Forum Discussion
NimbostratusLTM address conflict detected
Hello we encountered an error on our LTM v11.6.0 HF4 active-stanby regarding address conflict which we're suspecting that's causing the unit to fail processing traffic from time to time. We encountered this error in the LTM logs:
address conflict detected for 10.81.17.75 (00:23:e9:8f:3e:02) on vlan 1701
10.81.17.75, as I found out is used for SNAT while vlan 1701 is the egress vlan. I do not know what's causing the conflict. Also noticed that the one of the standby unit's trunk is down even though all interfaces are up. Found a related SOL article(https://support.f5.com/kb/en-us/solutions/public/14000/100/sol14104.html)) but I doubt it is the problem since no conflict in device group setting. Would like to know how can this be fixed? Thinking about changing the SNAT IPs if it could solve the problem but we can not just change anything from the unit immediately unless we fully understand the issue and how to fix it.
9 Replies
IanBEmployee
00:23:e9 is an F5 MAC address, so the most likely scenario is that your Standby device is occasionally going active at the same time as the primary one. Given your comments about the trunk being down, if you've got the HA failover addresses configured on that truck, then it may not be able able to see the other unit, and is going active as a result. You can verify this in the /var/log/ltm log file - just search for "sod[" to see only the failover related events.
I would check the logs (on both LTMs) to see if that's happening, and if so, troubleshoot the network issues.
SynACk_128568Cirrostratus
Is the issue resolved ? Please check the arp setting on the forwarding VS if you have any and there will be a wildcard VS also i guess . Make sure arp is disbaled on that .
Balancing_HarmoHi SynACk, issue is not yet resolved. Would you mind instruct me how to check on arp setting of VS? I'm not familiar on where to check.- Balancing_HarmoHey SynACk, found out that ARP is enabled in the virtual address created by the VS. What's the reason why should it be disabled?
- SynACk_128568Hi Mark, is that VS a wildcard VS something like destination 0.0.0.0:0 which accepts traffic for anything and allows F5 to behave as router ?
