LTM Floating IP`s mac address has gone mad!

Question

Hi there!
We have 2 BIG-IP LTM version 9.3.0, I know its old :)
These two have a floating ip between them(HA) and this ip is set on web servers as their default gateway, and it was working fine for a long time, but this week both web servers reported ip conflict and they couldn't ping the floating ip and when we get "arp -a" on web servers they return a wrong mac-address for the floating ip(the mac-address is the address which belongs to BIG-IPs own default gateway which is a cisco ASA), so we changed the web servers default gateway to one of the BIGs self-ip and servers don`t get ip conflict anymore and the "arp -a" returns the BIG-IP mac-address correctly. Is it a known issue on BIG-IP?

brad_parker_139 · Answer

Are you positive you ASA didn't go rouge and get put into the network?  I'm not sure how the BIGIP would advertise itself as owning a MAC address for you ASA.&nbsp;

brad_parker · Answer

Are you positive you ASA didn't go rouge and get put into the network?  I'm not sure how the BIGIP would advertise itself as owning a MAC address for you ASA.&nbsp;

shahrzad_84598 · Answer

Hi Brad, thanks for your reply.
1- How can I recognize if it is ASA which is gone rogue?
2- Is it possible that a virus on Web Servers cause this?
I`m going to capture traffic and see if another device(like ASA) is sending gratuitous arp ...

shahrzad_84598 · Answer

Hi Brad, thanks for your reply.
1- How can I recognize if it is ASA which is gone rogue?
2- Is it possible that a virus on Web Servers cause this?
I`m going to capture traffic and see if another device(like ASA) is sending gratuitous arp ...

stan_ward_01_13 · Answer

Not sure about the MAC address, but if this started with an IP address conflict for the floating IP, it sounds like the pair went "split brained" (active-active). So each F5 thinks that the other has gone south and that it needs to be active. But the GUI and the command line of each box would be reporting its status as "Active". If so, the cause would be loss of the HA Ethernet connection or the failover serial cable between the two boxes.

Forum Discussion

LTM Floating IP`s mac address has gone mad!

10 Replies

Recent Discussions

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

[ASM] - what is "Browser Challange file" ?

LDAPS and renegotiation

Related Content

F5 Hybrid Security Architectures (Part 1 - F5's Distributed Cloud WAF and BIG-IP Advanced WAF)

How to easily protect your BIG-IP applications using F5's Distributed Cloud Bot Defense, natively

AskF5's new BIG-IP upgrade guide

How to easily protect your BIG-IP applications using F5's Distributed Cloud Bot Defense with iApps

CSV to Address External Datagroup File