Forum Discussion
Check1t_282465
Nimbostratus
NimbostratusAny Reasons NOT to use automatic with incremental synchronization sync type
Situation: Have an active and standby pair on 5200 boxes/13.1 release. ~ 300 VIP on LTM, 20 APM policies, 50 ASM policies. Several of ASM policies with policy building in automatic mode. We have au...
Simon_Blakely
Employee
EmployeeThe biggest issue with auto-sync is that the device that receives config changes does not write the changes to disk - the change only exists in memory in MCPD. This is a deliberate design decision to prevent the BigIP spending all it's time writing config changes to disk as a number of small changes are made on the peer.
K14624: Configuring the Automatic Sync feature to save the configuration on the remote devices
This can lead to a situation where the configuration can be lost if the system where changes are made (and saved) fails, and then the peer restarts or reloads the config from disk without saving.
You can enable save-on-auto-sync but this introduces risks with very large configs.
If you are using ASM Policy Builder, then the ASM sync group should be set to automatic.
You have to make a choice about your LTM sync groups, based on the size of the configuration, the frequency of changes, and your own management policies.
Some people with auto-sync enabled use a cron task to ensure that a
tmsh save /sys config
is run at a regular interval (I'd suggest no more than hourly, as opposed to daily).