Currently we are using F5 LTM+DNS+APM. And we have 4 unit in DNS sync group.. (2 in DC and 2 in DR)
We have sync-failover separatly in each DC but we have same sync-only group for APM sync policy
Our issue is, They saw device group of other DC show incorrectly. For example. If you are access to GUI on F5 DC. in Device management menu , You will see Sync-failover device group of 2 DC unit (which is correct) but you will also see Sync-failover device group of 2 DR unit too and it show in Disconnect state. <<<< This is problem. but i think it's expect behavior because F5 DC should disconnect from F5 DR
I suspect this is happen because we have sync-only group (which include all 4 device both DC and DR)
Question is Can we just remove that Sync-only device group? Is there any interruption of service or impact of procedure? Or I can't remove it and need to re-create all new HA from scratch both DC and DR?
First thing I noticed, which I would focus on first, is that the device trust group isn't in sync. This is the most likely cause of you seeing the "Awaiting IS" in status bar and needs to be fixed.
Next, the device menu should only display groups your unit is part of, it's strange to me that you can see the status of DR group without being part of it. Was this unit originally part of it, and then moved to DC group? I would think about removing it, from local unit only (and possibly peer?), after performing careful analysis and only if 100% sure that it's now a local object that's not required on this specific unit anymore.
The sync only group worries me the least. It's in auto sync, which I would change to auto to have more "control" while you fix the groups thing, then sync it manually and move it back to auto.
But again, you really want to discuss this with support and possibly agree on a step by step plan.