Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. nsp>
  3. foundry
VRRP problem
barney.gumbo at gmail
May 30, 2006, 10:58 AM
Post #1 of 4 (2803 views)
Permalink
I am trying to get VRRP (not VRRP-extended) working between two BigIron
8k's. It appears they aren't seeing each other and both become master, thus
cause an IP conflict etc. I'm new to Foundry so hopefully I'm not missing
something simple.

One is running version 07.0.10T53 the other is 07.1.24T53.

The two swtiches are functioning as layer3 switches and have very simple
conifgurations. Access ports, some trunking with vlan-tagged ports linked
to some access layer2 switches. One is the STP root, the other is
the secondary root. No QOS. All routing is static, no dynamic protocols.
Each switch has 5x layer3 ve interfaces. The two switches are connected
together by with two seperate 2x gig-e trunks with vlan-tagging. I am able
to ping all layer3 interfaces from each switch as well as connect to both
via telnet remotely, which indicates to me that the trunking and
vlan-tagging is working correctly.

The config looked like this (switch-1 is supposed to be the master, switch-2
is supposed to be the backup)

switch-1#sho ip vrrp
Total number of VRRP routers defined: 1
Interface ethernet v3
auth-type no authentication
VRID 3
state master
administrative-status enabled
mode owner
priority 255
current priority 255
hello-interval 1 sec
ip-address 192.168.101.2
advertise backup: disabled
backup routers 192.168.101.45
switch-1#

switch-1#show run
--SNIP--
!
interface ve 3
ip address 192.168.101.2 255.255.255.0
ip helper-address 1 192.168.100.40
ip vrrp vrid 3
owner
ip-address 192.168.101.2
activate
!
--SNIP--


switch-2#sho ip vrrp
Total number of VRRP routers defined: 1
Interface ethernet v3
auth-type no authentication
VRID 3
state master
administrative-status enabled
mode non-owner(backup)
priority 100
current priority 100
hello-interval 1 sec
dead-interval 0 sec
current dead-interval 3.600 sec
preempt-mode true
ip-address 192.168.101.2
advertise backup: disabled
next hello sent in 00:00:00
switch-2#

switch-2#show run
--SNIP--
!
interface ve 3
ip address 192.168.101.45 255.255.255.0
ip helper-address 1 192.168.100.40
ip vrrp vrid 3
backup
ip-address 192.168.101.2
activate
!
--SNIP--
I tried pinging the VRRP hello multicast address from each switch and did
not get a response, I'm not sure if this is by design or if it's another
symptom.

Any thoughts on how to further debug the problem?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/foundry-nsp/attachments/20060530/c2115a0d/attachment.html
VRRP problem [ In reply to ]
vandusb at attens
Jun 1, 2006, 5:16 AM
Post #2 of 4 (2900 views)
Permalink
Hello,

Could you also provide vlan information where the router-interface ve3 is
applied on both sides?

-Brent


At 11:58 AM 5/30/2006, barney gumbo wrote:
>I am trying to get VRRP (not VRRP-extended) working between two BigIron
>8k's. It appears they aren't seeing each other and both become master,
>thus cause an IP conflict etc. I'm new to Foundry so hopefully I'm not
>missing something simple.
>
>One is running version 07.0.10T53 the other is 07.1.24T53.
>
>The two swtiches are functioning as layer3 switches and have very simple
>conifgurations. Access ports, some trunking with vlan-tagged ports linked
>to some access layer2 switches. One is the STP root, the other is the
>secondary root. No QOS. All routing is static, no dynamic
>protocols. Each switch has 5x layer3 ve interfaces. The two switches are
>connected together by with two seperate 2x gig-e trunks with
>vlan-tagging. I am able to ping all layer3 interfaces from each switch as
>well as connect to both via telnet remotely, which indicates to me that
>the trunking and vlan-tagging is working correctly.
>
>The config looked like this (switch-1 is supposed to be the master,
>switch-2 is supposed to be the backup)
>
>switch-1#sho ip vrrp
>Total number of VRRP routers defined: 1
>Interface ethernet v3
> auth-type no authentication
> VRID 3
> state master
> administrative-status enabled
> mode owner
> priority 255
> current priority 255
> hello-interval 1 sec
> ip-address <http://192.168.101.2/>192.168.101.2
> advertise backup: disabled
> backup routers <http://192.168.101.45/>192.168.101.45
>switch-1#
>
>switch-1#show run
>--SNIP--
>!
>interface ve 3
> ip address <http://192.168.101.2/>192.168.101.2
> <http://255.255.255.0/>255.255.255.0
> ip helper-address 1 <http://192.168.100.40/>192.168.100.40
> ip vrrp vrid 3
> owner
> ip-address <http://192.168.101.2/>192.168.101.2
> activate
>!
>--SNIP--
>
>
>switch-2#sho ip vrrp
>Total number of VRRP routers defined: 1
>Interface ethernet v3
> auth-type no authentication
> VRID 3
> state master
> administrative-status enabled
> mode non-owner(backup)
> priority 100
> current priority 100
> hello-interval 1 sec
> dead-interval 0 sec
> current dead-interval 3.600 sec
> preempt-mode true
> ip-address <http://192.168.101.2/>192.168.101.2
> advertise backup: disabled
> next hello sent in 00:00:00
>switch-2#
>
>switch-2#show run
>--SNIP--
>!
>interface ve 3
> ip address <http://192.168.101.45/>192.168.101.45
> <http://255.255.255.0/>255.255.255.0
> ip helper-address 1 <http://192.168.100.40/>192.168.100.40
> ip vrrp vrid 3
> backup
> ip-address <http://192.168.101.2/>192.168.101.2
> activate
>!
>--SNIP--
>I tried pinging the VRRP hello multicast address from each switch and did
>not get a response, I'm not sure if this is by design or if it's another
>symptom.
>
>Any thoughts on how to further debug the problem?
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp
VRRP problem [ In reply to ]
vandusb at attens
Jun 1, 2006, 5:30 AM
Post #3 of 4 (2736 views)
Permalink
Also, seems odd that Switch-2 has a dead-interval of 0, perhaps a nuance of
the particular code running on there. Try upping that dead interval to
something like 5 seconds.

-Brent

At 11:58 AM 5/30/2006, barney gumbo wrote:

>switch-2#sho ip vrrp
>Total number of VRRP routers defined: 1
>Interface ethernet v3
> auth-type no authentication
> VRID 3
> state master
> administrative-status enabled
> mode non-owner(backup)
> priority 100
> current priority 100
> hello-interval 1 sec
> dead-interval 0 sec
> current dead-interval 3.600 sec
> preempt-mode true
> ip-address <http://192.168.101.2/>192.168.101.2
> advertise backup: disabled
> next hello sent in 00:00:00
>switch-2#
VRRP problem [ In reply to ]
vandusb at attens
Jun 1, 2006, 6:07 AM
Post #4 of 4 (2741 views)
Permalink
Wow, Too early, disregard dead-interval adjustment, check vlan config
instead and try using 'dm raw' command to watch for VRRP packets entering
the switch management CPU.

-Brent


At 06:30 AM 6/1/2006, Brent Van Dussen wrote:
>Also, seems odd that Switch-2 has a dead-interval of 0, perhaps a nuance of
>the particular code running on there. Try upping that dead interval to
>something like 5 seconds.
>
>-Brent
>
>At 11:58 AM 5/30/2006, barney gumbo wrote:
>
> >switch-2#sho ip vrrp
> >Total number of VRRP routers defined: 1
> >Interface ethernet v3
> > auth-type no authentication
> > VRID 3
> > state master
> > administrative-status enabled
> > mode non-owner(backup)
> > priority 100
> > current priority 100
> > hello-interval 1 sec
> > dead-interval 0 sec
> > current dead-interval 3.600 sec
> > preempt-mode true
> > ip-address <http://192.168.101.2/>192.168.101.2
> > advertise backup: disabled
> > next hello sent in 00:00:00
> >switch-2#
>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal