We need to design a web/application/DB servers architecture that can achieve so called 99.99% uptime.

With redundent web/application servers, it was propsed to use a cluster hardware such as HP Proliant DL380 running Windows 2000 Advanced Server with Oracle Enterprise 8.1.7 to ensure the uptime. However, my understanding about hardware cluster is that it has two identical "systems" connected to the same storage. The problem is if say an Oracle datafile is corrupted, the DB on this whole cluster is temporarily unavailable. Correct?

As an alternative, I could have two identical web/application servers with two identical DB servers. Each application server connects to a DB server and two-way replication runs between the two DB servers. In this scenerio, unless the replication is almost real time, I can't guarantee user A (via first set of application/DB server) will see what user B (via second set of application/DB server) just modified to the DB. Correct?

Finally, I could have two identical web/application servers connect to the same DB server A, which does one-way replication to DB server B(initially no application server connects to it). When the DB server A fails, I switch the application servers to point to DB server B. This method does not really guarantee 99.99% uptime, though.

Does anyone have an even better idea on how to achieve this 99.99% uptime?