Clarification on Cisco ACE Post

July 15, 2011 1 Comment

To clarify my post about the condition of STANDBY_COLD in the Cisco ACE, I dont’ think it’s a bug necessarily. The documentation (who reads documentation?) tells you to upload the SSL certificates and keys to both the active and standby.

The issue is that it’s easy to make the mistake of not uploading to both. Because the rest of the configuration is sync’d automatically, it’s easy to make the assumption the keys and certs are sync’d too. When you import the certs and keys there’s no warning that tells you that you should upload to both the active and standby.

And if you did make that mistake, there’s no red light that says “hey, I’m in STANDBY_COLD!”. If you don’t know to look for it, you could be in it and not know it. Also, STANDBY_COLD isn’t exactly a descriptive error state.

So it’s not a bug per say, but it is a bit tricky. It’s more of an operational bug. There should be more of an indication that the system is in STANDBY_COLD.  That’s why many of my students are surprised to find that they are, in fact, in STANDBY_COLD and didn’t know it.

Filed under Load Balancing

One Response to Clarification on Cisco ACE Post

  1. Precision Cooling & Data Center Design says:
    December 8, 2011 at 11:05 pm

    The issue is that it’s easy to make the mistake of not uploading to both. Because the rest of the configuration is sync’d automatically,

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: