09-24-2009 09:17 AM - edited 03-11-2019 09:19 AM
Hello,
One of our PIX firewalled recently failed over. Since it happened, it constantly dipslays the sync status message:
.............................................
Sync Completed
Sync Started
.............................................
Sync Completed
Sync Started
.............................................
Sync Completed
Sync Started
.............................................
Sync Completed
Sync Started
.............................................
I tried terminal no monitor but it has no effect.
Does anybody know how to get rid of this?
Regards,
Thibault.
09-24-2009 10:03 AM
It sounds like you may have some incomplete syncing happening.
You should identify the primary ('sh fail') and verify that the two nodes have good failover connectivity. They could be flapping back and forth, causing this sync loop.
If that checks out ok, then you should verify the configuration on the current primary unit is the most up to date and do a 'wr mem' to save this config to flash, and then do a 'wr standby' to copy the running config to the standby unit's flash. See if that clears up whatever confusion may be causing the replication loop.
If that doesn't work, consider failing back to the other node as something is disagreeing on configurations and causing this constant sync. The only other possibility is that someone or something (script?) is doing a lot of "wr mem" actions. Are you automatically deploying shuns or something like that through a script or manamement utility?
Cheers,
Tim
09-28-2009 06:34 AM
Hi Tim,
Thanks for you answer.
After investigating this a bit more in depth with Cisco TAC it turned out to be 2 bugs: CSCec73787 and another one which it seems has not been published.
Regards,
Thibault.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide