Forum Discussion

Dazzla_20011's avatar
Dazzla_20011
Icon for Nimbostratus rankNimbostratus
Dec 05, 2012

Force a BIG-IP LTM Offline

Hi,

 

has anyone used the force offline on a BIG-IP to perform maintenance work, if so how does it work? I plan to do this on Standby LTM and this isn't something I've tried before. Anything I need to be aware of when doing this or bringing it back online. Had a look at the documentation but that just states it unable to forward traffic when in this state.

 

 

Thanks

 

config
design

5 Replies

  • pete_71470's avatar
    pete_71470
    Icon for Cirrostratus rankCirrostratus
    Dec 05, 2012
    We've used the feature here. From observing the units physically, it appears to simply shut off all but the management interface. While working with F5 to replace a blade, we were told the offline'd unit could still receive configsync updates but in our case that wasn't a possibility because we use a dedicated HA interface. Aside from this there were no surprises.
  • pete_71470's avatar
    pete_71470
    Icon for Cirrostratus rankCirrostratus
    Dec 05, 2012
    While not directly related to bad things happening right after forcing the Standby offline, if you are running pre-v11.1 the primary could get its knickers in a twist if you're using connection mirroring:

     

     

    http://support.f5.com/kb/en-us/solutions/public/12000/300/sol12370.html?sr=25794222

     

     

    It turns out we were vulnerable to this but the standby wasn't down long enough to cause problems. If vulnerable, the solution is to simply shut off mirroring first.
  • brad_11480's avatar
    brad_11480
    Icon for Nimbostratus rankNimbostratus
    Apr 12, 2013
    I am preparing for life cycle replacement of the F5 hardware. This will replace 6400's with Viprion guests. The question is using the "Force Offline" as a quick way to transition to a new HA pair.

     

     

    Does this keep it from assuming the floating IP? Perhaps it drops all of its self IPs?

     

    I can assign new self IP's to the new HA pair, but I want the new one to be using the same floating IP as the old ones.

     

     

    Process would be for prep:

     

    1.'force offline' on the old standby member of the HA pair so it won't become active.

     

    2. on the new HA pair do 'force offline' on both units, then bring them onto the network. They won't assume the VIP or anything, but the resources behind it (nodes, pools, etc) should come alive and we can verify that all is well and ready.

     

     

    Changeover:

     

    1. 'force standby' on the old, active unit. this will free up the float.

     

    2. on one new unit, 'Release Offline' to bring it active. It will grat. ARP and the virtual servers will become active.

     

    3. 'release offline' on the second HA member, probably after verification of applications have been completed.

     

     

    Falllback:

     

    reverse this and force the new units offline, bring at least one of the old units back online.

     

     

    My other option was to work on the switchports and bring the interfaces down on the old boxes (easiest).

     

    On the new place the VLANs into the guest to bring them active.

     

    The problem with this is that I can't verify that the resource nodes and pools are all good before flipping the switch.

     

     

    Comments, suggestions, recommendations for a clean cut over? Thanks!!!!