Thursday, August 27, 2020

Extreme Switch - VRRP in dual master state


▶ Case 1 - VRRP dual Master state after state changes on same VRID

• Symptoms
After an VRRP state change a dual VRRP master situations happens

• Cause
This is caused by a bug (CR xos0067506) where some programming of the internal ACL rules needed for VRRP operation are not installed correctly on all ASICs.

• Resolution
Upgrade to one of the following or newer releases where fix is included:
15.3.5.2-patch1-14
16.2.3.5-patch1-1
21.1.3.7-patch1-5

A workaround is to disable VRRP and enable it again, this will re-install the ACL rules on all modules.
Another workaround is causing another single state change that would also trigger this.

disable vrrp vlan-name vrid 1
enable vrrp vlan-name vrid 1


▶ Case 2 - VRRP in dual master state with the same physical IP

• Symptoms
VRRP transitioning to MASTER logs reported on backup node repeatedly.

06/30/2020 05:11:04.25 Slot-1: VLAN VLAN1 vrid 238: transitioning to MASTER(2) 06/30/2020 05:11:03.74 Slot-1: VLAN JAP2_VLAN_Ch vrid 237: transitioning to MASTER(2)
06/30/2020 05:11:03.18 Slot-1: VLAN VLAN1 vrid 240: transitioning to MASTER(2)
06/30/2020 05:15:05.76 Slot-1: VLAN  VLAN1 vrid 237: transitioning to MASTER(2)
06/30/2020 05:15:03.69 Slot-1: VLAN  VLAN1 vrid 240: transitioning to MASTER(2)

• Cause
When VRRP Master/Backup node are configured with the same PHYSICAL IP address for the VLAN , we could observe the VRRP dual master scenario.

• Resolution
Ensure that the physical VLAN IP address on VLAN are not the same on master and backup nodes.


▶ Case 3 - VRRP in dual master state with no tagging on ISC port

• Symptoms
VRRP backup switch is trying to be the MASTER even though the VRRP priority lower than the Switch1.

Switch1 # sho vrrp
                      Virtual                 Master
   VLAN Name VRID Pri IP Address        State MAC Address       TP/TR/TV/P/T    /FR/G/HM
vlan10(En) 0001 200 10.10.10.1             MSTR 00:00:5e:00:01:01  0  0  0 Y 1      N N  N
vlan20(En) 0001 200 10.10.20.1           MSTR 00:00:5e:00:01:01  0  0  0 Y 1      N N  N
vlan30(En) 0001 200 10.10.30.1             MSTR 00:00:5e:00:01:01  0  0  0 Y 1      N N  N
vlan40(En) 0001 200 10.10.40.1            MSTR 00:00:5e:00:01:01  0  0  0 Y 1      N N  N

Switch2 # sho vrrp
                      Virtual                 Master
   VLAN Name VRID Pri IP Address        State MAC Address       TP/TR/TV/P/T    /FR/G/HM
vlan10(En) 0001 100 10.10.10.1             BKUP 00:00:5e:00:01:01  0  0  0 Y 1      N N  N
vlan20(En) 0001 100 10.10.20.1           BKUP 00:00:5e:00:01:01  0  0  0 Y 1      N N  N
vlan30(En) 0001 100 10.10.30.1            MSTR 00:00:5e:00:01:01  0  0  0 Y 1      N N  N
vlan40(En) 0001 100 10.10.40.1           BKUP 00:00:5e:00:01:01  0  0  0 Y 1      N N  N

• Cause
The VLAN30 was not tagged on the Inter-Switch Connection (ISC) port on MLAG.

• Resolution
Please check the ISC port (in this case, it is 47), and tag the missing VLAN on both switches.

show isc
configure vlan vlan30 add ports 47 tagged


Posted by at 12:42 PM
Labels: , , , , ,

No comments:

Post a Comment