Security

last person joined: 3 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Subscriber acquiring VIP (virtual IP) when Publisher is online

  • 1.  Subscriber acquiring VIP (virtual IP) when Publisher is online

    Posted Jun 08, 2016 10:46 AM

    Hi,

    Has anyone experienced a subscriber node acquiring the Virtual IP (VIP) even when the Publisher node is still online?

    Event viewer is showing some events occuring after the daily automated backup and cleanup routine.

    Some events show that subscriber acquires and releases the VIP on the same second!!! Other events show it takes a few minutes to realese the VIP, but all time the Publisher, which is primary VIP node, is online!!!

    VIP-events-subscriber.jpg

    These nodes are VM appliances (version 6.5.6) and I´ve already checked the host vmware settings that coud affect server network traffic (vSwitch, promiscous mode, forged transmits, etc)

    Any ideas?

    Thanks!



  • 2.  RE: Subscriber acquiring VIP (virtual IP) when Publisher is online

    Posted Jun 09, 2016 07:09 PM

    Hi Heraldo,

     

    I have seen this before. On the node that is not owning the VIP and you want to own the VIP. Make sure that the "Virtual IP service" is running under service control. It would show "Stop".

     

    Let me know.



  • 3.  RE: Subscriber acquiring VIP (virtual IP) when Publisher is online

    Posted Jun 09, 2016 08:08 PM

    Hi Master-local,

    Thanks for the reply.

    On both servers, Publisher and Subscriber, the Virtual IP Service is "running".

    What is strange is that the Subscriber, sometimes, acquires and releases the VIP at the same time!!!For example, if you see the event log image I attached you will observe this:

    51 High AvailabilityINFOVirtual IP ReleasedNoneJun 07, 2016 04:28:56 BRT
    52. High AvailabilityINFOVirtual IP AcquiredNoneJun 07, 2016 04:28:56 BRT

    And on others occurences it takes a few seconds or a few minutes to release the VIP:

    53. High AvailabilityINFOVirtual IP ReleasedNoneJun 07, 2016 04:26:57 BRT
    54. High AvailabilityINFOVirtual IP AcquiredNoneJun 07, 2016 04:22:30 BRT
    55. High AvailabilityINFOVirtual IP ReleasedNoneJun 07, 2016 04:22:18 BRT
    56. High AvailabilityINFOVirtual IP AcquiredNoneJun 07, 2016 04:22:16 BRT

    Is it possible that the Virtual IP Service is crashing and restarting on the Publisher node without logging anything in the Event Log/Viewer?

    Thanks again!



  • 4.  RE: Subscriber acquiring VIP (virtual IP) when Publisher is online

    Posted Jun 09, 2016 08:22 PM
    Ive seen that happen on a VM if the vm network settings are not stable. My best guess is that its in the VM settings not CPPM


  • 5.  RE: Subscriber acquiring VIP (virtual IP) when Publisher is online

    Posted Jun 09, 2016 08:31 PM

    Hi Tarnold,

    Thanks for the reply.

    Any specific setting I should check?

    I´ve already checked the host network settings (vSwitch->Standard, promiscous mode->disabled, forged transmits->enable) and I don´t know what could be causing this behavour!

    Thanks again!