Cluster I/O Protocols (CIP) Configuration and Management Manual (H06.16+, J06.05+)
Failover Failure
When a CLIM-to-CLIM failover operation is started, the host tries to migrate the resources to the
failover interface and to the home interface alternately, separated by 10 seconds. If the resources
are successfully brought up on one of the interfaces, failover is complete. If the resources cannot
be brought up on either interface within 10 seconds, the failover has failed. Sockets using the
interface are marked to return an error to the application on the next or current socket call and
joined multicast groups are removed from the interface resources. The remaining resources, such
as IP addresses, become unavailable both to applications and to the external network.
If the resources end up on the same interface where they started, which might happen if the failed
interface comes back up quickly, it is still a failover operation and resources normally not preserved
across a CLIM-to-CLIM failover are lost.
After a failover failure, the host continues to try to migrate the remaining resources alternately to
the home or failover interfaces until it either succeeds or an SCF STOP or ABORT CLIM command
for the home CLIM is issued. When either the home or failover interface comes back up, the
resources migrate to that interface and become available again automatically.
CLIM Startup Behavior
If a CLIM crashes, it can lead to a failover, where all its interfaces are migrated to the failover
CLIM(s). If the failed CLIM subsequently boots up and brings all its interfaces to the UP state along
with the respective IP addresses, it could lead to a duplicate IP address conflict.
To avoid such scenarios, the CLIM boots in this manner:
• All the Data LAN interfaces are disabled (DOWN state) on startup. However, all interfaces
are initiated (drivers for such Ethernet cards loaded) and the bonding configuration is done.
• No IP addresses are assigned on any of the Data LAN interfaces. No tunnel configurations
are enabled/started.
• Only the Maintenance interfaces and maintenance Provider interfaces are enabled (UP state)
and have their IP addresses assigned.
• When an SCF START CLIM command is given on the host and the CLIM object goes to the
STARTED state, the host starts the home interface resources on the new CLIM if they do not
already exist on other CLIMs.
Interface Resource Migration
This section gives more details about how interface resources are treated during CLIM-to-CLIM
failover.
MAC Addresses
MAC addresses are associated with hardware and are not migrated. IPv6 addresses derived from
the home interface’s MAC address are migrated.
Sockets
How socket failover is performed depends on the socket state.
• No migration needed. Sockets not yet bound, bound to INADDR_ANY, or bound to a loopback
or multicast address and have not done a TCP or SCTP connect might be used to listen for
incoming connections or packets on addresses that exist in all the CLIMs of a Provider, so they
are replicated in all the CLIMs. Since the socket exists in all the CLIMs of the Provider, the one
in the failing CLIM can be allowed to go away without migration since copies exist in the
other CLIMs.
• Socket migrated. When a socket binds to a local address other than INADDR_ANY or a
loopback address, the copies in the CLIMs other than the one containing the local address
are removed, so the socket exists in only one CLIM. On failover, a new socket bound to the
The CIP Subsystem for Internet Protocols (IP CIP) 45