Forum Discussion
Dazzla_20011
Nimbostratus
NimbostratusUnknown Sync State
Hi,
I'm unable to sync the configuration between my LTM devices. The active LTM is reporting the following.
Peer state is unknown due to possible connectivity problems
Unable ...
Chris_Miller
Altostratus
AltostratusFound a decent doc that shows troubleshooting steps. It does indeed say to telnet to 443 so Nathan was onto something there üòõ
http://support.f5.com/kb/en-us/solutions/public/7000/000/sol7024.html?sr=11998049
Item to checkSystemCommand or ProcedureDescription
Basic configurationPeer and SourceRun setup from the Configuration utilityRun setup prior to running ConfigSync.
ConnectivityPeer and Sourceping peerThe failover systems should be able to route to one another over a configured VLAN.
Verify that you can ping the IP address of the peer used by ConfigSync. An entry for the peer should exist in the /etc/hosts file. Alternatively, you can ping the peer IP address. Refer to the Database Entries below to determine the peer IP address entry.
Transport LTMPeer and Source
telnet peer 443
You should be able to open a TCP connection to the peer system on the ConfigSync port.
Check Port Lockdown settings for the failover Self IP address and verify TCP 443 is enabled. For information, refer to SOL7317: Overview of port lockdown behavior.
Transport ASMPeer and Sourcetelnet peer 3306
telnet peer 443If the BIG-IP system is licensed for the BIG-IP ASM module, the Self IP address should have TCP 443 and mysql enabled.
Check Port Lockdown settings for the failover Self IP address and verify TCP mysql and 443 are enabled. For information, refer to SOL7317: Overview of port lockdown behavior.
FilesSource
Peerls -l /shared/tmp/__sync_local__.ucs
ls -l /var/local/ucs/__sync_remote__.ucsThe UCS collection file is created in the /shared/tmp directory on the local system.
The UCS collection file is installed to /var/local/ucs on the remote system.
Check the timestamps on the files.
Verify that the expected files have been transmitted and installed.
Check the UCS file sizes. If the UCS file is large in size, the ConfigSync operation may appear to hang or time out before the UCS file can be transferred to the peer system.
DirectoriesPeer and Sourcefind /config -xdev -type f | xargs du | sort -rn
and
find /home -xdev -type f | xargs du | sort -rnThe ConfigSync process may fail due to large disk usage under the /home or /config directories. For example, if the /home or /config directories contain a large ISO image or upgrade file, the ConfigSync process may timeout before completion. For more information, refer to SOL8522: The ConfigSync process may fail due to large disk usage under the /home or /config directories.
DaemonsPeer and Sourcebigstart status
and
bigstart status httpdBoth systems have the following daemons running for ConfigSync to complete.
Verify the following daemons are running on both systems:
mcpd
cssd
httpd
bigdbd
Web AccountPeer and Sourceb db Configsync.Username show
and
b db Configsync.password showThe ConfigSync user web account and password is used for ConfigSync authentication, and should be the same on both units.
Check the Configuration utility and verify the proper web account is specified.
Check the Configsync.Username database entries
Looks like the csTest tool might be useful as well.
Running the csTest script
To run the csTest script, perform the following procedure:
Log in to the command line.
Type the following command to run the csTest tool:
csTest.pl --v
Running csTest in verbose mode will output the following ConfigSync debug information:
Status of daemons that should be running for ConfigSync to be operational
Configuration information used by ConfigSync, such as failover addresses, TCP ports, and ConfigSync accounts
Auto detect status
Network connection status
SOAP time difference check
Product version test and whether major and minor product versions are identical
![\"F5](\"https://www.f5.com/content/dam/f5/f5-logo.svg\"){kind=logo}
