08-27-2009 05:44 AM
I have a pair of ACE appliance setup to failover on the FT TRACK of a vlan. I tried disconnecting the primary ACE from network and failover did not occur and the backup did not takeover. Also indicated in the FT group summary.Attachemnts are FT configs
08-27-2009 06:34 AM
Hi,
Are your ACEs in active-standby mode (verify with "sh ft group 1") Are they seeing eachother?
How did you perform your test? Have you disconnected all cables? the interface VLAN1000 needs to go down, so if VLAN1000 is on multiple trunks, all of those trunks need to be down.
HTH,
Dario
08-27-2009 06:49 AM
Yes they are in active/standby and synced.
vlan1000 is only on 1 physical interface and I took it down by disconnecting the cable on the primary.The secondary never took over and a sho ft group summ showed it still in standby.
08-27-2009 07:17 AM
can we get a 'show ft group detail' from devices to see the status of the ft tracking system.
Thanks,
Gilles.
08-27-2009 07:20 AM
08-27-2009 11:43 AM
this looks good.
We'll need the same information when you unplug the cable.
Also get a 'show interface' so we can see if the interface is down.
Gilles.
08-27-2009 12:14 PM
Did you check the configs for the priority settings ?
08-27-2009 12:30 PM
it looks ok.
The only problem you could get is if the link goes down at the same time on both side.
You would not see a failover because both devices would end up with a null priority.
Perform the test and capture the necessary info to see what is going on.
show ft group detail
show ft track detail
G.
08-27-2009 12:32 PM
I will do this is the morning and let you know
08-28-2009 05:32 AM
08-28-2009 05:41 AM
Hi,
on both (active + standby) the vlan 1000 interface is down. They both have decreased their priority, and both have now priority 0. That is why no failover occured.
Your test should be to disconnect the cable where VLAN1000 is on from the active, but leave it on the standby. That way the active will receive priority 0 and the standby will become active with priority 100.
HTH,
Dario
08-28-2009 05:46 AM
ok well that is part of the problem in my second post. Even though the two vlan interfaces 1000 and 1001 are physically connected on the secondary they always show as down. Even with the primary completely off.Obviously when the secondary is in standby they should be down but when the primary is off they should come up.
08-28-2009 08:24 AM
OK at this point I think the issue may be that I never setup a primary bvi ip on the backup ACE.
08-28-2009 05:42 AM
OK. Here is second test that is much worse.
Primary completely down. Secondary didnt do anything. It says its active but it didnt pass any traffic and it couldnt ping anything. I noticed the bvi never went with the active ip address. This brings into question my complete FT config. The chances of a vlan1000 failure is slim but if the primary crashes I want the secondary to take over. I have 2 sets of old CSS switches that failover fine. Maybe instead of using tracking at all I should just do the query interface.
08-29-2009 10:39 PM
you should have given us your complete config since day one.
The FT config part is correct since the standby became active. This is all FT does.
The problem is that you did not configure an ip address for the standby.
In the active config, for each interface MUST have :
ip address x.x.x.x1 ....
peer ip address x.x.x.x2 ....
alias address x.x.x.x3...
The ip address x1 is for primary ace, x2 for the secondary and x3 is shared.
x1 and x2 stays with their ace whatever the status.
x3 stays with the active ace and goes from primary to secondary when necessary.
You are most probably missing the 'peer ip address'. This is bad.
Also, the secondary should be running just like the primary even in standby mode. It should be able to ping devices, send probes, ...
So before failover, make sure the secondary is "alive".
Gilles.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: