Link Controller sync issues

Question

Hi Folks.
We tried to configure LC from standalone to HA (Active-Standby). When we run gtm_add the objects of LC was synced. After, when we try to sync from Device Management only LTM objects are synced. Other issue is that the monitors mark down (Links and wideips) on Standby Unit.
We followed the next steps ( https://support.f5.com/kb/en-us/products/lc_9_x/manuals/product/lc-implementations-11-6-0/4.html😞
-Build cluster with HA vlan and failover connection.
-Sync using HA VLAN. Secondary using MGM.

-Network failover using HA VLAN.

-Create Sync failover group.

-Configure NTP.
-Add the floating IPs and Sync.
-Configure Port-lockdown allow default.
-Enable Golbal traffic Sync.
-Run gtm_add tool.
-Test to add LC object and is not synced. Only works when run again gtm_add tool
Note: For one ISP we have one public IP available (used only for outbound traffic). The self-IP is configured on Active Unit.
F5 active
ISP 1 .- Self IP and floating IP (Vlan 2)
ISP 2.- Self IP and floating IP (Vlan 3) 
ISP 3.- Self IP and floating IP (Vlan 4) 
ISP 4.- Self IP ( Vlan 5) (We have 1 public IP)
F5 standby
ISP 1.- Self IP and floating IP (Vlan 2)
ISP 2.- Self IP and floating IP (vlan 3) 
ISP 3.- Self IP and floating IP (Vlan 4) 
ISP 4.- No self IP

raghavendrasy · Answer

Please verify whether device certificates are in sync and are upto dat. if device certificate is not in sync between active and standby, wideip's will go down.&nbsp;

raghavendrasy_7 · Answer

Please verify whether device certificates are in sync and are upto dat. if device certificate is not in sync between active and standby, wideip's will go down.&nbsp;

fernando_carran · Answer

Hi  RaghavendraSY.&nbsp;
Thank you for you advice. We resolved the issue with the next steps (with help of F5 ticket):&nbsp;

Rebuild the cluster. Ensure that ISP4 only using for outbound traffic. As we can see, the LC objects synced through selfi-ip, the ports we configured in port lockdown "default". The LTM objects synced through HA VLAN.

Add snat pool for outbound traffic (using self-ip for ISP4 and floating for the others ISPs). Automap create route issues when you use floating and selfips for outbound traffic. Reference: K7336&nbsp;

fernando_carran · Answer

Hi  RaghavendraSY.&nbsp;
Thank you for you advice. We resolved the issue with the next steps (with help of F5 ticket):&nbsp;

Rebuild the cluster. Ensure that ISP4 only using for outbound traffic. As we can see, the LC objects synced through selfi-ip, the ports we configured in port lockdown "default". The LTM objects synced through HA VLAN.

Add snat pool for outbound traffic (using self-ip for ISP4 and floating for the others ISPs). Automap create route issues when you use floating and selfips for outbound traffic. Reference: K7336&nbsp;

raghavendrasy · Answer

Cool. thanks for your information.&nbsp;

Forum Discussion

Link Controller sync issues

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Anchor Link Redirect

JWT authorization with NGINX Ingress Controller

Distributed caching of authentication requests with NGINX Ingress Controller

Persisting SNAT Addresses in Link Controller Deployments

Using BIG-IP Kubernetes Gateway API Controller

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS