Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



ACI Rogue EP Control vs HA pair automatic failover

Posts: 14
1751     0

Hello Everybody, 

I post here because we have had an issue with an HA pair when we was upgrading the ACI.

To explain the architecture, the HA pair are in two different datacenter and have LAN1 and HA connected to one switch. LAN2 (configured like LAN1 redundancy) and MGMT are connected to a different switch.


So during the upgrade, the LAN1 and HA port of the active node was interrupted and the passive tried to become active but the VIP of HA did not appear until we are disabling the rogue ep control on ACI.

The rogue ep control was in default setting (rogue ep control intervalle : 60, rogue ep detection multiplication factor : 4, hold interval (1800).

Have you got the same problem or have you some advice ? 


Kind Regards,

Re: ACI Rogue EP Control vs HA pair automatic failover

Posts: 14
1752     0

Hi i have had this problem on ACI

With another client we clould not reproduce this on the 8.5.2 nios firmware and ACI 4.2.6(d) release train. The problem i posted was at antother client that was still on 8.4.x nios version and ACI 3.2.6 release.

In both cases we don't use rouge endpoint control.

For other best practices on ACI this is also a good site : for bestpractices in settings on Muti-pod fabric e.t.c


Showing results for 
Search instead for 
Did you mean: 

Recommended for You