Forum Discussion
NimbostratusProblem with IP Forwarding Virtual server
I recently created a new HA pair. One unit has been running for a year or so as a standalone. So I created a new unit then built the HA pair, synched the configuration and everything is happy. However, if I failover to the "new" unit in the HA pair no IP forwarding traffic seems to pass through the unit in either direction. I can't ping through or establish any connections from the nodes on the internal side - web servers. From the external side I can't ping BUT if I connect to the HTTP VIP it works. So I know I can establish a direct connection to the web server through the VIP. It just appears that the forwarding traffic doesn't work. I have verified that the web server/node is getting the arp entries after the failover so it knows where to send traffic.
A quick tcpdump from the web server shows the ICMP getting into the F5 but never getting a response.
If I fail back to the "original" unit then things work fine with no issues.
I can ssh to the "non-working" unit and can ping internal and external ip addresses, all my nodes, etc... So i know that network connectivity is good.
The configuration is pretty basic so I'm a bit lost on what could be happening.
Anyone have any ideas of something to check?
thanks
4 Replies
OTS02Cirrus
Do you have MAC Masquerading configured? some equipment will not accept gratuitous arps, and it makes failover kind of clunky.
hightower_mI don't at this time. I have another HA pair on my network running an older 11.2.1 version that works fine. I read a little about the MAC setting. I should probably investigate it further just to see.
thx
hongster_204902Hi, what's the outcome from this? Curious if failover didn't work because MAC Masquerading was disabled.
thanks,
Sachin_Gawli_31Have you got the root cause of this issue ?
