Forum Discussion
John_Heyer_1508
Cirrostratus
CirrostratusRapid failover/failback problem in AWS
We experienced a network-based failover on our F5 pair in AWS. Both are running 12.1.3.5. The logs from secondary show it detected a connectivity problem to primary and took over:
Jul 19 16:26:49 f5bigip-2 notice sod[6127]: 010c007e:5: Not receiving status updates from peer device /Common/f5bigip-1.mydomain.com (10.1.2.39) (Disconnected).When this occurred, the primary released its traffic group and AWS moved the floating IP to secondary.
Almost immediately, the primary was detected to be healthy again:
Jul 19 16:26:49 f5bigip-2 notice sod[6127]: 010c007f:5: Receiving status updates from peer device /Common/f5bigip-1.mydomain.com (10.1.2.39) (Online)This triggered a failback to primary. However, the floating IP stayed on the secondary.
I theorize the sudden failover/failback caused a problem for the "ec2:assignprivateipaddresses" API call to AWS EC2 that is responsible for shifting the floating IP between AWS instances. I have opened case with F5 & AWS for troubleshooting, but just curious if anyone has run in to this before.
John_Heyer_1508It looks like there's a couple bug IDs for this, but it's essentially a problem in the failover script that does the EC2 API call (aws-failover-tgactive.sh)
The work-around for versions 11 and 12 is configure MAC masquerading. The long-term fix is upgrade to version 13 which does not have this issue.