BigIP LTM Standby device is showing offline on the active device
We are using the BigIP LTM in HA with Active/Standby mode. Eventhough the configuration is in sync between them, the active device is showing the standby device as offline. And also the traffic group in stuck on the initializing/not Synced state for the NEXT ACTIVE DEVICE. I have tried rebooting both of the device, upgrading both the device with the latest hot fix and image(12.1.2 HF1). They are 4000 series BIG IP. Pleas let me know how do make the stand device from offline state standby state.3KViews0likes6CommentsHow useful is SSL mirroring when clustering?
When clustering, persistence mirroring is a no-brainer, and connection mirroring can also be useful under the right circumstances, but how about SSL connection mirroring? (https://support.f5.com/csp/article/K7216) Is there a clear performance benefit for the F5 / Client or a security benefit? From what I've heard/read (hardly reliable sources... ;), it may be useful in very large scenarios where you are dealing with very large numbers of SSL sessions and a failover event would otherwise trigger all these SSL connections to re-establish, putting a lot of strain on the system. At the same time, for many smaller systems, that initial strain might be manageable compared to the additional overhead of the synchronization that the SSL synchronization may not be worth it. Not to mention other issues such as the recently discovered bug that means you have to disable SSL caching. (https://cdn.f5.com/product/bugtracker/ID760406.html) Meaning you are now trading one benefit for another... Anybody got any ideas or able to shed any light on it?? Thanks in advance!Solved1.6KViews0likes4Commentsfailed to set up cluster after upgrading from v10.2.4 to v11.4.1
Hi, we have two big-ip 11050 devices which are active - standby systems were running on v10.2.4. with the basic network configuration below: f5coolsube1.bigip internal server vlan is vlan2 - floating ip 10.23.249.45 and self ip 10.24.249.46 and external vlan is vlan1- floating ip 10.24.249.5 and self ip 10.24.246.6 management ip : 10.230.0.13 f5coolsube2.bigip internal server vlan is vlan2 - floating ip 10.23.249.45 and self ip 10.24.249.47 and external vlan is vlan1- floating ip 10.24.249.5 and self ip 10.24.246.7 management ip : 10.230.0.14 We upgraded these devices to v11.4.1 and loaded the v10.2.4 ucs with no-licence option. Now we are having problems with the setting up the cluster. First we couldn't add each device as peer to other device and we got ltm logs : Jun 18 07:29:44 f5coolsube1 mcpd[6447]: 0107157a:3: Only the self device can be moved. Jun 18 07:29:44 f5coolsube1 err mcpd[6447]: 0107157a:3: Only the self device can be moved. Jun 18 07:29:44 f5coolsube1 devmgmtd[7458]: 015a0000:3: failed on .sys_device: 0107157a:3: Only the self device can be moved. Jun 18 07:29:44 f5coolsube1 devmgmtd[7458]: 015a0000:3: mcp operation failed: 0107157a:3: Only the self device can be moved. Jun 18 07:29:44 f5coolsube1 err devmgmtd[7458]: 015a0000:3: failed on .sys_device: 0107157a:3: Only the self device can be moved. Jun 18 07:29:44 f5coolsube1 err devmgmtd[7458]: 015a0000:3: mcp operation failed: 0107157a:3: Only the self device can be moved. Then we reseted the device trust status and it seemed like peers added to each other but we got below logs and the devices went to the disconnect state. Jun 18 07:30:06 f5coolsube1 mcpd[6447]: 01071436:5: CMI listener established at 10.24.249.46 port 6699 Jun 18 07:30:06 f5coolsube1 notice mcpd[6447]: 01071436:5: CMI listener established at 10.24.249.46 port 6699 Jun 18 07:30:06 f5coolsube1 mcpd[6447]: 01071434:5: No CMI peer devices configured Jun 18 07:30:06 f5coolsube1 notice mcpd[6447]: 01071434:5: No CMI peer devices configured Jun 18 07:30:06 f5coolsube1 mcpd[6447]: 01071436:5: CMI listener established at 10.24.249.46 port 6699 Jun 18 07:30:06 f5coolsube1 notice mcpd[6447]: 01071436:5: CMI listener established at 10.24.249.46 port 6699 Jun 18 07:30:06 f5coolsube1 mcpd[6447]: 01071434:5: No CMI peer devices configured Jun 18 07:30:06 f5coolsube1 notice mcpd[6447]: 01071434:5: No CMI peer devices configured Jun 18 07:30:06 f5coolsube1 mcpd[6447]: 01071436:5: CMI listener established at 10.24.249.46 port 6699 Jun 18 07:30:06 f5coolsube1 notice mcpd[6447]: 01071436:5: CMI listener established at 10.24.249.46 port 6699 Jun 18 07:30:06 f5coolsube1 mcpd[6447]: 01071434:5: No CMI peer devices configured Jun 18 07:30:06 f5coolsube1 notice mcpd[6447]: 01071434:5: No CMI peer devices configured Jun 18 07:30:07 f5coolsube1 sod[7675]: 010c0053:5: Active for traffic group /Common/traffic-group-1. Jun 18 07:30:07 f5coolsube1 notice sod[7675]: 010c0053:5: Active for traffic group /Common/traffic-group-1. Jun 18 07:30:07 f5coolsube1 sod[7675]: 010c0019:5: Active Jun 18 07:30:07 f5coolsube1 notice sod[7675]: 010c0019:5: Active Jun 18 07:30:07 f5coolsube1 logger: /usr/bin/tmipsecd --tmmcount 12 ==> /usr/bin/bigstart start racoon Jun 18 07:30:07 f5coolsube1 notice logger: /usr/bin/tmipsecd --tmmcount 12 ==> /usr/bin/bigstart start racoon Jun 18 07:31:57 f5coolsube1 mcpd[6447]: 0107143c:5: Connection to CMI peer 10.24.249.47 has been removed Jun 18 07:31:57 f5coolsube1 notice mcpd[6447]: 0107143c:5: Connection to CMI peer 10.24.249.47 has been removed AFter these logs we reseted the device trust statuses again and the f5coolsube1 continued to reboot itself until we installed the old configuration. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140029:5: HA nic_failsafe tmm9 fails action is reboot. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140043:0: Ha feature nic_failsafe reboot requested. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140029:5: HA nic_failsafe tmm10 fails action is reboot. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140043:0: Ha feature nic_failsafe reboot requested. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140029:5: HA nic_failsafe tmm11 fails action is reboot. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140043:0: Ha feature nic_failsafe reboot requested. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140102:2: Overdog daemon requests reboot. Jun 18 07:34:44 f5coolsube1 overdog[6174]: 01140104:5: Watchdog touch disabled. Jun 18 07:34:44 f5coolsube1 notice overdog[6174]: 01140029:5: HA nic_failsafe tmm9 fails action is reboo Any advice on how to solve this issue ?311Views0likes4Comments