Hi People We have the following configuration FireWall1 --vlan70 SwitchA -- ACE1 --vlan31--SWA-SWC - Server (with two cards) FireWall2 --vlan70 SwitchB -- ACE2 --vlan31 -SWB-SWD /
SWA and SWB are connected via trunk
When ACE1 fails, ACE2 becomes active, but FW1 cannot talk to ACE alias ip anymore
FW1 has as GW the alias ip of vlan 70 and Servers have as gw the alias ip of vlan 31
the state of ACE2 is hot standby on ACE2 we also get a continous error in the logs, although we can ping the server and telnet to that port from ace2: "Health probe failed for server X.X.X.X on port 7793, internal error: failed to setup a socket"
config is as follows: interface vlan 31 ip address 10.55.250.12 255.255.255.240 ip options allow alias 10.55.250.14 255.255.255.240 peer ip address 10.55.250.13 255.255.255.240 no normalization no icmp-guard access-group input permit_all no shutdown interface vlan 70 ip address 10.56.251.33 255.255.255.240 ip options allow alias 10.56.251.34 255.255.255.240 peer ip address 10.56.251.35 255.255.255.240 no normalization access-group input permit_all service-policy input int70 service-policy input REMOTE_MGMT_ALLOW_POLICY no shutdown
the config is successfully replicated on secondary
Switch to ACE2 active. Check ARP tables on ACE1, ACE2, FW1. Check CAM tables in SwitchA, SwitchB. But probably, you have to repair ACE2 first. Please test ICMP and TCP (telnet, ssh etc.) between ACE2 and servers, ACE2 and FW1... Internal error might indicate some resource or TCP/IP stack problem. Reboot?
the purpose of the query vlan command is to have a second check in case the FT vlan fails.
If both ACEs are up and running, but something happens to the FT vlan (cabling problem for instance) the ACE will ping the IP Address of the other ACE for the configured interface in the query vlan command.
If he receives a response, he knows something is wrong with the FT vlan but the other ACE is still alive. This prevents the secondary to become primary and causing both ACEs to become active.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...