ACE ft difficulty

Unanswered Question

I'm having a difficult time getting the ft configuration on my two ACE modules to work. This is my development pair. My production pair is working fine and they seem to be configured the same way. I believe this pair was working at one point, but I had a contractor in here working on a problem and between upgrading the code on the ACE and screwing around with certs, they lost their syncronization.

When I got around to looking at them, they were showing their ft peers in an UNKNOWN state. I sync'd up all the certs and got both of the ACEs on the same code level, but they refused to leave the UNKNOWN state. I deleted the FT groups and re-configured them, but now they are both showing their peer in the INIT state. Each ACE can ping their peers FT VLAN IP address.

Can any see what I may have done wrong here?

Here's the config:

ACE 1:

ft interface vlan 226

ip address 172.20.26.13 255.255.255.0

peer ip address 172.20.26.14 255.255.255.0

no shutdown

ft peer 1

heartbeat interval 200

heartbeat count 20

ft-interface vlan 226

ft group 1

peer 1

peer priority 200

associate-context Admin

inservice

ft group 2

peer 1

peer priority 200

associate-context DevQAExternalDMZ

inservice

PHXDevACE01/Admin# sho ft grou bri

FT Group ID: 1 My State:FSM_FT_STATE_ACTIVE Peer State:FSM_FT_STATE_INIT

Context Name: Admin Context Id: 0

FT Group ID: 2 My State:FSM_FT_STATE_ACTIVE Peer State:FSM_FT_STATE_INIT

Context Name: DevQAExternalDMZ Context Id: 1

ACE 2:

ft interface vlan 226

ip address 172.20.26.14 255.255.255.0

peer ip address 172.20.26.13 255.255.255.0

no shutdown

ft peer 1

heartbeat interval 200

heartbeat count 20

ft-interface vlan 226

ft group 1

peer 1

associate-context Admin

inservice

ft group 2

peer 1

associate-context DevQAExternalDMZ

inservice

PHXDevACE02/Admin# sho ft grou bri

FT Group ID: 1 My State:FSM_FT_STATE_ACTIVE Peer State:FSM_FT_STATE_INIT

Context Name: Admin Context Id: 0

FT Group ID: 2 My State:FSM_FT_STATE_ACTIVE Peer State:FSM_FT_STATE_INIT

Context Name: DevQAExternalDMZ Context Id: 1

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Sat, 04/05/2008 - 06:19

strange.

I'm not sure if this will change anything but on ACE1 you set peer priority to 200 but define no priority for the device itself.

On ACE2 you did not define any priority.

So, if you want ACE1 to be active, use the command 'priority 200' and remove the 'peer priority 200'.

If after that the problem persist, collect the following info :

switch/Admin# sho ft history ?

cfg_cntlr Display Cfg Cntlr debug log

ha_dp_mgr Display HA-DP Manager's debug log

ha_mgr Display HA Manager's debug log

and let us know which version you run.

Gilles.

Roble Mumin Mon, 04/07/2008 - 09:14

Just my 2 cent. Are you sure vlan 226 is correctly trunked between the two chassis?

If both blades are in init state maybe there is an inter-chassis communication problem.

Roble

Actions

This Discussion