Recovery Point Objective

The Recovery Point Objective (RPO) determines how much data can be lost after a disaster. RPO is expressed in time (seconds, minutes, hours, or days). RPO refers to a point in time backward from the instant a failure occurs.

When designing a replication solution, RPO is a factor that can determine replication mode and the sizing of the links used for replication. If the primary system fails and a failover occurs, the RPO is a worst-case factor.


A properly sized solution is more than sizing the links correctly. A storage system running near capacity limits or oversubscribed will impact host IO.

RPO defines a time in the past before the disaster occurred, and is used to select a replication mode, for example:
  • RPO = 0 means there is no data loss as a result of a disaster. It is the best result and requires synchronous replication.

  • RPO = 1 minute means up to 1 minute of data can be lost as a result of a disaster. 1 minute is the best possible result with asynchronous periodic replication between two HPE Primera systems running HPE Primera OS 4.2 or later.

For example, a disaster occurs at 2:00 p.m. After recovery operations at the disaster recovery site complete, a two-hour RPO guarantees that all I/O committed up to and including 12:00 p.m. is present in the replicated copy on the secondary system. The RPO could contain I/O committed after 12:00 p.m. but, the defined two-hour RPO guarantees that I/O committed before 12:00 p.m. is present.

With an RPO of 0, all I/O committed to the primary system up to 2:00 p.m. is present in the replicated copy on the secondary system.