Forum Discussion

GavinW_29074's avatar
Icon for Nimbostratus rankNimbostratus
Oct 17, 2011

v11.0 HA Configuration issue...

Hi there,

I'm in the process of configuring our new Big IP 3900 devices...

They started at v10.2, and I was able to successfully configure a HA pair.

I then went and performed the upgrade to v11.0, following the process of backup first, then primary.

However once the upgrade completed, the units didnt appear to sync up correctly...

I then went in and deleted the Device group and tried to re-create it... However the failover peer had disappeared.

Experienced this behaviour on both the Primary and Secondary devices... On clicking 'Device Management > Devices', they were both only seeing themselves.

I then went to 'Device Management > Device Trust', and attempted to re-add the Secondary peer by clicking the Add button next to 'Peer Authority Devices'.

I completed the wizard, specifying the fail-over peer IP address, which succesfully displays the peer Certificate detailos... However on clicking Next, it comes back with an error saying:

The local device is already a member of the trust domain and cannot be added again.

I get the same error on both the primary and secondary peers...

I then tried a factory default using
tmsh sys config load default
, however get to the same point as above in the set-up wizard and encounter the same error...

Any ideas on how i can proceed?



2 Replies

  • Johnny_Schmidt_'s avatar
    Historic F5 Account
    When I've had this issue recently I fixed it be doing the following:



    1) upgrade to v11.1


    2) delete the existing trusts on both units and reset device trust on both units


    3) double check the configuration of the ip addresses for config-sync and failover


    4) re-add the standby unit to the trust from the active unit



    Of course if you want to do this on a live pair you'd want to be careful not to inadvertently trigger a failover situation with a config on both devices, so maybe also resetting the standby unit to it's base config before starting this process (making sure to make UCS's of the working config, etc).



    Hope that helps!


  • Hi there



    In the end I got it resolved with a lot of help from f5 support...



    Issue stemmed from bot setting up network failover properly on v10. This then created issues on the upgrade to v11... So I rolled back to 10, setup network failover correctly and then re-ran the upgrade. N like magic it all worked...