Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

ASM sync group and LTM sync group

Dave_Pisarek
Altocumulus
Altocumulus

‎07-Apr-2020 12:07

All,

I have configured a HA pair where I have one device group for sync/failover and then a sync only for ASM. I configured ASM to use the asm sync only group as auto and left the sync/failover group to manual which will be used for LTM changes. When I create a new ASM policy it does sync over automatically as expected by the device goes into a changes pending status for the sync/failover group, I made no changes to LTM or anything outside of ASM, so why would this go into changes pending? To get the HA pairs back in sync I need to sync the sync/failover group. Is this an expected behavior when ASm has it's own sync only group?

Labels:
0 Kudos
2 REPLIES 2

Ivan_Chernenkii
F5 Employee
F5 Employee

‎07-Apr-2020 19:58

Hello Dave,

As I see, this is expected behavior, but I agree that such behavior is not very good.

Sync/failover group goes into changes pending state, because in case of creation ASM policy we also create "ASM policy" entity in LTM to operate with it together with LTM entities (VS, L7 Policy and etc.)

This shouldn't happen if you create some entity in ASM policy (e.g. new parameter).

Thanks, Ivan

0 Kudos

Samir
Nacreous
Nacreous

‎07-Apr-2020 20:50

Agree with @Ivan. This is known bahavior of ASM device. ASM policy learn few parameters based on the policy setting (Automatic n manual mode).

I will not suggest auto sync config for ASM​. It many consume extra memory.

Thanks​

0 Kudos
Copyright © 2022 Khoros, LLC