Forum Discussion
Derek_21893
Nimbostratus
NimbostratusDiscovery of failover peer using iControl
Hi,
I'd like to be able to discover a failover peer for an active-active or active-standby pair of LTMs using iControl. From what I can tell there is no good way to do this currently.
I can use System.Failover.get_peer_address to get the address of the peer, but if this address is not routable (I'm not sure you can even make it routable) then how else can you discover a usable IP address for the peer?
In my instance the primary LTM is using 192.168.255.1 and the peer is using 192.168.255.2. All I can get is the peer address. I can't even get the "self" address, so even if these IP addresses were unique across an enterprise, there would be no way to correlate the two LTMs together into a redundant pair.
The only way I can think of to figure out if two LTMs are in a failover pair is to compare the VIPs and maybe self-ips to see if the IP addresses match, which is a cludge at best and wouldn't cover all scenarios such as multiple pairs of LTMs which their VIPs are participating in anycast and thus all have the same IP addresses across multiple pairs of LTMs.
Any ideas?
Thanks,
-Derek
38 Replies
samstepCirrocumulus
Derek, I tested that too and got the same result.
LTConfig method did work for me on v10.x.x
On v9.4.x LTConfig.Field->get_value() call crashes with error that 'peer_mgmt_addr' is not a valid field
Derek_21893Yep, on v10x the LTConfig method works fine. I tested against 9.4.0 and I get SOAP-ENV:Client : Unknown method "{urn:iControl:LTConfig/Class}:get_list_of_instances", and under 9.4.7 I also get an exception (although with slightly different error text). I'm convinced that the only reliable method for finding a failover peer is to somehow get the peer's management IP address, so I guess automatic detection of failover peers will only work for v10 and higher, which is just the way it will have to be. I will however be able to make a reasonable guess at failover peers for versions <10 by doing some logic using the "might work" methods we've discussed, and then at least present the end user with something like "hey, we think these are a failover pair, is that true?" dialog. So, unless anyone has any miracles to tell me about, I think it's safe to say that for versions < 10 you cannot reliably detect the failover peer managment IP address with iControl.- Derek_21893OK folks, so to finish this we need (from iControl/F5):
a method to get the management IP address of the failover peer (or ACTIVE/ACTIVE peer!)
Thanks,
-Derek 
L4L7_53191Hmm...you'll probably need to do that via a peer address that allows iControl traffic:
1) get_peer_address(), from System::Failover then
2) ask for the management IP from the remote device via the Networking::Admin wsdl.
Not ideal, but a cleaner way isn't sticking out. I say this because peer configuration objects are separate from the management configuration, and you create device associations via the peering mechanism, which may or may not involve the management vlan.
...but all that said it seems that this isn't going to work out for you either, based on the length of this thread!
-Matt- Derek_21893Yeah, grabbing the configuration is the only sure-fire way of doing this currently. It would just be very nice if F5 would implement a "get_peer_management_ip" function in iControl. The data is certainly there in the configuration.
- Maybe this thread will help. the management ip addresses are stored in the bigdb database and can be accessed with the Management.DBVariable interface.
http://devcentral.f5.com/Forums/tabid/1082223/asg/51/showtab/groupforums/afv/topic/aff/1/aft/1183/Default.aspx
Hope this helps...
-Joe - Derek_21893Thanks Joe, I'll give that a shot today and post back with results.
-Derek 
aukrishna_7226Hey Derek, Just wondering if you were able to get the peer management address from the dbvariable. I tried it but couldnt find the peer management address. It would be nice if F5 can provide an interface to fetch this data.
