Recover From a Split-Brain Condition
To resolve a split-brain condition, debug your network issues and then restore connectivity between the WildFire HA pair. WildFire appliance clusters automatically attempt to recover from split-brain conditions, but if those measures fail, you must manually initiate the recovery process.
- Verify that your network is operating normally
and that the WildFire appliance is transmitting and receiving traffic.
- Enable the ability to ping on a WildFire
- Enable ping on a specific appliance interface—set deviceconfig system <interface_number> service disable-icmp no
- Enable ping on all appliance interfaces—set deviceconfig system service disable-icmp no
- Generate ping traffic from a WildFire interface to
an external device. Verify that the received and transmitted counters
increment.ping source <wildfire-interface-ip> host <destination-ip-address>
- Enable the ability to ping on a WildFire appliance interface.
- Determine which WildFire appliance is unhealthy. Refer to View WildFire Cluster Status Using the CLI or View WildFire Cluster Status Using Panorama to view the status of the appliance.
- Gracefully restart the unhealthy node using the
following command:request cluster reboot-local-nodeThe WildFire appliance that is rebooted should auto-enroll into the WildFire cluster it was configured for.The remaining controller node that is in split-brain mode must be in a healthy state.
- Wait for the Data
Migration to complete. Run show cluster membership and
refer to Application status to view
the status of the database merge. After the data merge is complete,
it displays readyleader:
Application status: wildfire-apps-service: Stopped global-db-service: DataMigrationThe duration of a data merge depends on the amount of data stored on the WildFire appliance. Be sure to allot at least several hours for recovery as the data merge can be a lengthy process.
- Verify the status of the cluster on Panorama or through the WildFire appliance CLI.
Troubleshoot WildFire Split-Brain Conditions
Troubleshoot WildFire Split-Brain Conditions A WildFire 2-node HA (high availability) cluster experiences a split-brain condition when a node (or both HA peers) believes the other ...
WildFire Application States
WildFire Application States The WildFire appliance operates a series of internal applications to manage and coordinate processing of sample data. These applications and their requisite ...
Determine if the WildFire Cluster is in a Split-Brain Condi...
Determine if the WildFire Cluster is in a Split-Brain Condition When the appliances in a WildFire 2-node cluster enter a split-brain condition, the service failure(s) ...
WildFire Appliance Cluster Management
WildFire Appliance Cluster Management To manage a WildFire appliance cluster, you need to know the capabilities of clusters and management recommendations. Category Description Cluster operation ...
Deploy a WildFire Cluster
Deploy a WildFire Cluster To deploy a WildFire appliance cluster you must upgrade all of the appliances that will be enrolled into the cluster, create ...
Configure a Cluster and Add Nodes on Panorama
Configure a Cluster and Add Nodes on Panorama Before configuring a WildFire appliance cluster from Panorama, you must upgrade Panorama to 8.0.1 or later and ...
Add Standalone WildFire Appliances to Manage with Panorama
Add Standalone WildFire Appliances to Manage with Panorama You can manage up to 200 WildFire appliances with a Panorama M-Series or virtual appliance. The 200 ...
What Causes a Split-Brain Condition?
What Causes a Split-Brain Condition? A split-brain condition is a corrective response to a single node failure of 2-node clusters, in which the WildFire high-availability ...
WildFire Appliance Clusters
WildFire Appliance Clusters Beginning with this release, you can now configure and manage up to twenty WildFire appliances as a WildFire appliance cluster on a ...