HA sync issue between primary and secondary node
Article ID: CTX459694
Updated On:
Description
ADC- HA Sync failure Error: Unable to connect to Primary. Please check the network connectivity from secondary to Primary
Resolution
- Enable TLS1.2 on internal services
- If disabled, this should help to fix issue in most scenario.
- However, if issue persist, follow extra steps mentioned below:
- Break HA, then make one node as stay primary and other node as stay secondary, also disable synchronization and propagation on both nodes
Complete the following steps on the primary and secondary node one by one:
- Check if ns-server cert is present under ( Traffic Management > SSL > Certificates > Server Certificates)
- If present - make sure that it is bound to internal services
- If not present - then internal services will be marked down. Install the ns-server-certificate on primary and secondary
1. Go to Traffic Management > SSL > Certificates > Server Certificates.
2. Click on Install
3. Provide a certificate key pair name.
4. In the next tab click on Choose File > select Appliance from drop down menu.
5. Select "ns-server-certificate"
6. Click on install
2. Click on Install
3. Provide a certificate key pair name.
4. In the next tab click on Choose File > select Appliance from drop down menu.
5. Select "ns-server-certificate"
6. Click on install
Command line:
==============
> add ssl certKey -cert -key -expiryMonitor ENABLED -notificationPeriod 30
Bind ns-server-cert on SSL based RPC internal services.
Steps to follow:
================
- To bind the cert, navigate to Traffic Management > Load Balancing > Service.
- Select the "Internal Services" tab from the right side pane.
- Bind the certificate to the SSL based RPC services. Post binding ns-server-cert on all internal services, their status will be UP and marked green.
- At the end, Force sync from primary to secondary node and nodes will become synchronized.
Problem Cause
Internal services were marked down
Was this article helpful?
Yes
No
Powered by
