For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Sahir_180434's avatar
Sahir_180434
Icon for Nimbostratus rankNimbostratus
Aug 20, 2015

LTM code 11.5.3 Sync over mgmt interface

Hi

 

This question is for LTM experts, here is the scenario:

 

I have an issue after upgrading from 10.2.4 to 11.5.3 where the LTMs are not syncing anymore, the current design on 10.2.4 is eliminating the use of the mgmt interfaces and the sync is happening via the interconn link, after the upgrade that case is not working anymore where the peers can't exchange the certs via interconn links, anyways I solved that by running a p2p link between the mgmt interfaces and the devices were synced again on 11.5.3, I know the mgmt is not routed and it's a local p2p connection but what I want to know is this going to affect the behavior of the ltm in anyway or is it a safe solution? I am testing this in the lab right now and will be pushing it to production next week.

 

Thanks,

 

Sahir

 

application delivery
LTM

2 Replies

  • arpydays's avatar
    arpydays
    Icon for Nimbostratus rankNimbostratus
    Aug 28, 2015

    Hi, you use the mgt interfaces for initial exchange of certs when adding them to device trust but config sync will take place over tmm interfaces. We use mgt as a backup interface for failover, this stops both units going active if the tmm interfaces go down. Check in GUI "device mgt/devices/your device/device connectivity" to check your IP settings for configsync and failover..

     

    cheers