Hello everyone, I have to two 30 day trial SN. and i am using some instructor to perform ha sync between them but the sync doesn't work. the same instruction help me to set up sync in a production environment. is it possible that HA not supported on trial version ? I'm using BIG-IP VE Version 17.0.0.
Hi @Snizri ,
you can do it by Lab VE or even trial license , I did it before and it worked.
Make sure that both VEs have been assigned by same resources , must be identical , allow ( Port lockdown default ) in HA selfIps.
you can share where have you been stucked in HA configuration ?
Device trust , device group , traffic group ....etc ?
Try to adjust the time manually on both nodes to have the same time by using command "date" on the bash mode (run the command on both nodes at the same time).
In the production enviornment, NTP server should sync time between nodes. So try adjusting the time manually, and try again, and if it still not working, you can share the erros with us.
Hi @Snizri ,
So the initial Sync hasn't done with the standby unit.
Please Run this command in the Active unit to force initial configsync again :
open >>> tmsh
then write this command :
run cm config-sync force-full-load-push to-group <group name>
Note this is must be run in tmsh.
For details about this , have a look here : https://my.f5.com/manage/s/article/K63470472
( Or )
Try to do any change in the Active unit , something like creating a test VS or pool or node.
in sync status in Active node should be changed and you will be able to do sync from Active unit to standby.
but I recommend the first method , to force inital sync again to the device group ( the standby device ) i mean.
There's is no network problem I can ping Google.com, and the trust is fine once the feilover group not sync, I've been try the same setup on a production environment. And it worked.
I use my mgmt interface as peering.
And ha as the heart beat
Ha and internal as feilover network.
I can ping the gateway and all vlans are untagged.
Port lockdown set to allow default
@Snizri If you're doing network failover and you have confirmed that every interface can communicate with each other, especially the interface used for network failover it's most likely a configuration issue with HA. Would you mind sharing the entirety of your HA configuration so we can look through it to see if we can find any errors?
Hi @Snizri ,
break HA again and rebuild device trust >>> I mean rebuild HA from scratch.
> Make sure that you have assigned the same system resources ( memory / CPU / same version )
> create HA vlan.
> configure Configsync using HA Vlan self ip in both appliances , aslo Failover using HA self and mgmt interface.
> For HA self ip address make port lockdown ( default ) in both appliances to allow HA traffic to be synced.
then built the HA on both appliances again.
These are the right steps as long as there is no issue in connectivity between peers.
have you installed same license , version , resouces ( CPU , Memory .... ) , same provisioning modules ?
have you used HA vlan for Configsync & failover ?
make sure HA selfips ( Port Lockdown : Allow default ).
Please ping both HA selfips from each VEs / platforms.
Please check the ARP resolution :
tmsh show net arp
it should give you that MAC is Resolved Automatically.
Check all interfaces in both VEs , if you saw something weired , change it such as ( Fixed Requested Media should be "auto" )
Check all of the above points