PDA

View Full Version : Unremovable spoof groups after upgrade



ChrisA
2006-06-07, 14:24
Our upgrade from NG FP3 to NGX created Net_xx.xx.xx.xx network objects and <clustermbr>-<interface> spoof groups containing those Net_xx.xx.xx.xx objects. This also happened during the upgrade from 4.1 to NG, and we were able to clean these up without a problem after the upgrade. But in NGX, when we try to delete the spoof groups, we get an error that the object is used and is not removable. We've already changed the spoof groups referenced in the topology of the cluster, and we can't find any reference to the spoof groups we're trying unsuccessfully to delete, but the software seems to think they are referenced somewhere. Has anyone run into this issue? Thank you.

kva.kva
2006-06-07, 16:43
Did you try to delete group object or remove from anti-spoofing configuration?
Did you try to select group object, and select menu "Where used"?

ChrisA
2006-06-07, 17:44
I apologize for not being clear.

After the upgrade, I did "Edit Topology" in the Gateway Cluster object. I edited the topology of each interface in the cluster, in the Topology tab of the Interface Properties window. Under Internal, I have "Specific" selected and I changed the spoof group to the one I had already defined before the upgrade, which I named spoof.ethx. I saved the change and installed the policy, but when I try to delete the auto-created spoof group, <clustermember>-<interfacename>, I get an error saying it is used by another object and cannot be deleted. If I click "Where Used" I see "Network Objects" in the Table column, "cluster_member" in the Type column, "No" in the Is Removable column, and "interfaces->{xxxx}" in the Context column.

I hope that clarifies. Thanks for your help.

ChrisA
2006-06-27, 17:25
Here's the fix:
Run the DataBase Revision Tool to take a backup (to be safe!)
Detach the cluster members from the cluster (click on the cluster object then click Detach from Cluster. Click Y to the prommpt)
Delete the objects
Add the cluster members back to the cluster (click on the cluster, click Edit->Cluster members->Add. Select the cluster member to be added. Click Y to the prompt).