Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Replacing the management switch

Hello,

A pair of BIG-IP appliances (running 12.1.2) in active/standby mode installed in two different DCs with the management port connected to management switches (with the management VLAN L2 spread between two DCs).

I need to replace the management switch in both DCs. Is it recommended to put standby unit Offline during the maintenance to prevent failover? Looking at tcpdump I see quite a lot of failover_packet traffic between two units over the management VLAN.

Thank you.

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

Management port can be used for following features:

  • Management through SSH / WebUI
  • Out of band access to management with AOM
  • Logs / SNMP outbound connections if destinations are in same network as Management port or a specific management route was configured
  • failover heartbeat

The most critical service is failover heartbeat. The recommended configuration is to define 2 failover networks :

  • one HA network
  • Management Network

If your deployment is configured with both networks (Device Management ›› Devices ›› your device ›› Failover) and HA plan self IPs are defined with Port Lockdown Allow Default or Allow All, you can unplug the management port without issue.

1
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Novice,

Using the „Force Offline“ mode is always a good choice if you perform maintenance task on a given unit. So yes i would use it to make sure the unit stays offline until the work is done...

Cheers, Kai

1
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

If you are running viprion or vcmp on viprion then this command may not work for you. You need to configure minimum number of blades to keep one of the box standby

1