciate it means more network traffic but it would better, in my opinion, to have both syslog servers logging all messages all of the time.
  Jon

• Primary/Secondary Skills

  Hi All,
  Is it possible to delimit Primary/Secondary Skills in IT0024?
  Thanks,
  Ranjith.

  Have a look at one of these programs as you don't appear to be able to do this within IT24.
  Try then out in your test system first.
  RHGRENZ1          - Set new End Dates
  RHGRENZ2      - Delimit Infotypes
  RHGRENZ4     - Set New End Dates     
  RHBEGDA0          - Set New Start Dates
  Regards
  J

• CAPWAP Primary/Secondary/Tertiary Question

  After going to the High Availability Tab in the WLC GUI and setting the primary, secondary, and tertiary, how do you see that in the CLI in the AP?
  I tried using show capwap ip config, it doesn't show any entries at all?
  And also, is there a command to do that in the CLI in the AP?  to set the primary, secondary, and tertiary?
  Thank you.

  "ou need to run th config ap... from a WLC.  You have autonomous AP's so  you need to convert them to LWAPP and you also need a WLC to do this."
  It's been converted to LWAPP, but haven't joined a WLC yet.
  What I wanted to do was configure a primary, secondary before joining it to a WLC.
  Because what I would of done is first have it join a controller, then go into the GUI and change the HA (High Availablilty) and add the primary/secondary controllers. 
  Thought if I could skip the first step and try to configure it from the AP.

• Problem with primary/secondary keys in table with included structures

  Dear ABAPers,
  we have a structure which is supposed to be included in the definition of several tables.
  The problem is the following:
  depending on the application table that includes this structure, 3 or 4 fields of that structure may
  or may not be necessary to enhance the table key. As far as I know included structures can only
  completely be marked as keys. Therefore I suggested to split up the structure into two parts,
  one part with the possible candidates that may become key fields, and the rest, and of course
  a structure that unites both of these substructures. So when it comes to reusing this structure
  the developer would have the choice to select the structure with all of the fields in case no field
  is needed as additional key, or the developer would have to implement both of the substructures
  separately with the option to mark the key-part of it as key in his table.
  But unfortunetaly this suggestion of mine was refused as being too complicated and I am supposed
  to define all the fields in one flat structure and to "enhance" the primary keys (that always will exist)
  by secondary keys.
  Does anybody know how that is supposed to work without defining double indexes?
  I cannot activate a table without having primary keys defined and any unique secondary index would
  allways include all of the primary keys.
  Thanks in advance for you help
  (I'm sorry that you cannot be granted reward points for just reading the extensive problem description)
  regards
  Andreas

  Dear Rob,
  since your answer was helpful and since it was the only one I will grant you full points on that.
  Thanks again for your input. In case other developers should look this thread up being confronted
  with the same kind of problem, here is how we solved it:
  We added an artificial primary key (a number of type NUMC 8) to the table which is supposed to
  include the structure. This key alone takes care of the uniqueness of eacht entry.
  All the others fields that we want to have available for a fast direct access, including the ones
  from the included structure, are put together in a secondary index.
  best regards
  Andreas