Forum Discussion
NimbostratusConfigSync issue with LTM 11.2 HF1
I have upgraded two BIG-IP 3600 from version 11.1 to 11.2 HF1.
High Availability seems to be working, but ConfigSync fails.
Both devices show "Disconnected" state.
If you go to Device Management > Devices the other peer appears with its older information.
I've tried to force ConfigSync from console:
tmsh run cm config-sync to-group /Common/device-group-failover-67cbdf7d77ca
tmsh run cm config-sync to-group device-group-failover-67cbdf7d77ca
But nothing happens.
In /var/log/ltm file there are several messages like this:
Can't connect to CMI peer 192.168.96.251, port:6699, Transport endpoint is not connected
Telent to the other peer's 6699 port doesn't work:
telnet 192.168.96.251 6699
Trying 192.168.96.251...
telnet: connect to address 192.168.96.251: Connection refused
telnet: Unable to connect to remote host: Connection refused
Any idea?
31 Replies
Alwin_Evanssolution 13887:Forcing a BIG-IP device group member to initiate a ConfigSync operation. did it for me
AnthonyHi all, I'm also suffering with this issue on a new set of LTMs.
I've installed 11.2.1 hf3 on them both, run through the set up wizard, added them as peers to each other, created the same Device group on each. They report the correct status for each other, but the remote LTM always has a disconnected status. I can't for the life of me figure out what I'm missing or what is not configured, because as far as I can see everything is as it should be.
The log message that is streaming out every couple of seconds on each LTM is:
Jan 30 16:18:19 device2 notice mcpd[5578]: 01071431:5: Attempting to connect to CMI peer 192.168.10.170 port 6699
Jan 30 16:18:20 device2 err mcpd[5578]: 0107142f:3: Can't connect to CMI peer 192.168.10.170, port:6699, Transport endpoint is not connected
I tried Solution 13887 earlier today, but to no joy.
I tried the big3d notes from above,
[root@device2:Active:Disconnected] config /usr/sbin/big3d -v
/usr/sbin/big3d version big3d Version 11.2.1.1042.0 for linux
[root@device1:Standby:Disconnected] config /usr/sbin/big3d -v
/usr/sbin/big3d version big3d Version 11.2.1.1042.0 for linux
Both have been rebooted, but just wont communicate with each other for config sync.
Can anyone suggest what else I can do/check to get this resolved??
Thanks in advance,
Anthony- AnthonyI also have my own topic started here: https://devcentral.f5.com/community/group/aft/2165732/asg/52 if anyone would rather post on that.
- What_Lies_Bene1
Cirrostratus
Can you ping between the two devices over the network used for ConfigSync?
Have you tried detailed debugging by using: [tmsh] run cm sniff-updates? - Anthony
Ping was successful from both devices to the other.
I just ran sniff-updates and got this output:
[root@device2:Active:Disconnected] config tmsh run cm sniff-updates
Listening for commit_id_update on -i internal:h port 6699 (^C to exit)
Then it just sat there... - What_Lies_Bene1Can you telnet between devices on 6699?
Can you run: [tmsh] list cm device configsync-ip on both devices and ensure the correct IP/network is shown please? - Anthony
Running the commands you mention (I tried telnet on both self IP and management port):
root@(device2)(cfg-sync Disconnected)(Active)(/Common)(tmos) list cm device configsync-ip
cm device Device1 {
configsync-ip 192.168.10.170
}
cm device Device2 {
configsync-ip 192.168.11.170
}
[root@device2:Active:Disconnected] config telnet 192.168.10.170 6699
Trying 192.168.10.170...
telnet: connect to address 192.168.10.170: No route to host
[root@device2:Active:Disconnected] config telnet 192.168.63.63 6699
Trying 192.168.63.63...
telnet: connect to address 192.168.63.63: Connection refused
and...
root@(device1)(cfg-sync Disconnected)(Standby)(/Common)(tmos) list cm device configsync-ip
cm device Device1 {
configsync-ip 192.168.10.170
}
cm device Device2 {
configsync-ip 192.168.11.170
}
[root@device1:Standby:Disconnected] config telnet 192.168.11.170 6699
Trying 192.168.11.170...
telnet: connect to address 192.168.11.170: No route to host
[root@device1:Standby:Disconnected] config telnet 192.168.63.216 6699
Trying 192.168.63.216...
telnet: connect to address 192.168.63.216: Connection refused
The no route to host - is that the most likely culprit?
starkbypost has been removed...
- What_Lies_Bene1Anthony, firstly, you may want to 'mask' the hostnames by editing your previous post, for security purposes.
Back to the ConfigSync, yes, the 'no route to host' message is pretty informative. When you did the ping before, was it to/from the *170* addresses? - Anthony
Thanks Steve, all posts edited.
I've just run the ping again to make sure I'm getting things in the right direction.
pinging Device2 from Device1
[root@device1:Standby:Disconnected] config ping 192.168.63.216
PING 192.168.63.216 (192.168.63.216) 56(84) bytes of data.
64 bytes from 192.168.63.216: icmp_seq=1 ttl=64 time=0.189 ms
64 bytes from 192.168.63.216: icmp_seq=2 ttl=64 time=0.168 ms
64 bytes from 192.168.63.216: icmp_seq=3 ttl=64 time=0.166 ms
64 bytes from 192.168.63.216: icmp_seq=4 ttl=64 time=0.166 ms
^C
--- 192.168.63.216 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.166/0.172/0.189/0.013 ms
[root@device1:Standby:Disconnected] config ping 192.168.11.170
PING 192.168.11.170 (192.168.11.170) 56(84) bytes of data.
From 192.168.10.170 icmp_seq=2 Destination Host Unreachable
From 192.168.10.170 icmp_seq=3 Destination Host Unreachable
^C
--- 192.168.11.170 ping statistics ---
4 packets transmitted, 0 received, +2 errors, 100% packet loss, time 2998ms
pinging Device1 from Device2
[root@device2:Active:Disconnected] config ping 192.168.63.63
PING 192.168.63.63 (192.168.63.63) 56(84) bytes of data.
64 bytes from 192.168.63.63: icmp_seq=1 ttl=64 time=0.268 ms
64 bytes from 192.168.63.63: icmp_seq=2 ttl=64 time=0.148 ms
^C
--- 192.168.63.63 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.148/0.208/0.268/0.060 ms
[root@device2:Standby:Disconnected] config ping 192.168.10.170
PING 192.168.10.170 (192.168.10.170) 56(84) bytes of data.
From 192.168.11.170 icmp_seq=1 Destination Host Unreachable
From 192.168.11.170 icmp_seq=2 Destination Host Unreachable
^C
--- 192.168.10.170 ping statistics ---
3 packets transmitted, 0 received, +2 errors, 100% packet loss, time 2000ms
So they can ping the management address but not the Self IPs.
Someone else has commented on my other post about Network > Interfaces...
On Device1, 1.1 & 1.2 are showing UP, only 1.1 has a VLAN count
On Device2 1.1 DOWN & 1.2 UP, again only 1.1 has a VLAN count
But I'm not overly sure how this is controlled.
