Skip to Main Content

Breadcrumb

Question and Answer

Tom Kyte

Thanks for the question, Randy.

Asked: February 04, 2003 - 11:28 pm UTC

Last updated: July 12, 2012 - 6:24 pm UTC

Version: 9.2.0.2

Viewed 1000+ times

You Asked

If I want to use Oracle Fail Safe and Dataguard do the servers have to be clustered? Right now I have a primary database on one server and a separate server for the logical standby database. I want automatic failover, but it looks like Oracle Fail Safe requires clustered servers.

The DATAGUARD manual mentions that you can use ORACLE FAIL SAFE on the windows platform, but the ORACLE FAIL SAFE documentation doesn't say squat about DATAGUARD or how to configure for it. Is there any documentation of this subject that you can refer me to?

Thanks

and Tom said...

Fail Safe is a clustering solution.

The two (data guard & failsafe) are complimentary but somewhat orthogonal here.

Failsafe is designed to keep the single database up and available -- in a single data center. As long as that room exists -- failsafe keeps the database up.

data guard is a disaster recovery solution. It is for when the room the data center is in "goes away" for whatever reason.


Data guard wants the machines to be independent (no clusters) of eachother and separated by some geographic distance.

Failsafe, like 9i RAC, wants the machines to be tethered together - sitting right next to eachother in a cluster.

Failsafe is HA (high availability)
Data guard is DR (disaster recovery)


Failsafe will give you automated failover. As long as the data center exists, that database is up.

With data guard -- you do not WANT automated failover (many *think* they do but you don't). Do you really want your DR solution to kick in due to a WAN failure? No, not really. For DR to take over, you want a human to say "yup, data center burnt to the ground, lets head for the mountains". You do not want the DR site to kick in because "it thinks the primary site is gone" -- you need to tell it "the primary site is gone". In a cluster -- the machines are very aware of eachother and automated failover is "safe"


So, data guards reference to failsafe is incidental.
That failsafe doesn't talk about data guard is of no real consequence.

They are independent feature/functions.

Rating

  (11 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

data guard

A reader, June 06, 2003 - 12:37 pm UTC

Please give me the link. I want to know more about data guard.

Tom Kyte
June 06, 2003 - 12:58 pm UTC

</code> http://docs.oracle.com/docs/cd/B10501_01/nav/docindex.htm#index-DAT <code>


Excellent Definitions of FailSafe and DataGuard

A reader, June 12, 2003 - 10:23 am UTC

Tom, Thanks for giving us a *very clear and easy* understanding of these products.

Can you please fit 9i RAC into this picture?

A reader, June 12, 2003 - 10:38 am UTC

Tom,
You said:
"Failsafe is HA (high availability) Data guard is DR (disaster recovery)". How would you define RAC - high availability + scalability?

If we want Scalibility and DR, we would need RAC + Dataguard? Can RAC and DataGuard co-exist?

Tom Kyte
June 12, 2003 - 11:14 am UTC

RAC is HA+scaling up.

RAC and DG can (and do) coexist.

clarifications ....

reader, February 18, 2004 - 9:42 am UTC

Tom,

(1) Is switchover concept new in 9i dataguard?
(2) Creating standby redologs new feature in 9i? If so how was it in 8i standby configuration?

Thanks.

Tom Kyte
February 18, 2004 - 8:54 pm UTC

1) yes
2) yes

in 8i, there was just the archive log transfer (fill a log on prod, ship to standby, apply)

RAC in a room

bob, July 12, 2004 - 9:08 pm UTC

You say "RAC in a room". Is this link an attempt to show RAC plus data mirroring can work well over a distance?

</code> http://www.veritas.com/van/articles/6748.jsp <code>

Can you think of any good reason for RAC across some kind of WAN, or more likely many reasons why you might not want to do this?

I enjoyed what you wrote about why failover for dataguard shouldn't be automatic, and found your points to be quite valuable.

Tom Kyte
July 13, 2004 - 12:01 am UTC

spell latency for me.

buy anyway, we are talking a distance less than my average commute here. is that truly "DR". to me, DR is hundreds of miles.

No, i would not -- using todays conventional technology, even dream about doing RAC over a long cable.

I would urge you to look at the ongoing costs of such a thing (somewhat expensive network)

A reader, July 14, 2004 - 2:27 pm UTC

Good explanation Tom!!

Is Fail Safe Just for Windows?

A Reader, October 14, 2004 - 12:32 pm UTC

Hi Tom,
Is Fail Safe just for Windows? Can we do similar setting in UNIX? Can you point to a document that details the HA and Fail Safe?
Thanks in advance.

Tom Kyte
October 14, 2004 - 7:32 pm UTC

fail safe is a windows mostly thing (i think hp might have it too)

</code> http://www.oracle.com/ultrasearch/wwws_otn/searchotn.jsp?p_Action=Search&p_Query=failsafe&Advanced.x=0&Advanced.y=0 http://www.oracle.com/ultrasearch/wwws_otn/searchotn.jsp?p_Action=Search&p_Query=maa&Advanced.x=0&Advanced.y=0 <code>

RAC interested

Dave Bargeron, February 07, 2005 - 3:47 am UTC

Excellent - clears some of the fog of misconception.

Just one question: is RAC (for DR) between two data-centres over 10 miles apart with GB Ethernet Interconnect - high update activity being mis-guided ?

Tom Kyte
February 07, 2005 - 4:54 am UTC

not going to happen.

they sort of share disk -- it would not make sense to separate the computers (speed of light starts to become the bottleneck) since there is but one DATABASE.


Enter -- standby database, now you have two databases - and you have failover. And they should be separated by 10's or hundreds of miles (The standbys)


RAC is in a room (to make sure the room, that data center can stay up and running).

Standby is for failing over when the room goes boom.


RAC is not for DR (disaster recovery), RAC is HA (Highly available)

extending the RAC Cluster

Dave Bargeron, February 11, 2005 - 9:51 am UTC

If we are extending the RAC cluster, using dark fibre for the interconnects and PPRC in the SAN, I've heard that RAC can start to creak, as the number of nodes in the cluster increase and trans volumes goes up. Is there a point when performance will start to noticibly degrade ?

Tom Kyte
February 11, 2005 - 8:31 pm UTC

"creak"?

depends on the OS, implementation, what you do -- how you do it. I can make performance degrade noticably on a single instance by hard parsing like mad (eg: it takes one node to show you can build things that don't scale).

A reader, January 24, 2010 - 5:08 pm UTC

Hi

Assume, maximum performance mode, and no standby redologs.
Let say my primary database is crashed and my redologs is half-filled.
I have decided to failover, since current log is not being archived in primary database, I will lose data if I open standby database.

If I copy the redologs from primary to standby, can I apply them to standby database?
Tom Kyte
January 26, 2010 - 1:50 am UTC

yes, you can.

Alexander, July 12, 2012 - 1:00 pm UTC

Could I argue that since Dataguard does offer smooth, automatic failovers to the standby that we could use this as HA and DR and save a boatload of money and administration headaches (RAC is a PITA I don't care what anyone says...)?

That is of course implying we are fine with not being able to scale horizontally and get the load balancing benefits of RAC.
Tom Kyte
July 12, 2012 - 6:24 pm UTC

If you can stand a small bit of downtime during your failure and if you keep your data guard site way far away - sure.

RAC is much more instantaneous, no need to decide "should we failover", it just happens.
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

Analytics

Analytic SQL got you confused? Check out Connor McDonald's complete video course.