Home > Storage > PowerStore > Data Protection > Dell PowerStore: Metro Volume > Communication flow – healthy
The communication between PowerStore and witness service uses 2048bit SSL encryption with password-less authentication using SSL client certificates. During registration of the witness, the client certificates are exchanged with a token in PowerStore manager, and the witness session is established (1). Each PowerStore appliance pings the witness regularly with an HTTP GET request to confirm connectivity and healthy availability of the witness (2). Each PowerStore appliance with a preferred Metro Volume will send an HTTP POST request once per metro session per day to renew the witness session. The metro witness session will expire after seven days if not renewed. Lastly, in a short interval, each PowerStore appliance with a non-preferred Metro Volume requests and receives a grant from its peer with the preferred Metro Volume (3). This mechanism helps assure its peer is healthy and that the non-preferred Metro Volume may still fulfill read and write I/O requests.
In all cases throughout its lifecycle, the witness acts like a backboard and only responds to inward communication requests from PowerStore appliances. The witness does not outwardly initiate communication with PowerStore appliances.