|
| 1 | +--- |
| 2 | +title: Availability Replica is Disconnected in an Availability Group |
| 3 | +description: Identify possible causes for why a replica is disconnected within an Always On availability group. |
| 4 | +author: MashaMSFT |
| 5 | +ms.author: mathoma |
| 6 | +ms.reviewer: randolphwest |
| 7 | +ms.date: 05/08/2024 |
| 8 | +ms.custom: sap:Always On Availability Groups (AG) |
| 9 | +--- |
| 10 | + |
| 11 | +# Availability replica is disconnected within an Always On availability group |
| 12 | + |
| 13 | +_Applies to:_ SQL Server |
| 14 | + |
| 15 | +## Introduction |
| 16 | + |
| 17 | +- **Policy Name**: Availability Replica Connection State |
| 18 | +- **Issue**: Availability replica is disconnected |
| 19 | +- **Category**: **Critical** |
| 20 | +- **Facet**: Availability replica |
| 21 | + |
| 22 | +## Description |
| 23 | + |
| 24 | +This policy checks the connection state between availability replicas. The policy is in an unhealthy state when the connection state of the availability replica is `DISCONNECTED`. The policy is otherwise in a healthy state. |
| 25 | + |
| 26 | +## Possible causes |
| 27 | + |
| 28 | +The secondary replica isn't connected to the primary replica. The connected state is `DISCONNECTED`. This issue can be caused by one of the following reasons: |
| 29 | + |
| 30 | +- [The connection port might be in conflict with another application](#the-connection-port-might-be-in-conflict-with-another-application). |
| 31 | +- [The encryption type or algorithm is mismatched](#the-encryption-type-or-algorithm-is-mismatched). |
| 32 | +- [The connection endpoint was deleted or isn't started](#the-connection-endpoint-was-deleted-or-isnt-started). |
| 33 | +- [There are network/connectivity issues or Ports are blocked at the firewall](#network-or-connectivity-issues-or-ports-are-blocked-at-the-firewall). |
| 34 | +- [Service/startup account isn't a domain user and isn't able to connect to the DC and to the remote node and port (for example, 5022)](#account-isnt-a-domain-user-and-cant-connect-to-the-dc-and-to-the-remote-node). |
| 35 | + |
| 36 | +## Possible solutions |
| 37 | + |
| 38 | +Check the database mirroring endpoint configuration for the instances of the primary and secondary replica and update the mismatched configuration. Also, check if the port is conflicting, and if so, change the port number. |
| 39 | + |
| 40 | +The following are possible solutions for this issue: |
| 41 | + |
| 42 | +#### The connection port might be in conflict with another application |
| 43 | + |
| 44 | +Run the following commands to diagnose port issues: |
| 45 | + |
| 46 | +```powershell |
| 47 | +$server_name = "server_instance" #replace with your SQL Server instance |
| 48 | +sqlcmd -S $server_name -E -Q "SELECT type_desc, port FROM sys.tcp_endpoints WHERE type_desc = 'DATABASE_MIRRORING'; " |
| 49 | +``` |
| 50 | + |
| 51 | +The previous command returns the port number that you have to use in the following command. |
| 52 | + |
| 53 | +```powershell |
| 54 | +$port = "5022" |
| 55 | +Get-NetTCPConnection -LocalPort $port |
| 56 | +Get-Process -Id (Get-NetTCPConnection -LocalPort $port).OwningProcess | Select-Object Name, ProductVersion, Path, Id |
| 57 | +``` |
| 58 | + |
| 59 | +#### The encryption type or algorithm is mismatched |
| 60 | + |
| 61 | +Run this command on both servers and compare the encryption and make sure both are the same. |
| 62 | + |
| 63 | +```powershell |
| 64 | +$server_name = "server_instance" #replace with your SQL Server instance |
| 65 | +sqlcmd -S $server_name -E -Q "SELECT name, state_desc, encryption_algorithm_desc, protocol_desc, type_desc FROM sys.database_mirroring_endpoints" |
| 66 | +``` |
| 67 | + |
| 68 | +#### The connection endpoint was deleted or isn't started |
| 69 | + |
| 70 | +Run the following command if the mirroring endpoint exits and is started. |
| 71 | + |
| 72 | +```powershell |
| 73 | +$server_name = "server_instance" #replace with your SQL Server instance |
| 74 | +sqlcmd -S $server_name -E -Q "SELECT name, state_desc, encryption_algorithm_desc, protocol_desc, type_desc FROM sys.database_mirroring_endpoints" |
| 75 | +``` |
| 76 | + |
| 77 | +Run the following command if you suspect that endpoint isn't responding to connections, or isn't running. |
| 78 | + |
| 79 | +```powershell |
| 80 | +$server_name = "server_instance" #use your SQL Server instance here |
| 81 | +$server_name = "hadr_endpoint" #replace with your endpoint name |
| 82 | +sqlcmd -S $server_name -E -Q "ALTER ENDPOINT hadr_endpoint STATE = stopped" |
| 83 | +sqlcmd -S $server_name -E -Q "ALTER ENDPOINT hadr_endpoint STATE = started" |
| 84 | +``` |
| 85 | + |
| 86 | +> [!WARNING] |
| 87 | +> Running the command with `STATE = stopped` will stop your endpoint and temporarily interrupt Always On traffic flow. |
| 88 | +
|
| 89 | +#### Network or connectivity issues, or ports are blocked at the firewall |
| 90 | + |
| 91 | +Use the following commands to test connectivity in both directions from `Node1` to `Node2` and `Node2` to `Node1`: |
| 92 | + |
| 93 | +```powershell |
| 94 | +$computer = "remote_node" # replace with node name in your environment |
| 95 | +$port = "5022" # replace with the port from your database_mirroring_endpoints |
| 96 | +Test-NetConnection -ComputerName $computer -Port $port |
| 97 | +``` |
| 98 | + |
| 99 | +#### Account isn't a domain user and can't connect to the DC, and to the remote node |
| 100 | + |
| 101 | +To test whether the service account can connect to the remote node, follow these steps. The steps assume that you aren't logged in with the service account. |
| 102 | + |
| 103 | +1. Select **Start** > **Windows PowerShell** > right-click the icon. |
| 104 | + |
| 105 | +1. Select **More** > **Run as Different User** > **Use a different account**. |
| 106 | + |
| 107 | +1. Type the service account name and password. |
| 108 | + |
| 109 | +1. After Windows PowerShell opens, type the following command to verify that you signed in with the service account: |
| 110 | + |
| 111 | + ```powershell |
| 112 | + whoami |
| 113 | + ``` |
| 114 | + |
| 115 | +1. Then you can test the connection to the remote node, as in the following example. |
| 116 | + |
| 117 | + ```powershell |
| 118 | + $computer = "remote_node" # replace with node name in your environment |
| 119 | + $port = "5022" # replace with the port from your database_mirroring_endpoints |
| 120 | + Test-NetConnection -ComputerName $computer -Port $port |
| 121 | + ``` |
| 122 | + |
| 123 | +## Related content |
| 124 | + |
| 125 | +- [What is an Always On availability group?](/sql/database-engine/availability-groups/windows/overview-of-always-on-availability-groups-sql-server) |
| 126 | +- [Use the Always On Availability Group dashboard (SQL Server Management Studio)](/sql/database-engine/availability-groups/windows/use-the-always-on-dashboard-sql-server-management-studio) |
0 commit comments