I am runnig two ACE4710 devices in bridge mode in Active/Passive configuration. I am observing that in case the primary ACE fails, the second one immediately takes over. In this process only one packet is lost.
However when the primary comes back online and takes over the precedence, the end users will have 5-6 packet drops. Is this the normal behaviour?. Can a pre-empt delay be configured on ACE. I am doing interface tracking on the ACE.
By default, when configuring the ACE 4710s in a HA/FT environment, the FT groups are configured with 'preempt' so the higher priority ACE4710 will always become active and will force the Standby ACE to failover back to it.
If desired, you can disable 'preempt' under the FT groups so that when a failover occurs, the higher priority ACE will not preempt when it is available and force the Standby ACE to failover back to it. . Without 'preempt', the priorities only apply if both ACE4710 were rebooted at the same time and had to negotiate who becomes Active.
ft group #
peer priority 105
Alternatively, if you want to use the 'preempt' option but would like to delay the actual failover between the Active/Standby_HOT ACE4710s you can use the "carrier-delay" feature under the interface configurations.
Per the user docs:
Configuring a Delay at the Physical Port Level
If you connect an ACE to a Catalyst 6500 series switch, your configuration on the Catalyst may include the Spanning Tree Protocol (STP). However, the ACE does not support STP. In this case, you may find that the Layer 2 convergence time is much longer than the physical port up time. For example, the physical port would normally be up within 3 seconds, but STP moving to the forward state may need approximately 30 seconds. During this transitional time, although the ACE declares the port to be up, the traffic will not pass.
To add a configurable delay at the physical port level to address this transition time, based on the variety of peers, use the carrier-delay command.
The syntax for this command is as follows:
The seconds argument specifies the carrier transition delay in seconds. Valid values are 0 to 120 seconds. The default is 0 (no carrier delay).
For example, to add a configurable delay of 60 seconds at the physical port level for Ethernet port 3, enter:
I have a same question here. I have noticed that the failover from Primary unit to Standby unit is very fast which is within 1 request timeout, but the failover from Standby unit back to Primary unit takes longer time which normally take 7-8 timeout.
I have configured to failover based on Probe Host where indeed help to trigger the failover when only the probe for the host is success, thus avoiding the failover happens when interface is up but host still not learned by ACE.
Any idea of what happening at the background which causing this delay. Is this due to gratuitous arp issue or ACE itself?
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...