Forum Discussion
Domai
Altostratus
AltostratusWeird issue with VIP
Device 8900 Version 11.5.1, HF7
Hello Gents, I faced a weird issue today with one of the VIP who shall remain nameless (lets say 10.1.1.1). Users reported that they are not able to access the application which did not have any problem before was working fine for 3-4 weeks. I checked the vip it was up, pool members up, did a tcpdump -nni0.0 -Xs0 host 10.1.1.1 and port 443, initiated a telnet from client computer - Nothing, ping no response. Just for the heck of it I failed it over (Problem device - Stby) and lo behold the VIP started responding from the other device which is active now...after few min I changed it back again problem device - Active...and look like its responding how its supposed to. My question is did any one face the similar issue? or how do I go about figuring what happened. I looked the ltm logs already and nothing so far.
Thank you.
arpydaysNimbostratus
Hmmm, next time it happens run tcpdump on both peers, if you have access to the upstream gateway/router/firewall on same subnet try pinging from there. Check that the active is recieving the packet, if not look at L2, clear ARP cache for VS/SelfIP on gateway and try again, check if all boxes see the ARP request and check where the response came from, check the switch MAC tables..cheers
Muhammad_Irfan1Cirrus
At that moment other VIP were working fine on primary ltm? Do you vlan group? Looks like an issue of arp entry learned from some other side. Need to check mac tables of the attached network device.
- Muhammad_Irfan1
At that moment other VIP were working fine on primary ltm? Do you vlan group? Looks like an issue of arp entry learned from some other side. Need to check mac tables of the attached network device.
DomaiYes other VIP were working just fine. It was just this one VIP that was impacted. I doubt it was an ARP issue it was working fine since last 3 weeks.