Having 2 x ACE 4710 I HA pair. The primary ACE stops tp forwards traffic, but it responds on icmp, the gui logon page is also reacheble, but it is not able to log in to it. The primary is tunrned off, so the secondary can take over. Since the it is not the first time we had this problem, I would like to check the ACE before putting it back in the production.
Do any one knows about this issue, or can give some value input(s).
Since the ACE stops forwarding traffic i assume it still communicates with secondary and that's why failover never happens and you manually have to shut down the ACTIVE. Now, if you are not able to login into it, it could be due to no minimum allocation for the management connections or Admin context to which you may be trying to connect. Can you try and telnet from secondary to this ACTIVE when the problem happens? We cannot say for sure what exactly is the problem unless we have DATA. You can enable syslog and send us the output for review.
Did you check if VMAC for VIP's was learned on switches and peripheral devices during the time of the issue? ACE would only stop forwarding traffic when it is out of resources but still existing connections should continue, high cpu, ACE running out of buffers etc . But we still should be able to login to ACE. You can also keep a console connection ready and get in via console to collect information like show tech and check other information. Best would be opening a TAC case for this.
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...