This appears an architectural flaw in P-1 I guess. We see it all the time - whenever a 'container' hosting Primary CMA's goes down, and the HA CMA's are made active, upon Primary CMA's container coming back online, both the CMAs remain active - leading to 'collision' status and we have to manually set it right for 100's of CMAs.
Now coming to the global MDS level, both the Primary MDS Manager and Secondary MDS Managers have similar architectural design as exists for the CMAs at local level. I have seen the same behavior happen as you are seeing at the MDS level in our env. Couple of things need be ensured: 1. What is the 'status' - is it in collision or synchronized? You need to ensure if any changes that were made on Sec Manager have been sync'd to Primary. 2. Once that is ensured, log into your Primary Manager MDS global view, right click on the Secondary Manager and change to 'standby'. We had raised this question w/ CP earlier and there is no solution to the problem when the Primaries' elements go down. One has to manually fix them unless there is something in NGX (some version), they have changed the design. Hope this helps. Rajeev On 7/15/07, cisco4ng <[EMAIL PROTECTED]> wrote:
I have a P-1 question for gurus in the forum. I have the following: P-1 NGx R61 with hfa_01 PRIMARY MANAGER on SPLAT. The ip address of this box is 192.168.1.9/24. Hostname of this box is LAB-Mgr P-1 NGx R61 with hfa_01 SECONDARY MANAGER on SPLAT. The ip address of this box is 192.168.1.7/24. Hostname of this box is LAB-Mgr-Sec P-1 NGx R61 with hfa_01 CONTAINER on SPLAT. The ip address of this box is 192.168.1.10/24. Hostname of this box is LAB-Cntr Everything is running EVAL license. User(s) can log into P-1 via MDG. Everyone is logging into the MDG via the Primary Manager. Under the High Availability, it shows that the LAB-Mgr is Active and the LAB-Mgr-Sec is "standby". For testing purposes, I reboot the LAB-Mgr box Now everyone logs into the P-1 via the LAB-Mgr-Sec and under the "High Availability", it shows the LAB-Mgr-Sec as "Active". When the LAB-Mgr comes back online, it also shows as "Active" as well, and it remains that way for the past 3 days now. In other words, I have both LAB-Mgr and LAB-Mgr-Sec are both showing as "active". By the way, I only have 2 CMAs on the container LAB-Cntr box. Does it mean I have a problem because both Manager boxes show up as "active/active" instead of "active/standby"? All of these boxes are connected to the same switch and they are also on the same network so latency can not be an issue, right? Can someone with P-1 experience explain this? Thanks. --------------------------------- Pinpoint customers who are looking for what you sell. --------------------------------- Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos & more. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
