cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2579
Views
0
Helpful
3
Replies

ACE 4710 Failover(HA) pair, client connections on both ACE boxes

  I have a pair of ACE 4710s running a number of contexts in a HA configuration     

I thought all the connections would go to the ACE with the highest priority, but I am seeing connections thru both. Is this correct?

I am using a single Vlan in each context eg

VIP 172.23.4.2

ACE01 IP 172.23.4.1

ACE02 IP  172.23.4.4

nat-pool 5 172.23.4.10 172.23.4.41 netmask 255.255.255.0 pat

so do the 4710s Load balance between themselves even though one has a higher priority than the other?

1 Accepted Solution

Accepted Solutions

Kanwaljeet Singh
Cisco Employee
Cisco Employee

Hi,

The traffic would be served by ACTIVE ace only and not standby. If you have a scenario where in some contexts are active on one box and standby on another and vice-versa, in that you see traffic going to both the ACE devies. Otherwise it is not possible that traffic is going to both the devices.

You mention you see connections through both ACE devices? How did you check that? If you checked using show conn, then you will see connection entries because they are replicated to standby device for seamless failover.

Regards,

Kanwal

View solution in original post

3 Replies 3

Kanwaljeet Singh
Cisco Employee
Cisco Employee

Hi,

The traffic would be served by ACTIVE ace only and not standby. If you have a scenario where in some contexts are active on one box and standby on another and vice-versa, in that you see traffic going to both the ACE devies. Otherwise it is not possible that traffic is going to both the devices.

You mention you see connections through both ACE devices? How did you check that? If you checked using show conn, then you will see connection entries because they are replicated to standby device for seamless failover.

Regards,

Kanwal

Kanwaljeet,

I telnet to the two ACEs and doing a "show connections" on each made me wonder what was going on.

But if the connections are replicated between the boxes for seamless failover that makes sense.

thanks for your input.

Jorge Bejarano
Level 4
Level 4

Hi,

Can you show us this output: show ft group detail?

ACE_5/Admin# show ft group detail           
 
FT Group                     : 1
No. of Contexts              : 1
Configured Status            : in-service
Maintenance mode             : MAINT_MODE_OFF
My State                     : FSM_FT_STATE_ACTIVE
My Config Priority           : 110
My Net Priority              : 110
My Preempt                   : Enabled
Peer State                   : FSM_FT_STATE_STANDBY
Peer Config Priority         : 100
Peer Net Priority            : 100
Peer Preempt                 : Enabled
Peer Id                      : 1
Last State Change time       : Thu Apr  2 00:00:00 2009
Running cfg sync enabled     : Enabled
Running cfg sync status      : Running configuration sync has completed
Startup cfg sync enabled     : Enabled
Startup cfg sync status      : Running configuration sync has completed
Bulk sync done for ARP: 0
Bulk sync done for LB: 0
Bulk sync done for ICM: 0

How did you determine that both ACEs are handling the requests? Do you use a specific tool to check that?

I see you have this virtual addresses:

ACE01 IP 172.23.4.1

ACE02 IP  172.23.4.4

Do you have both VIPS under the same context or under different contexts?

Jorge

Review Cisco Networking for a $25 gift card