Network Login and Hitless Failover

When redundancy is available in a SummitStack, one node assumes the role of primary and the another node assumes the role of backup node.

The primary node executes the switch‘s management functions, and the backup node acts in a standby role. Hitless failover transfers switch management control from the primary node to the backup node.
Note

Note

Not all platforms support hitless failover in the same software release. To verify if the software version you are running supports hitless failover, see Protocol Support for Hitless Failover. For more information about protocol and platform support for hitless failover, see Understanding Hitless Failover Support.

Network login supports hitless failover by relaying current client authentication information from the master node to the backup node. For example, if a client moves to the authenticated state, or moves from an authenticated state to an unauthenticated state, the primary node conveys this information to the backup node. If failover occurs, your authenticated client continues to operate as before the failover.

Backup nodes do not show reauthentication timer in the output of the show netlogin command as in master. Only the authenticated clients details appear in show netlogin in backup.

Note

Note

If you use 802.1X network login, authenticated clients remain authenticated during failover; however, shortly after failover, all authenticated clients automatically re-authenticate themselves. Re-authentication occurs without user intervention.

If failover occurs during the authentication or re-authentication of a client, the client must repeat the authentication process.

Note

Note

Before initiating failover, review the section Synchronizing Nodes to confirm that your switch (or SummitStack) and both (or all) nodes are running software that supports the synchronize command.