Stateful Synchronization is not load-balancing. It is an active-standby configuration where the Primary appliance handles all traffic. When Stateful Synchronization is enabled, the Primary appliance actively communicates with the Secondary to update most network connection information. As the Primary appliance creates and updates network connection information (VPN tunnels, active users, connection cache entries, etc.), it immediately informs the Secondary appliance. This ensures that the Secondary appliance is always ready to transition to the Active state without dropping any connections.
The synchronization traffic is throttled to ensure that it does not interfere with regular network traffic. All configuration changes are performed on the Primary appliance and automatically propagated to the Secondary appliance. The High Availability pair uses the same LAN and WAN IP addresses—regardless of which appliance is currently Active.
When using SonicWall Global Management System (GMS) to manage the appliances, GMS logs into the shared WAN IP address. In case of a failover, GMS administration continues seamlessly, and GMS administrators currently logged into the appliance will not be logged out, however Get and Post commands may result in a timeout with no reply returned.
The following table lists the information that is synchronized and information that is not currently synchronized by Stateful Synchronization.
High Availability pairs share a single set of security services licenses and a single Stateful HA license. These licenses are synchronized between the Active and Standby appliances in the same way that all other information is synchronized between the two appliances. For information on license synchronization, see High Availability License Synchronization Overview.
Sample Stateful Synchronization Network shows a sample Stateful Synchronization network.
Sample Stateful Synchronization Network
In case of a failover, this sequence of events occurs: