LTM: Local Traffic log problems

Do you have an NTP server configured to use on both of your BIG-IPs? If not, I recommend doing this first.

Regarding the address conflict, what is the IP address it is alarming on? Is that a self IP on the BIG-IP?

A) Logs are different between active and standby because one is passing traffic the other isn't.

B) Via what mechanism are you identifying which device is Active and which device is Standby? It sounds like the box you are referring to as standby is the one that is actually passing traffic. (Active)

C) Address conflict detected for 10.249.13.219 means just what it says. You have an IP conflict on your network. Did you accidentally put the same self-ip on both boxes? Are you stepping on the IP space of another device in your network? Look at ARP-tables on your upstream switch, see if you can identify the conflicting MAC's.

We are using VCMP with partitions.

We have NTP server active, and synced. I think the warning messages are for the floating IPs.

We use the LTM panels who show acive or standby state. cluster: enabled on both slot1: active and slot1: standby. In sync on both.

Ensure that the self IP address (floating and non-floating) don't conflict with something already up on your network.

Regarding the logs being different, are you referring to /var/log/ltm or some custom log (local or remote)?

I will check all the self-ips. The log is the local log used in irules with "log local0'.

I think (hope) I found the reason. Before creating our VCMP we had 'normal' definitions. Creating our VCMP all old definitions were deleted on our active system BUT were still active on our standby system - using the same reused IPs.

Thanks for helping me - I hope all problems will be solved with this.

In anyway now I see statistics on my active side. The logging is showing normal hours (the old definition didn't have connection with time server) and for the moment no IP messages in the log.