Forum Discussion

Allanwynn_16283's avatar
Allanwynn_16283
Icon for Nimbostratus rankNimbostratus
Jan 22, 2015

High Availability configsync error

install_authority_trust: Exception caught in Management::urn:iControl:Management/Trust::install_authority_trust() Exception: Common::OperationFailed primary_error_code : 16908289 (0x01020001) secondary_error_code : 0 error_string : Trust daemon returned an error: 0107146f:3: Self-device config sync address cannot reference the non-existent Self IP (1.1.1.1); Create it in the /Common folder first.

 

Above is the error I encountered. On my setup, we are using port 1.8 for high availability.

 

so on first device, i created vlan "vlan_ha" where 1.8 is untagged, then created a self ip of 1.1.1.1 using this vlan and "allowed default" port lockdown and "traffice group local-only".

 

on second device, i created vlan "vlan_ha" where 1.8 is untagged, then created a self ip of 1.1.1.2 using this vlan and "allowed default" port lockdown and "traffice group local-only".

 

then i configure configsync using 1.1.1.1 on first device and 1.1.1.2 for the second device. Same with failover network -> failover unicast with 1.1.1.1 port 1026 on first device and 1.1.1.2 port 1026 on second device.

 

then i go to device trust, reset device trust and generate new self-signed authority, this is done for both device and on first device i configure peer list: device ip: 1.1.1.2 admin username: admin password: *****

 

then retrieve device, then i can see the details of the peer device but when i update, the error above is what get.

 

The setup is a direct cable connection from both device for HA. Can anyone suggest or help me with this, I am a newbie on using F5. Thanks.

 

  • Are both devices reachable between each other?

     

    NTP configured?

     

  • There is no ntp configured, but i assure they are using same time and timezone. Yes they are both reachable between each other.

     

  • There is no ntp configured, but i assure they are using same time and timezone. Yes they are both reachable between each other.

     

  • Can you ping first device from second device (and vice versa)?

     

    Have you ensured network failover option is still configured properly (i had problems with this disappearing when i reset device trust)

     

  • Yes I can ping each other. How can i say network failover is still configured properly,, but based on my post, my procedures are correct sir?

     

  • Just reading your post again

     Self-device config sync address cannot reference the non-existent Self IP (1.1.1.1); Create it in the /Common folder first.     
    

    Can you confirm Self IP is in common partition?

    • Kash_118367's avatar
      Kash_118367
      Icon for Nimbostratus rankNimbostratus
      I would try to re-create the self-ip for that you can follow these steps: 1. On GUI: Device Management --> Devices --> Cick on "Self" device --> Device Connectivity --> Network Failover --> Delete the unicast address (1.1.1.1 in your case). 2. Delete Self IP 1.1.1.1 from GUI: Network --> Self IP --> Select 1.1.1.1 --> Delete. 3. Re-create Self IP 1.1.1.1 fro GUI (make sure you are in "Common" partition --> Network --> Self IP --> Create 4. On GUI: Device Management --> Devices --> Cick on "Self" device --> Device Connectivity --> Network Failover --> Create the unicast address. Follow same steps on F502.
    • Rodrigo_Mori_13's avatar
      Rodrigo_Mori_13
      Icon for Cirrus rankCirrus
      I am creating a step by step how I'm doing the HA to see where the error may be
  • Good afternoon

     

    The problem was solved

     

    It was necessary to change the interfaces manage the boxes, leaving distinct networks. After this procedure it was possible to make the HA.

     

    Thank you all.