HSM appliances can be clustered for high availability. You can cluster up to 99 HSM appliances in one configuration. All 99 will be equal and active HSM servers. DNSSEC-HSM with Address Manager and DNS/DHCP Servers will continue to function normally as long as one HSM server is online and active. If all HSM servers fail, you will experience the following impact to DNS/DHCP Servers and Address Manager:
- DNS/DHCP Server—On the BDDS side,
loss of connectivity to all HSM servers is very serious, as DNS service is
in constant contact with the HSM servers. If all HSM servers fail, DNS
service will exit/crash, resulting in a critical service outage.You must get at leastone HSM server back up and running to return DNS service to normal operation. When at least one HSM server comes back online, it will be automatically detected and DNS service will restart. No action is required is on the DNS/DHCP Servers or from the Address Manager user interface.Note: Refer to your Thales User Guide or contact Thales Customer Support for assistance with HSM appliances.
- Address Manager—On the BAM side, loss of connectivity to the HSM servers is of minimal impact, as Address Manager is not in constant contact with the HSM servers. New zones cannot be signed and existing keys cannot be rolled over as Address Manager cannot contact an HSM server to generate keys. When at least one of HSM server is back online (and DNS service is running on DNS/DHCP Servers) Address Manager can start rolling over keys and signing new zones.