The operation mode determines how the trusted host works with multiple Policy Servers. There are two operation modes: failover and round robin.
Failover is a redundancy mode. If the primary Policy Server fails, there is a backup Policy Server to take over policy operations. Failover is the default operation mode. When the trusted host initializes, it operates in Failover mode.
In this mode, every trusted host request is delivered to the first Policy Server in the list. If that Policy Server does not respond, the trusted host marks it unavailable and redirects the request to the next Policy Server in the list. If a previously failed Policy Server recovers, it is returned to its original place in the list.
Round robin mode lets the trusted host distribute requests across multiple Policy Servers, which provides faster access to Policy Servers and therefore, more efficient user authentication and authorization. It also prevents a single Policy Server from becoming overloaded with requests.
In this mode, the trusted host delivers a request to the first Policy Server in the list. The next request is delivered to the second Policy Server in the list, and so on, until the trusted host has sent requests to all the available Policy Servers. After sending requests to all of the Policy Servers, the next request returns to the first Policy Server in the list and the cycle begins again.
If a Policy Server fails, the request is redirected to the next Server in the list. The trusted host marks the failed Server as unavailable and redirects all of the requests to other servers. After the failed server recovers, it is automatically restored to its original place in the list.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |