In the live network find when Eudemon8080 in two-node cluster Active - Active (not enabled session immediate backup) cases, the session number between master and slave have a difference about 200000-300000, and which session can't backup?
1, make sure the active/standby FW whether configure HRP mirror session enable command (whether enable session immediate backup), and the active/standby FW HRP synchronous state is normal or not
2, through elog to query, collect session record to analyze after two-node cluster HRP synchronize and do not enable session immediate backup, there are several types of message do not synchronize backup active/standby:
A, the session established when message to firewall itself will not make active/standby backup.
B, To some user Behavior only the first bag is UDP message (such as the Edonkey/Emule, Bittorrent), and then do not use UDP message to transmit data, this P2P behavior firewall will not make active/standby backup.
C, the session do not successfully complet TCP 3 way handshake will not make active/standby backup.
1, the session as long as complete TCP 3way handshake, or continuous hit session table UDP message will make active/standby backup.
2, when the user use P2P software, usually when first track seed (SEED, Torrent file), will use UDP message. When make sure the seed is Peer, will use TCP message to transfer data message. Suggest that can check session record of the firewall UDP message from the Elog, if find there are many UDP message stay in firewall in a very short time, it also means there are some UDP message of the above 2 (b) type exist in the live network, so lead to two-node cluster (Active - Active) appearing session number is inconsistent.