Forum Discussion

jan_de_wachter_'s avatar
jan_de_wachter_
Icon for Nimbostratus rankNimbostratus
Jan 13, 2017

LTM persistence mirror not working

We have 2 F5 on level 12.1.2 in active/standby mode and are using VCMP (with partitions).

 

We have defined VS with source address persistency profile with mirror persistence enabled.

 

At first sight everything is well defined to support persistency mirroring.

 

I see the persistency records on my active F5, but nothing on my standby (I should see them with a time of 0 secs).

 

When forcing my active to standby, all my persistent sessions are lost (and restarted of course).

 

Persistence mirroring is using port 1028 - I can telnet to my standby F5 on that port. Tcpdump shows no activity. As a test I activated session mirroring on a VS. This results in hanging transactions.

 

Can you please help me to see what I am missing?

 

5 Replies

  • I found in document K7225: Transport protocol used for BIG-IP connection and persistence mirroring that from 11.4.0 or later F5 is using port 1029 till 1043 for mirroring persistence.

     

    So from my standby I did a telnet to selfip active on port 1029 and I got refused. But when running TCPDUMP on my active I see my telnet coming in.

     

    Why is it refused, what can I do about it OR am I completely wrong :(

     

  • First make sure the mirroring is also setup in the HA. In each device, go to Device Management -> select one device -> Device Connectivity -> Mirroring. Make sure you check both devices in the list, in each device. They should show a self ip used for mirroring as primary, and maybe secondary if you have configured.

     

    Second, check the port lock down for the self ip (or self ips, if have secondary). Go to the self ip properties and change to allow all (just for test), if works review the configuration you had. There was some bugs in the past, where the default ports were not been applied, or something like that.

     

    Anyway, the default ports should be enabled, even with allow none as per this solution:

     

    https://support.f5.com/csp/article/K17333

     

  • Leonardo,

     

    Thanks for the reply - I tested your proposal, but with no success :(

     

    I checked my settings again, and now I changed the port-lockdown settings to allow all.

     

    First I tested my mirror connections, setting the option in a VS. I tested my transaction, transaction hanging - no session established between client and pool.

     

    Reset VS option connection mirroting to off and tested my persistence mirroring. Standby side has no knowledge of the session.

     

    Anyone has an idea?

     

    • Leonardo_Souza's avatar
      Leonardo_Souza
      Icon for Cirrocumulus rankCirrocumulus

      I think next step is open a case with F5 support. They can review your configuration for problems, and also send you some tcpdump/netstat commands to verify if the connect is established. I had a look in askf5 for bugs in your version, but did not find any related with mirroring.