We have AlwaysOn Availability group with synchronized mode. As it says in this linkhttps://msdn.microsoft.com/en-us/ff877931.aspx:
If a
synchronous-commit secondary replica times out without confirming that it has
hardened the log, the primary marks that secondary replica as failed. The
connected state of the secondary replica changes to DISCONNECTED, and the
primary replica stops waiting for confirmation from the secondary replica. This
behavior ensures that a failed synchronous-commit secondary replica does not
prevent hardening of the transaction log on the primary replica.
I may not
take risk on any transaction that will be done without doing it on the other
replica as well. The above behavior put me in a situation that when I have
connectivity issues, the primary continue to work normally, and the secondary
is not synchronized. If a disaster will occur just then, I will lose data, even
though I usually work in a synchronous mode.
What can
I do to prevent this expose?