Forum Discussion
NimbostratusChange HA VLAN IP Address?
I have a cluster with an HA vlan with an IP of 10.10.5.5 and 10.10.5.6 for both nodes. This HA Vlan is directly connected between the two devices and used for config sync, failover and mirroring. Is it possible to delete this vlan and recreate with a different IP subnet IP address and it wont cause any problems? Is this an easy procedure or other things to consider?
9 Replies
What_Lies_Bene1Cirrostratus
Why delete the VLAN? Why not just change the Self IP addresses as necessary?
tolinrome_13817I cant they aren't editable. Can I just create new Self IP addresses and associate them with the HA vlan then delete the current ones?
The reason being is that the current IP addresses for the HA vlan are actually in the same IP subnet as a production network. Since the HA vlan is directly connected between the two nodes and isnt a production network can I just make the IP addresses any I choose, say 172.16.50.1 and 172.16.50.2?
- What_Lies_Bene1
Sure, as long as your sure they are not in use anywhere else!
Yes I think you could just create new self IPs and delete the current ones. However, you may have issues if HA features are configured with the IPs you want to remove. I'm not sure if both IPs will be shown as options for those features (ConfigSync etc.). Only way to know is to try I'm afraid.
- tolinrome_13817
I edited my post above your response, you may not have seen it. So if I create new self ip's, associate them with the HA vlan, and then then delete the current self IP for the vlan it may cause problems you think?
- What_Lies_Bene1
Those IPs would be fine (and RFC1918 compliant) assuming they are not used elsewhere.
My concern is that you won't be able to select the new IPs when configuring things like network failover and configsync and you can't delete the old IPs if they are configured for use by those features. Bit of a chicken and egg situation.
I can't test this so the only way to know is for you to try. Either way, it'll break your HA setup while you're doing the configuration work.
- tolinrome_13817
I dont mind temporarily having the HA network down as long as it doesnt interrupt production traffic. Guess I'll have to see.
- What_Lies_Bene1You wouldn't want to get into an active/active scenario which is quite possible. I'd plan for downtime.
On 11.4.x or newer, you can:
- Force all members of device group into offline mode except one.
- Create new self IP addresses on all devices.
- Modify the Device Properties (Under Devices Management) to change the sync, failover and mirror IP addresses to the new IP addresses. Do this for each device, on the device itself.
- Delete the old IP addresses.
- Config-sync the changes from active to device group.
If you're running 11.2.1 or earlier (and possibly 11.3.0 as well, I'm not sure where exactly it became easier), you will have to rebuild device trust in order to get the devices to detect the updated sync, failover and mirroring addresses.
Do this during a scheduled maintenance window to minimize impact of any unexpected outage (Even though this procedure I've suggested is relatively solid).
- Note, if your devices are Viprions, these instructions will not work for you because "Forced Offline" on a Viprion makes all interfaces Down, so you can't reach them on the network.
