-
Lost Enable Password
I have two of AX 2500 units that were purchased used off of Ebay, and the enable password for these units are unknown. I can log into both units with the default admin info however when trying to go into enable mode the unit prompts me for a password which is unknown. As long as I don't lose any licensing info resetting…
-
Zone transfer \ AXFR
Hi all, I'm trying to configure the AX so that he will be the primary DNS for a DOMAIN, the Domain is configured and functional for single UDP type queries (single sub-domain query) but For some reason AXFR queries are being dropped. when capture the request on the 'Debug gslb' i get an error stating "wrong query type" Is…
-
AX handling of Connection Limit
Hello I've been looking into making our AX3030 handle max connections towards our appservers so it doesn't let it overload the appservers and I can't find much info on how it handles connection limits and how we can fine tune it. First, I'd like a definition on Connection Limit, is it the amount of http requests? Another…
-
Geo-Location db
I am looking to start using geo-location with our GSLB config. The pre-loaded IANA db doesn't seem very specific within a country - or maybe I'm just reading things wrong. A problem I also see with this is that our physically diverse locations both show under the same net range in ARIN; since iana doesn't I can't assign…
-
traceroute error
I login to AX1000 console. And then, I traceroute 8.8.8.8 But, reply to me : AX1000-11#traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 40 byte packets 1 google-public-dns-a.google.com (8.8.8.8) 6.098 ms 6.022 ms 6.012 ms 2 google-public-dns-a.google.com (8.8.8.8) 2.015 ms 1.959 ms 1.950 ms 3…
-
Passing Multicast Traffic
Does anyone have any experience passing multicast traffic through an A10? I need to establish PIM neighbor relationships and subsequently pass native multicast traffic through the device. Any help would be appreciated. My SE told me the devices don't participate, but that it's possible to pass the traffic through. He's…
-
Routing in one-arm mode?
Hi folks. I have a couple of AX3200s in HA active-passive mode, with several partitions. In one partition "test" I want it to have a connection to two different VLANs - EG. VLAN1 10.0.1.0 and VLAN2 10.0.2.0. I added a default route for 0.0.0.0/0.0.0.0 to VLAN1 gateway 10.0.1.1. Should I add other specific routes for both…
-
Clearing sessions
Does anybody know how to clear sessions for a specific port on a server with in a service group?
-
CPU Monitoring with Collectd
Here is my collectd cfg to get cpu data of an ax. You can use it to graph it with graphite. my_types.db: a10_cpu lambda:GAUGE:0:100 a10-snmp.conf: # A10 CPU SNMP Checks # Type "cpu" Table false Instance "mgmt" Values "iso.3.6.1.4.1.22610.2.4.1.3.6.1.3.0.5" Type "cpu" Table false Instance "data_1" Values…
-
Bash Hacking – F5 Nodes to A10
Here is my little script which is used to migrate a few hundred server from our f5 bigip's to a10. It's really simple and not very smart but it works for us. It doesn't care about the health check and just uses ping and it can't handle multiple ports... It also assumes that every server has a reverse lookup. If you don't…
-
Observium Module
One of our customers was kind enough to create an Observium module. You can find it at: http://jira.observium.org/browse/OBSERVIUM-452
-
One Arm deployment problem aith Windos server 2010
I'm facing a problem when i use Nate IP with one arm mode so all clients reach to the servers with the same ip so the team who is responsible on these servers can not make any trace or trouble shoot for his clients as all of them reach to the server with the same nate ip So, who i can solve this problem without change the…
-
Is there a way to log snat transations
We just moved our LDAP service to our new A10 load balancers. Our PROD partition (which is where our LDAP virtual server is on) is running in one arm mode utilizing a snat pool. Every thing is working fine but our LDAP administrator is asking if there is a way to save a log file of the snat translations for the LDAP…
-
External monitor script
Hi, I would like to create a external monitor health check that use SSH to login a linux server ,and send the command : “df -a” The answer expect contain the keyword “video” linux server ip:10.10.1.81 linux username:root linux password:whnm2013 How can I do this in script? Tks Best regards, Bon
-
Active/Standby with OSPF
Dear All, I would like to make two AX500's to work in Active/Standby mode with OSPF, where the default route is announced only by the active A10 in the pair. Is that possible? Please find the attached example topology. Thank you in advance. Best Regards, Nik
-
Transform Url to proxy squid
Hello all, I would like to implement the following configuration : Client --->SoftAX VIP--->Proxy (Squid)--->Original content server PS : Client browser CANNOT be configured with SoftAx VIP (pointing to the proxy). So, when the users request access to www.mycompany.com, the local DNS server resolves it to the SoftAX VIP.…
-
Squid Proxy Heath Check
Hello, I'm currently evaluating A10 (so I'm a newbie !) and I have question about Health Check. I configured two Squid Servers for Load Balancing. The health check is done using a TCP session (to port 8080) and sending the command 'GET http://www.google.com\r\n". It works fine but I would like also check the Response HTTP…
-
aVCS doesn't sync to other unit
Hello, I have been struggling with aVCS with VRRP for a few hours this morning and am stuck. It appears that no matter what I do I can't get the configuration to sync to the other "blade". I should note, that I first had these systems fully configured in the traditional HA mode, but only moved to the aVCS configuration…
-
How many maximum vCPUs does softAX support ?
Hello, Can I improve SoftAX performance , especially SSL performance , by adding vCPUs ? If so , how many maximum vCPUs does softAX support ? I am looking for ways to improve SSL performance when using softAX. I am not sure if softAX supports multi vCPUs. Best Regards, Shigehiro
-
A10 support for websockets?
Hey All, Does anyone know if the A10 supports websockets and what specific config changes need to be in place for this to function properly? I was trying to pass the port through TCP (2) with no success.
-
Unknown unicast
I keep getting burst of log messages "The total unknown unicast packets xxxxx per second has exceeded the configured all VLAN limit of 5000" in my AX logs." The number xxxxxx ranges anywhere from 10000 to 40000. I have about 15 web sites behind my A10. Is this normal? This only started a couple months ago.
-
DNS Delegation for GSLB
... long time listener, 1st time caller. Howdy folks! I've got 2 sites (NY and PA) with an AX cluster at each site in it's "internet" DMZ. The sites are interconnected on the LAN and I've also got a Juniper SSL VPN cluster split "behind" the A10 at each site (synchronizing over the LAN). Currently, we are only using the…
-
Weird behaviour of AX2500
I'm observing a weird behaviour on a pair of AX2500 running 2.6.1-P4: When I do a HEAD request for say http://$VIRTIP/foo.html?$UNIQID the balancer gets the content from one of the real servers and replies as expected. This works always without failures. Now when a request for the same file is being done by one of Akamai's…
-
SMTP STARTTLS offload
I set up SMTP STARTTLS offload when I started loadbalancing Exchange 2010 a couple of years ago, and I could swear it worked when I tested it then. Recently we've gotten reports that it doesn't work, and testing with 'openssl s_client -connect webmail:587 -starttls smtp' shows the certificate chain and seems to get through…
-
Unequal Load on Cache Servers
Dears, We have the followings being deployed: 1- Round Robin LB Algorithm to Balance the Load Among Cache Flow Servers. 2- Destination IP Persistence Option Enabled at the Virtual Server Port. 3- No HTTP Template Options are Enabled ! The problem is that the load and traffic at the cache servers is not spread equally, any…
-
Upgrade from 2.4.x to 2.6.x how-to?
Looking at the release notes etc everything looks fine and dandy - But the more advanced paths are not that well documented IMHO. So. Does anyone have experience with transitioning from HA to VRRP-A. How did that go? What to REALLY not forget? And also in the same fashion. Have an running system -> migrating it into an…
-
HA-mode
Hi, Trying to set up two Ax 1030 in HA-mode (Active/standby) Config on AX1: -Standby#show running-config ha ha id 1 set-id 1 ha group 1 priority 100 ha interface ethernet 1 ha preemption-enable ha conn-mirror ip 172.16.1.152 ! 1-Standby#show running-config interfaces ethernet 1 interface ethernet 1 ip address 172.16.1.151…
-
automating config backup with Rancid
Has anyone configured Rancid with A10? I wasn't able to use clogin to logon since my A10 is not set with enable password and clogin did not like it -- kept on asking for password. Any idea on this? Thank you
-
IP Source NAT
Hello, I have two AX2500 (active/active). Servers (172.10.10.0/24) need to access other servers (192.168.1.0/24) and Internet, using NAT... The "IP Source NAT" works only for icmp. Why? vlan 1 --- AX --- vlan 2 --- Internet vlan 1: 172.10.10.0/24 (Servers) vlan 2: 192.168.1.0/24 (VIP) access-list 110 permit ip 172.10.10.0…
-
Role privilage required to export axdebug file
Platform is AX1030 with version 2.6.1-GR1-P3(build: 29) I'm trying to create a role that read-only but has the ability to create and then export axdebug capture files. I have a role that can create them (basically ReadOnlyAdmin), but when I go to export the file I get "Insufficient privilege". I have not been able to find…
