-
Role privilage required to export axdebug file
Platform is AX1030 with version 2.6.1-GR1-P3(build: 29) I'm trying to create a role that read-only but has the ability to create and then export axdebug capture files. I have a role that can create them (basically ReadOnlyAdmin), but when I go to export the file I get "Insufficient privilege". I have not been able to find…
-
Get the VRRP-A Status via SNMP or aXAPI
Hello, I would like to get the vrrp-a status from some ax devices running2.6.1-GR1-P2 . So I am able to login to the active vrrp-a unit without trying to connect to both to get the active one. Is there a way to monitor the vrrp-a status ( active / standby ) via snmp or aXAPI? I did not find a snmp OID or the REST Api path…
-
Draining for Maintenance
Any suggestions on the best way to drain all connections from a server so that you can perform maintenance? In a non emergency situation I'd like to let active connections continue to a server but not to allow new connections. In time that would mean that the server would no longer have any connections and the end users…
-
Health monitor Source IP addresses
Posted by jmaddox What IP is used as the source for health monitors? Are there instances where SNAT addresses are used? Examples: 1. interface or ve address but no snat involved, servers on same subnet as interface or ve address 2. same as #1 but servers a layer 3 hop away 3. Items #1 and #2, but with SNAT addresses…
-
ip nat range-list limitations in L3 partition
Hi, I have a deployment that requires the feature of range list in SLB to statically mapping of subnets. here's the scenario: I created two partitions in AX, and configure a range list in 1st parition "ip nat range-list 10.10.10.0 /24 192.168.0.0 /24 count 254. I also want to configure the same 10.10.10.0 /24 and map to…
-
.NET Library or XML Schema?
I remember seeing at one point in time a .NET library that was either available or being tested that would allow you to access the aXAPI interface using powershell or via compiled .NET application. I can't seem to find any reference to it on the site. If it was an idea at one point in time and scraped, is there are least…
-
LACP trunk failing in transparent mode
Hi all, I'm new to a10 stuff, and I'm trying to set up some new AX3200-12. I'm trying to set up the devices in transparent mode with a pair of data interfaces bonded to a cisco switch using LACP negotiation. I can set up the trunk interfaces fine, and the switch shows that the port-channel is build properly, but as soon as…
-
Admin and Partitions access
Hello, I'm kind of new to the A10. We have two AX2500 configured with 3 partitions and VRRP. I'm trying to acess via webgui using the default admin user that is a read write administrator. But when I try to acess any of the partitions to configure them I get this message: Error Ocurred: Current partition cannot be changed…
-
External monitor script
Hi, I would like to create a external monitor health check that use TCP 11277 and send the command: - "GET / ctrl_vip_acct_trrloader" The answer expect is: "VALUE ctrl_vip_acct_trrloader 0 27" How can I do this in TCL script? Tks Best regards, Alessandro
-
VCS and ve-stats enabled
Hello, is it possible to active "ve-stats enabled" in a VCS, so that is saved in the startup and running config? I tried it, but got this message in the logfile. Ve stats are counted on the vcs master, but not on the vcs blade. Vcs master and vrrp-a active are the same system at the moment.…
-
Anyone have luck with using database external monitors?
I'm attempting to setup a simple external monitor to check on a couple of Oracle instances. After using the example script provided in the documentation and tailoring it to my environment I've yet to get it to work correctly. Unfortunately, debugging a script on the AX is difficult it not impossible to do from that I've…
-
URL Hash Persistence synced to standby HA node?
Hi, We recently implemented URL Hash Persistence on a rather large Varnish cache server farm on an AX3000 cluster running 2.4.3-p7. Everything looks fine, and the cache hit-ratio on the cache-servers increased significantly. But I wonder if the url hash persistence is synchronized to the standby node in the cluster? I…
-
Create functional wildcard port VIP?
I'm trying to set up a virtual server such that, when it receives traffic for a port on the VIP that does not match any other VIP, it a) processes the traffic, and b) preserves the original client destination port when relaying the request to the backend servers. It looks like I want a wildcard VIP, but I couldn't get…
-
LAN can not access to Internet
Hi all, I am new here. I just deploy AX with WAN and LAN Interface. And I already make a default route and make a SLB, it is running when access the VIP with HTTP service. But users on LAN can not access to the Internet. Please can help how is it? (Prefer by GUI). Thanks.
-
Conditional SNAT
I'd like to SNAT only one subnet of source IP addresses and have the remaining (0.0.0.0) IP addresses SLB as normal. Using an ACL I can nat to different pools however I have not found a combination or pool that will SNAT one network and SLB the rest of the traffic. Ideas - pointers? clients ---- AX ---- servers All clients…
-
SNAT and GARP-s for all IPs in the SNAT pool?
Is this by design that G-arps are sent every 30 sec from ALL IP:s in an SNAT pool from the vrrp-a master? even if the IPs are not even used?! /Christian
-
Upgrade from 2.6.1-P4 to GR1
Have aVCS. reading the AX_Series_2_6_1-GR1_RelNote-120311.pdf Page 119. Step 1 - Backup - check Step 2 - Copy off the ax device - check Step 3 - disable VCS on the blade (NOT the master) - check Step 4 - going into one partition called "Internal" changing vrrp-a vrid default to priority 150 (the other ones has 100) - check…
-
HA -active -active -ditributed trunking (LACP) and VLAN tagging
Hi everybody I am trying to achieve the following: I want to connect a pair of AX1030 in an active active confiugration. They will be connected to a pair of swithes running distributed trunking. That allows me to create trunks as depicted in the diagram. For each load balancers the same color pairs are configured as trunks…
-
Smart Flow Control limits
One of the settings on a Connection Reuse template is "Smart Flow Control", which lets you queue packets when the per-server connection limit is reached (otherwise packets that would exceed the limit are dropped). The queue depth is configurable, but then, if the queue is full, packets are dropped. I realize that if you…
-
Deploy HA pair with two separate gateway
I have a HA pair AX, I want to load balance for Farm servers and DMZ servers (one AX primary for Farm, standby for DMZ, the other one primary for DMZ and standby for Farm). The problem is, there's two different gateway for server in Farm and server in DMZ in this case, no VRRP in gateway router because they work…
-
HA active-active
Hi, I have two AX3000, I want to have an HA active-active deployment. Is this possible in Large Scale NAT implementation? If that so, can you give me some example configuration. Thanks, Dannel
-
SNMP Monitoring
Posted by twolfe94022 We bought a pair of AX3000's they are in production running great! The problem we have is monitoring them. Aside from basic interface up and down that is all we can see. I was given the Cacti template and it seemed to connect to the box, but the graphs never update. I would like to be able to see…
-
Running Axdebug in a partition
Posted by pwidman When running Axdebug inside a partition you will only see traffic inside the partition where you are executing the command. Is this a fact? My testing shows it is but want to ensure that is the case.
-
log message Question
Posted by Han Hi. Custmer using the ADP. In all the private partition have the same log message. Oct 31 2011 15:36:00 Info [L3]:imish: trying to reconnet to imish : login VR Oct 31 2011 15:36:00 Error [L3]:(2986) login virtual-router VR1 Failed [timeout]: login virtual-router VR1 ^ Invalid input detected at '^' marker.…
-
Setting the port threshold for LACP trunks
Posted by pwidman Is there such a thing? I do not see it in the administrative guide for 2.6.1. I do see it for static trunks. If you do not recall what port threshold means: By default, a trunk’s status remains UP so long as at least one of its member ports is up. You can change the ports threshold of a trunk to 2-8…
-
Node Failover
Posted by jgreen How do I configure the lb for a server failover instead of load balancing? i.e. - traffic keeps being delivered to one primary server unless it is down (then delivers to the backup server) and redelivers to the primary server once it is back online.
-
VRRP and session synchronization
Posted by pwidman I have a customer who is implementing VCS along with VRRP this weekend and would like to use a dedicated port or trunk for session synchronization. After reading the 2.6.1 configuration guide section for VRRP it is not clear to me if this is possible. I recall that it was possible but I do not recall the…
-
DNS TTL priority: Zone or Policy or Other?
Posted by kirbini Hello, We've a customer who is asking for a TTL increase on many of their GLSB zones. One of our engineers changed it in the GLSB policy for that client but nothing changed. I changed the TTL for one of the zones and that seemed to work. I should mention that the AX1000 is the DNS server, not a proxy.…
-
VMWare working with A10 for Dynamic Provisioning
Posted by wfigueiredo Hi Everyone, Im looking for help for Dynamic Provisioning. I´ve followed all steps in A10 documentation, but without success. My vSphere and vCenter are later than 4.0 and the documentation refers 2.5 vCenter version. Can anyone help me with this? Thanks
-
HA interface synchronization
Posted by jmaddox According to the Configuration guide, items that are not backed up are vlans and trunks, "interface settings". does interface settings = speed/duplex or ip configuration, or both do interfaces in this context = also VEs or just physical interfaces? If i configure a VE on a standby unit, but do not have…
