Forum Discussion

Neil_Cook_66167's avatar
Neil_Cook_66167
Icon for Nimbostratus rankNimbostratus
Jun 09, 2010

Config sync problem

I'm using a pair of Big-IPs in a redundant configuration, and I have a problem with config sync. Occasionally it works just fine, but most of the time (9 times out of 10) it fails with the following error: Configsync Mode: Push Transferring UCS to peer... SOAPException: 'Error reading from secure socket' Checking configuration on local system and peer system... Peer's IP address: 10.223.112.3 Synchronizing Master Keys... Saving active configuration... Transport and install failed Error running config sync all. BIGpipe parsing error: 01110001:3: Error running config sync all I have no idea why tis would be. The address I'm using to do the sync is the static self IP of the peer on the internal network. Would this cause a problem? If so, why would it work occasionally without any problems? Any and all help would be appreciated, thanks, Neil
basic
getting started
new to f5

5 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jun 15, 2010
    How big is the UCS file? If it is over a megabyte or two, are there large, non-essential files stored in any of the directories that are included in a UCS archive? A UCS is a gzip'd tar archive, so you can copy it off the unit and use any zip utility to open and view the files.

     

     

    Aaron
  • Neil_Cook_66167's avatar
    Neil_Cook_66167
    Icon for Nimbostratus rankNimbostratus
    Jun 15, 2010
    I don't know - where is the UCS file stored? These are brand-new Big-IPs, and my config isn't particularly complex so I wouldn't expect them to be particularly large.
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jun 15, 2010
    UCS files are stored under /var/local/ucs. You can also download them via the GUI from System >> Archives.

     

     

    You can also run the csTest.pl script from the command line to help troubleshoot config sync issues. Though this is normally more useful when config sync's fail all of the time. See SOL7204 for details:

     

     

    SOL7024 - Overview of the configsync process

     

    https://support.f5.com/kb/en-us/solutions/public/7000/000/sol7024.html?sr=8391737

     

     

    Aaron
  • Cspillane_18296's avatar
    Cspillane_18296
    Icon for Nimbostratus rankNimbostratus
    Jun 15, 2010
    Hello Neil,

     

     

    the UCS files will be in /var/local/ucs. the programme 'winscp' is a simple way to copy the files off.

     

     

    Chris
  • Chris_Miller's avatar
    Chris_Miller
    Icon for Altostratus rankAltostratus
    Jul 03, 2010
    I could see the following potential causes:

     

     

    Is your self-ip listening on port 443? I can't remember if F5 overrides the port lockdown setting to allow config-sync or not.

     

    Do you have any firewalls between the units that might be blocking 443?

     

    Are your VLAN names the same across units? If you have self-ips for the same subnet on both units, they need to be applied to the same VLANs which need to be named the same.