How to sync the config in CLI when we have multiple traffic-group ( Active-Active)
Hi Experts !!! How to sync the config via cli in Active-Active setup . Example : We have 2 f5 named BIGIP-A and BIGIP-B and 2 traffic-group-1 is active in BIGIP-A and traffic-group-2 is Active in BIGIP-2 . On BIGIP-A I configure a VIP which is Active in traffic-group-2 , in this case how do I sync the config in CLI . I need CLI command to sync the config when the F5 HA status are in Acive-Active setup .
Config-sync only certain BIG-IP folders
Hey guys - We have F5 platforms at each datacenter using a OTV link to extend Layer 2 services. We would like to be able to synchronize everything in the /Common folder/partition. But create a site specific folder or partition that does not get synchronized. Reading the snippet below, it seems like this is doable using folders. But it is not clear to me how to actually assign a folder to a specific traffic-group, and then to a specific sync-only device group? Any help on the configuration steps to accomplish this? (BIG-IP 12.1.2) Folders A folder is a container for BIG-IP configuration objects. You can use folders to set up synchronization and failover of configuration data in a device group. You can sync all configuration data on a BIG-IP device, or you can sync and fail over objects within a specific folder only. https://support.f5.com/csp/article/K13946
LTM HA L3 not L2 connectivity
Hi we're planning to deploy x2 F5 LTM devices in x2 different locations. These 2 nodes should form a cluster and probably an active active (for traffic balancing amonmg both nodes)o ne built up of x2 traffic groups. Our customer is a bit concern about the idea to extend the L2 networks (internal, external, and HA ones) among both Datacenters. Could it be possible to completly avoid the L2 vlans extension between both DC's and use only L3 capabilities both for pool memebers and LTM devices HA subnets (managment, configSync, mirroring vlans)? is it mandatoy that at least the failover ones belong to the same IP subnet on both boxes? Thx in advance. BR Gab
GTM Sync config Save
Just a basic (may sound Silly as well ) GTM Question regarding Sync - If I have 4 GTMs in a sync grp (GTMA,GTMB, GTMC, GTMD) , none of them have autosave option enabled and I did a latest change on GTMA followed by "save sys config" in TMSH. So, will the rest of the GTMs get the updated bigip_gtm.conf file or do I need to type "save sys config" in TMSH of all the other GTMs ?Upgrading from Version 10 to version 11 - Synchronization configs lost
Hello, I'm in the process of upgrading our version 10.2.4 devices (LTM 6900s) to version 11.5.1. When I boot into the new version, however, the device loses all information of the other devices in the HA pair, and becomes a standalone device that can't be synced. Is there a particular reason as to why this could happen? Thanks, RyanCan we pull the config sync from Active to standby when you are in standby device ?
Hi Experts !!! say we have 2 f5 in cluster , 1.BIGIP-TEST-1 (Active) 2.BIGIP-TEST-2 (Standby) Now someone has done a change in Standby device . Since BIGIP-TEST-1 is Active device . I would like to pull the latest config from Standby to Active .( I do not want to login to Standby and do the sync ) In this case, 1.How can I pull the config sync from standby device ? 2.Do we have any cli command to pull the config sync from other device ? 3.Do we have a command to know which device in the cluster has the recent changes made ?Config Sync problem in F5
Dear Folks, I am getting below error messages in ltm log file. Active Device Aug 7 13:09:00 MyLoadbalancer info mcpd[7608]: 0107148c:6: Received advertisement for device group /Common/Sync-Failover from remote device /Common/Peer_LB.xyz.com, force true, error '' commit_id 329 5317022206481634851 /Common/MyLoadbalancer.xyz.com 0, local commit id is 329 5317022206481634851 /Common/MyLoadbalancer.xyz.com 0 cached remote device data id 0 Aug 7 13:09:00 MyLoadbalancer info mcpd[7608]: 01071528:6: Device group '/Common/Sync-Failover' sync inconsistent, Incremental config sync may not be complete on one or more devices in this devicegroup, Sync status may not be consistent until incremental config sync is complete.. Standby device Aug 7 13:09:00 MyPeerLoadbalancer info mcpd[6443]: 0107148f:6: Advertising device group /Common/Sync-Failover, force true, error '' commit_id 329 5317022206481634851 /Common/MyLoadbalancer.xyz.com 0. Aug 7 13:10:47 MyPeerLoadbalancer info mcpd[6443]: 0107148c:6: Received advertisement for device group /Common/Sync-Failover from remote device /Common/MyLoadbalancer.xyz.com, force true, error '' commit_id 329 5317022206481634851 /Common/MyLoadbalancer.xyz.com 0, local commit id is 329 5317022206481634851 /Common/MyLoadbalancer.xyz.com 0 cached remote device data id 0 Please suggest solution if any , this log is continuosly getting logged in log files. In GUI everything looks ok . Furthermore , getting below ASM error log as well. Aug 7 13:28:24 MyLoadbalancer err tmm1[16325]: 016e0002:3: Execution of action 'asm enable policy=/Common/ASM-Policy-Name' failed, error ERR_UNKNOWNConfig Sync error - Abnormal behavior in F5
Dear All, Below error is repeatedly recorded in /var/ltm log file , that looks like a problem with configuration sync. Any suggestions would be appreciated Note : Even in peer system I could see the same as follows. $run cm sniff-updates ['SYN'] 10.1.1.1:41971 -> 10.1.1.2:6699 ['SYN'] 10.1.1.2:6699 -> 10.1.1.1:41971 Error was found parsing this message: query_count { query_count_count_only 1 } query { devicegroup_device { devicegroup_device_devicegroup "/Common/DeviceGroupName" devicegroup_device_device "/Common/STANDBYDEVICE_HOSTNAME" } } Error was found parsing this message: query_all { devicegroup_device { devicegroup_device_devicegroup "/Common/DeviceGroupName" devicegroup_device_device "/Common/STANDBYDEVICE_HOSTNAME" } } ['FIN'] 10.1.1.1:41971 -> 10.1.1.2:6699 ['FIN'] 10.1.1.2:6699 -> 10.1.1.1:41971
Device trust setup issues
I am running BigIP 11.6 HF4 but for a long time have had this issue, but never remember how to solve it. When I request a peer to be established, the configuration details are loaded from the soon-to-be peer on the requesting unit (the one I am connected to and entered the credentials on for the remote system). However upon checking the peer unit, only the device name is presented, MAC, version etc from the "primary" system are not shown. I have the 2 Self IPs set to Allow All and the ConfigSync addresses set to those self IPs. Can someone help me out here? I'm trying to get our Active/Standby back after a device failure as well as setup a new cluster for HA Active/ActiveF5 cutover from passive to active after upgrade
Hi, We have two F5 devices in sync that we are in the process of upgrading. I understand that when I upgrade the first device they will become out of sync since they will be on different software versions. My question is why even though the passive device says Online (standby) does it still try and take traffic. This caused an outage and we still have more devices to upgrade. Should i leave the interfaces disabled and the device forced offline until I get both devices upgraded and back in sync. Thanks for your input.