Windows – DB auto failover in c# does not work when the principal server physically goes offline

sqlsql-server-2008windows

I'm setting up DB auto failover in C# with SQL Server 2008 and I have a 'high safety with automatic failover mirror' using a witness setup and my connection string looks like

"Server=tcp:DC01; Failover Partner=tcp:DC02; database=dbname; uid=sewebsite;pwd=somerndpwd;Connect Timeout=10;Pooling=True;"

During testing, when I turn off the SQL Server service on the principal server the auto failover works like a charm, but if I take the principal server offline (by shutting down the server or killing the network card) auto failover does not work and my website just times out.

I found this article where the second last post suggests that its because we are using named pipes which does not work when the principal goes offline, but we force TCP in our connection string.

What am I missing to get this DB auto failover working?

Best Answer

After working with MS for a week, we've worked out why this happens.

Essentially, the application is not failing over because it needs to be sure that the database has failed over - and the sql connection is timing out before the connection has determined that the db has failed over.

The process to confirm that the database has failed over (with all the default tcp registry settings) is to:

try to communicate with the principal, see that it is not the principal anymore
communicate with the failover to make sure that it has failed over and that it is now the new principal.

When the principal is down, this communication takes about 21 seconds because it will:

try to communicate with the principal, wait 3 seconds, timeout
try to communicate with the principal again, wait 6 seconds, timeout
try to communicate with the principal again, wait 12 seconds, timeout
try to communicate with the failover partner, see that it has failed over, so fail over in the application.

So if your sql connection isn't waiting 21 seconds (probably more in reality) then its going to timeout before it finishes this dance and its not going to fail over at all.

Solution is to set the timeout in your connection string to large value, we use 60 seconds just to be safe.

Cheers

Related Solutions

SQL 2008 Mirroring, how to failover from the mirror database

Simply put you must activate the mirror from the principal server in the High Safety mode without automatic fail over.

This method is great for planned outages and maintenance. It is not really beneficial in a disaster or unplanned downtime scenario as you cannot fail over without access to the principal server.

I use a very low cost old computer running MSSQL express as the monitor server. It has windows XP pro on it. I am sure you can find a small computer to carry out the task of the monitor server. Something that can meet minimum requirements for MSSQL express will do fine.

Hope this helps.

Database mirroring login failure attempts on mirror server

Hi I hope this site answers the questions for you, as I am not sure what your question exactly is.

http://msdn.microsoft.com/en-us/library/ms190913.aspx

Or directly: To change the time-out value (high-safety mode only)

* Use the ALTER DATABASE <database> SET PARTNER TIMEOUT <integer> statement.

To view the current time-out value

* Query mirroring_connection_timeout in sys.database_mirroring.

Also check this article under Client Side Redirect: http://technet.microsoft.com/en-us/library/cc917680.aspx

The failover partner in the connection string is used as an alternate server name if the connection to the initial principal server fails. If the connection to the initial principal server succeeds, then the failover partner name will not be used, but the driver will store the failover partner name that it retrieves from the principal server on the client-side cache.

Best Answer

Related Solutions

SQL 2008 Mirroring, how to failover from the mirror database

Database mirroring login failure attempts on mirror server

Related Topic