Clarification for Traffic-Group Configuration v11.4

When creating my Virtual Servers for various apps am I supposed to then go under Virtual Address List and select each individual Virtual Server and then proceed to add it to traffic-group-1 (floating)?i understand by default virtual address could be in traffic-group-1 (i.e. no need to manually assign).

 

 

If the Virtual Servers IP is not a member of this traffic-group-1 when I failover the active unit to standy does the new active unit not pickup the traffic for those Virtuals?yes, that virtual address won't float to new active unit.

Posted By nitass on 08/09/2013 07:38 AM

 

When creating my Virtual Servers for various apps am I supposed to then go under Virtual Address List and select each individual Virtual Server and then proceed to add it to traffic-group-1 (floating)? i understand by default virtual address could be in traffic-group-1 (i.e. no need to manually assign).

 

 

If the Virtual Servers IP is not a member of this traffic-group-1 when I failover the active unit to standy does the new active unit not pickup the traffic for those Virtuals? yes, that virtual address won't float to new active unit.

 

 

You said they are there by default yet none of the 60 Virtual Server IPs show up in the list of Failover Objects within the traffic-group. Is there somewhere else I can verify this?

 

 

I was hoping this was the case by I did some troubleshooting on this about a month ago and when I was testing failover to the standby unit the test Virtual Server stayed down when failed over. The only way I got it to work was by manually adding the Virtual to the traffic-group-1 failover object group. Now when I tested this morning after removing the Virtual from the traffic-group-1 failover object it still works so I'm not sure what the issue was previously.

 

 

Thanks for the response!!!

 

You said they are there by default yet none of the 60 Virtual Server IPs show up in the list of Failover Objects within the traffic-group. Is there somewhere else I can verify this?this is mine.

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show sys version|grep -A 4 Main\ Package
Main Package
  Product  BIG-IP
  Version  11.4.0
  Build    2405.0
  Edition  Hotfix HF2

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm virtual-address 1.1.1.1
01020036:3: The requested virtual address (/Common/1.1.1.1) was not found.

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) create ltm virtual test destination 1.1.1.1:80

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm virtual-address 1.1.1.1
ltm virtual-address 1.1.1.1 {
    address 1.1.1.1
    mask 255.255.255.255
    traffic-group traffic-group-1
}

when I was testing failover to the standby unit the test Virtual Server stayed down when failed over.was the problem between client and virtual server on new active unit (e.g. traffic did not arrive at new active unit) or between new active unit and server (e.g. new active unit did not send traffic to server)?

Mine does not have a traffic-group for the Virtuals I created through the GUI.

 

 

ltm virtual-address 10.10.11.25 {

 

address 10.10.11.25

 

floating disabled

 

mask 255.255.255.255

 

traffic-group none

 

unit 0

 

 

...and the problem was between the client and Virtual Server. I lost all pings to the Virtual but the backend Servers were still responding.

ltm virtual-address 10.10.11.25 {

 

address 10.10.11.25

 

floating disabled

 

mask 255.255.255.255

 

traffic-group none

 

unit 0 floating should be enabled and traffic-group should not be none. not sure why it is like that. would it be possible to correct the configuration, synchronize it and test failover again?

by the way, is traffic-group set under your / and /Common folders?

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list sys folder / /Common
sys folder / {
    device-group dg
    inherited-devicegroup false
    inherited-traffic-group false
    traffic-group traffic-group-1
}
sys folder /Common {
    device-group dg
    inherited-devicegroup true
    inherited-traffic-group true
    traffic-group traffic-group-1
}

I manually added 10.10.11.25 to the traffic-group-1 through the Virtual Address List and now through CLI it looks like this...

 

ltm virtual-address 192.168.11.25 {

 

address 192.168.11.25

 

mask 255.255.255.255

 

traffic-group traffic-group-1

 

 

list ltm virtual-address 192.168.11.25

 

ltm virtual-address 192.168.11.25 {

 

address 192.168.11.25

 

mask 255.255.255.255

 

traffic-group traffic-group-1

 

 

Testing with and without 192.168.11.25 as a member of traffic-group-1 both seem to work fine.

 

 

I'm hoping there is a command missed that automatically adds all newly created Virtuals to traffic-group-1 as opposed to none?

 

 

No they are not. How do I go about changing this?

 

 

list sys folder / /Common

 

sys folder / {

 

device-group failover_sync_group

 

inherited-devicegroup false

 

inherited-traffic-group false

 

traffic-group none

 

}

 

sys folder /Common {

 

device-group failover_sync_group

 

inherited-devicegroup true

 

inherited-traffic-group true

 

traffic-group none

 

}

 

 

I found this...

 

 

http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14104.html

 

 

I'm going to give it a try and add a few new Virtuals to see what happens.

After following through the solution guide when I run the same command I get this result...

 

 

list sys folder / /Common

 

sys folder / {

 

device-group failover_sync_group

 

inherited-devicegroup false

 

inherited-traffic-group false

 

traffic-group traffic-group-1

 

}

 

sys folder /Common {

 

device-group failover_sync_group

 

inherited-devicegroup true

 

inherited-traffic-group false

 

traffic-group traffic-group-1

 

}

 

 

When I add a new Virtual it is now a member of traffic-group-1 and shows up in the failover object list. Should I be concerned that the inherited-traffic-group statment for /Common is still showing as false?