HA Connection lost after change Management IP address

I would suggest you read how to setup HA in V11. It is no longer really a HA Pair, but a cluster. This may give you an idea of what all changes you need to make in order to get this working in V11.

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-device-service-clustering-admin-11-4-0/3.htmlunique_2103230074

One thing to check for is your trust list on each device. From the above link you need to see what you have configured under " Device Management > Device Trust, and then either Peer List or Subordinate List"

You trust the management IP address of the other devices in the cluster. So if you are changing the management IP address, you need to update the trust list.

@giltjr So it's mean after changing management IP . Device will active/active (Downtime will occur for sure.) and then we must update a trust list (not sure if we have to create a new sync group) to make a BIG-IP sync each other again.

Am I correct?

I would have to think and read about everything that needs to be updated and how quickly it must be updated in order to prevent an outage when changing the management IP address.

Basically all F5's in the cluster would need to be updated at the "same" time. You would also need to make sure the DSN entries for the F5's are updated so that when the F5's do their DNS lookups they get back the new addresses.

You may want to open a case with F5 support to see the best way to do this.

However, do you really have an outage? I would think that one of the F5's would keep responding.

Service disruption is possible in such an operation.

See ">SOL7312: Overview of the management port.

To prevent the devices going into active-active, you can force-offline the standby device before operation.

See ">SOL15122: Overview of the Force Offline option.

changing mgmt ip affects active/standby status because mgmt ip is embedded in failover packet as identifier.

besides forcing offline, hardware serial failover is another option (to prevent service interruption when changing mgmt ip) but platform must not be viprion and contains only two devices in group.

@Jie

Thank you very much. I will look into it.

@ nitass

We use 4200 v. 11.4.1 HF5 with Active/Active mode and not use hardwire failover. If we use hardwire failover (by using patch cable. not crossover cable). Is this Active/Active state will work fine like Active/Standby?

So it's seem I must offline one box >> change mgmt >> reset all config in device management (reset device tust) and re-config a new >> release offline and failover to finish the job.

I will test in a lab and tell a result soon.

After test via release offline method. It's seem work fine.

but this have error log repeatly. "bigip-ve06 notice sod[5511]: 010c0062:5: Config digest module error: Traffic group device not found.."

Is this some known issue or else?

but this have error log repeatly. "bigip-ve06 notice sod[5511]: 010c0062:5: Config digest module error: Traffic group device not found.."

it is benign which could be fixed in 12.0.

ID474149 Take care of non-self device mgmt IP address change in SOD