Client-side failover

AxoSyslog can detect if the remote server of a network destination becomes inaccessible, and start sending messages to a secondary server. You can configure multiple failover servers, so if the secondary server becomes inaccessible as well, AxoSyslog switches to the third server in the list, and so on. If there are no more failover servers left, AxoSyslog returns to the beginning of a list and attempts to connect to the primary server.

The primary server is the address you provided in the destination driver configuration and it has a special role. AxoSyslog nominates this destination over the failover servers, and handles it as the primary address.

When AxoSyslog starts up, it always connects to the primary server first. In the failover() option there is a possibility to customize the failover modes.

Depending on how you set the failback() option, AxoSyslog behaves as follows:

  • round-robin mode: If failback() is not set, AxoSyslog does not attempt to return to the primary server even if it becomes available. In case the failover server fails, AxoSyslog attempts to connect the next failover server in the list in round-robin fashion.

    In the following example AxoSyslog handles the logservers in round-robin fashion if the primary logserver becomes inaccessible (therefore failback() option is not set).

        destination d_network {
             network(
                  "primary-server.com"
                  port(601)
                  failover( servers("failover-server1", "failover-server2") )
        );  
        };
    
    • failback mode: If failback() is set, AxoSyslog attempts to return to the primary server.

      After AxoSyslog connects a secondary server during a failover, it sends a probe every tcp-probe-interval() seconds towards the primary server. If the primary logserver responds with a TCP ACK packet, the probe is successful. When the number of successful probes reaches the value set in the successful-probes-required() option, AxoSyslog tries to connect the primary server using the last probe.

      In the following example AxoSyslog attempts to return to the primary logserver, as set in the failback() option: it will check if the server is accessible every tcp-probe-interval() seconds, and reconnect to the primary logserver after three successful connection attempts.

          destination d_network_2 {
               network(
                    "primary-server.com"
                    port(601)
                    failover( 
                  servers("failover-server1", "failover-server2")
                         failback(
                              successful-probes-required()
                              tcp-probe-interval()
                         )
                    )
          );  
          };
      

If AxoSyslog is restarted, it attempts to connect the primary server.

If AxoSyslog uses TLS-encryption to communicate with the remote server, AxoSyslog checks the certificate of the failover server as well. The certificates of the failover servers should match their domain names or IP addresses — for details, see Encrypting log messages with TLS. Note that when mutual authentication is used, the AxoSyslog client sends the same certificate to every server.

The primary server and the failover servers must be accessible with the same communication method: it is not possible to use different destination drivers or options for the different servers.

For details on configuring failover servers, see network() destination options and syslog() destination options.

Last modified October 29, 2023: Create manpages (#34) (9534f54)