Forum Discussion
NimbostratusHigh Availability issue on bigip 1600, rel. 11.2.1 HF1
High Availability issue on bigip 1600, rel. 11.2.1 HF1
HA configuration, sync, mirroring has been made through the wizard. after I have configured the VLAN Fail-safe (with action option: Failover RestartTM) and the MAC Masquerade Address. the sync process works; on the active appliance both operation (the force stand-bye and shoutdown) generate the expected behavior, a change of state (standby -> active). However, when I unplug all the service interfaces (1.1 - 1.4) on the active bigip, the bigIp2 detects the event HA connection lost, but can not be exchanged in active status. Both devices have a trunk with lacp on eth 4.
below, i've posted messages log of both appliances when i change the interfaces status on bigIp1 from active to down.
log message f5_1
Oct 22 11:34:19 f5_1_mc_me info bcm56xxd[4818]: 012c0015:6: Link: 1.1 is DOWN
Oct 22 11:34:19 f5_1_mc_me info bcm56xxd[4818]: 012c0015:6: Link: 1.2 is DOWN
Oct 22 11:34:19 f5_1_mc_me info bcm56xxd[4818]: 012c0015:6: Link: 1.3 is DOWN
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160016:6: Interface 1.1, link admin status: enabled, link status: down, duplex mode: half, lacp operation state: down
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160010:6: Link 1.1 removed from aggregation
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160016:6: Interface 1.2, link admin status: enabled, link status: down, duplex mode: half, lacp operation state: down
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160010:6: Link 1.2 removed from aggregation
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160016:6: Interface 1.3, link admin status: enabled, link status: down, duplex mode: half, lacp operation state: down
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160010:6: Link 1.3 removed from aggregation
Oct 22 11:34:19 f5_1_mc_me info bcm56xxd[4818]: 012c0015:6: Link: 1.4 is DOWN
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160016:6: Interface 1.4, link admin status: enabled, link status: down, duplex mode: half, lacp operation state: down
Oct 22 11:34:19 f5_1_mc_me info lacpd[5431]: 01160010:6: Link 1.4 removed from aggregation
Oct 22 11:34:22 tmm err tmm[7369]: 01340002:3: HA Connection with peer 192.168.200.29:1028 lost.
Oct 22 11:34:22 tmm1 err tmm1[7370]: 01340002:3: HA Connection with peer 192.168.200.29:1028 lost.
Oct 22 11:34:41 f5_1_mc_me notice mcpd[4993]: 0107143c:5: Connection to CMI peer 192.168.200.29 has been removed
Oct 22 11:34:41 f5_1_mc_me notice mcpd[4993]: 0107143a:5: CMI reconnect timer: enabled
Oct 22 11:34:41 f5_1_mc_me notice mcpd[4993]: 01071431:5: Attempting to connect to CMI peer 192.168.200.29 port 6699
Oct 22 11:34:46 f5_1_mc_me notice mcpd[4993]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160011:6: Link 1.1 Actor Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160012:6: Link 1.1 Partner Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160011:6: Link 1.2 Actor Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160012:6: Link 1.2 Partner Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160011:6: Link 1.3 Actor Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160012:6: Link 1.3 Partner Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160011:6: Link 1.4 Actor Out of Sync
Oct 22 11:35:18 f5_1_mc_me info lacpd[5431]: 01160012:6: Link 1.4 Partner Out of Sync
Oct 22 11:37:50 f5_1_mc_me err mcpd[4993]: 0107142f:3: Can't connect to CMI peer 192.168.200.29, port:6699, Transport endpoint is not connected
Oct 22 11:37:50 f5_1_mc_me notice mcpd[4993]: 0107143a:5: CMI reconnect timer: enabled
Oct 22 11:37:50 f5_1_mc_me notice mcpd[4993]: 01071431:5: Attempting to connect to CMI peer 192.168.200.29 port 6699
Oct 22 11:37:55 f5_1_mc_me notice mcpd[4993]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected[root@f5_1_mc_me:Active] config
Log f5_2
Oct 22 11:27:45 tmm1 err tmm1[7309]: 01340002:3: HA Connection with peer 192.168.200.28:32773 lost.
Oct 22 11:27:45 tmm err tmm[7308]: 01340002:3: HA Connection with peer 192.168.200.28:32772 lost.
Oct 22 11:28:04 f5_2_mc_me notice mcpd[5500]: 0107143c:5: Connection to CMI peer 192.168.200.28 has been removed
Oct 22 11:28:04 f5_2_mc_me notice mcpd[5500]: 0107143a:5: CMI reconnect timer: enabled
Oct 22 11:28:04 f5_2_mc_me notice mcpd[5500]: 01071431:5: Attempting to connect to CMI peer 192.168.200.28 port 6699
Oct 22 11:28:09 f5_2_mc_me notice mcpd[5500]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected
Oct 22 11:31:13 f5_2_mc_me err mcpd[5500]: 0107142f:3: Can't connect to CMI peer 192.168.200.28, port:6699, Transport endpoint is not connected
Oct 22 11:31:13 f5_2_mc_me notice mcpd[5500]: 0107143a:5: CMI reconnect timer: enabled
Oct 22 11:31:13 f5_2_mc_me notice mcpd[5500]: 01071431:5: Attempting to connect to CMI peer 192.168.200.28 port 6699
Oct 22 11:31:18 f5_2_mc_me notice mcpd[5500]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected
[root@f5_2_mc_me:Standby] config
Any idea? Thanks
6 Replies
What_Lies_Bene1Cirrostratus
Is MAC masquerade configured on both devices? I don't think any VLAN configuration is synched so perhaps the secondary/standby is missing some configuration?
Also, I've found the order things are done in can have an affect. I would suggest you run 'bigstart restart' on both devices and retest. It might also be better to test by pulling the cables or disabling the switch ports rather than disabling the ports in the GUI.
LivioMthanks for reply, * yes, MAC masquerade is configured on both devices;
-
after completed the configuration of Virtual server, i have replicated the object from f5_1 to f5_2 with sync operation
-
i have the same result when shoutdown the ports from the switch.
same result after run 'bigstart restart' on both devices
-
- What_Lies_Bene1
Hmmm. Can you provide more information on your HA setup please? Are you using serial cable failover or network failover? Are you also using HA-Groups/Fast Failover? Anything else?
- LivioM
below you can see configuration step device 1)basic configuration -->network advanced configuration (internal net, external net, ha net)
device 2) basic configuration --> network advanced config (the same steps of device 1)-->add peer list with management of device 1
after, i repeat last step of device2 , on device 1 with managemente device2
The L2 HA vlan is in interface trunk with the other vlans. I don't use serial cable and ha-groups. For syc and mirror process, i'm using the the self ip on internal VLan. For failover process i'm using the self ip that are on HA vlan with the management ip of device.
tnx
- What_Lies_Bene1
OK thanks but I'm even more confused. Which VLANs have network failover configured please? Could you post the output of
and[tmsh] show sys failover
please.[tmsh] show sys failover network-failover - LivioM
sorry for delay
F5-1
[root@f5_1_mc_me:Active:In Sync] config tmsh root@(f5_1_mc_me)(cfg-sync In Sync)(Active)(/Common)(tmos) show sys failover Failover active for 2d 00:36:25 root@(f5_1_mc_me)(cfg-sync In Sync)(Active)(/Common)(tmos) show sys failover network-failover Syntax Error: "network-failover" unknown property root@(f5_1_mc_me)(cfg-sync In Sync)(Active)(/Common)(tmos)
F5-2 [root@f5_2_mc_me:Standby:In Sync] config tmsh root@(f5_2_mc_me)(cfg-sync In Sync)(Standby)(/Common)(tmos) show sys failover Failover standby for 2d 00:41:57 root@(f5_2_mc_me)(cfg-sync In Sync)(Standby)(/Common)(tmos) show sys failover network-failover Syntax Error: "network-failover" unknown property root@(f5_2_mc_me)(cfg-sync In Sync)(Standby)(/Common)(tmos)
tanks for the support
