This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Technical Discussions
- Network Architecture & Design
- Extreme VRRP/ARP Issue - default gateway does not ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Extreme VRRP/ARP Issue - default gateway does not respond
Extreme VRRP/ARP Issue - default gateway does not respond
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-29-2015 01:34 PM
Hi
Hope someone can help.
We have two Extreme core Blackdiamonds with various flavours of Extreme edge switches. Each core has two mlagg'd connections to edge stack.
Recently the network was reconfigured to put routing on the cores, rather than a FW, and to set up the cores with VRRP. Fairly standard design, one core is master with the other as backup, VIP set as default gateway on the vlans.
Now, since this work has been done an odd issue has appeared. At some point during the day Windows server 2003, Linux and Macs devices can only ping within their own vlan but not outside of it, i.e. another VLAN. Pinging the default gateway (BD1) does NOT respond. However, pinging the second backup BD, not holding the VIP does get a response.
Clearing the arp cache on the devices in question brings the response back. Now, with 2003 it is not a problem. Changed the ARP settings in the registry and messed around a bit and that seems to have sorted it. However, this is not so easy on Linux or Macs.
This is starting to cause a few issues as you can imagine. Has anyone seen this behaviour before and managed to resolve it?
Any help gratefully received.
Hope someone can help.
We have two Extreme core Blackdiamonds with various flavours of Extreme edge switches. Each core has two mlagg'd connections to edge stack.
Recently the network was reconfigured to put routing on the cores, rather than a FW, and to set up the cores with VRRP. Fairly standard design, one core is master with the other as backup, VIP set as default gateway on the vlans.
Now, since this work has been done an odd issue has appeared. At some point during the day Windows server 2003, Linux and Macs devices can only ping within their own vlan but not outside of it, i.e. another VLAN. Pinging the default gateway (BD1) does NOT respond. However, pinging the second backup BD, not holding the VIP does get a response.
Clearing the arp cache on the devices in question brings the response back. Now, with 2003 it is not a problem. Changed the ARP settings in the registry and messed around a bit and that seems to have sorted it. However, this is not so easy on Linux or Macs.
This is starting to cause a few issues as you can imagine. Has anyone seen this behaviour before and managed to resolve it?
Any help gratefully received.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-24-2016 12:28 PM
Hi.
EXOS 15.6.3.1.p1-9 on both routers.
At the moment of the incident VRRP-Gw has not moved on from the r1 to r2, two masters in the same was not. VRRP-gw has not been available both inside and outside the network. Hosts are mutually available, however, were not available from other networks . And all this with only one vlan , all the rest worked normally. STP on the network is not configured - we use mlag.
>Output from r1:
show iproute reserved-entries statistics
|-----In HW Route Table-----| |--In HW L3 Hash Table--|
# Used Routes # IPv4 Hosts IPv4 IPv4 IPv6 IPv4
Slot Type IPv4 IPv6 Local Remote Local Rem. Local MCast
---- --------------- ------- ------ ------ ------ ----- ----- ----- -----
1 X670V-48x 4706 0 1459 0 0 0 0 137
show vlan | i tech_srvtech_srv 127 192.168.127.4 /24 -f-------o---v--------------- ANY 16/16 VR-Default
show config vrrp | i tech_srvcreate vrrp vlan tech_srv vrid 3
configure vrrp vlan tech_srv vrid 3 priority 110
configure vrrp vlan tech_srv vrid 3 version v2
configure vrrp vlan tech_srv vrid 3 add 192.168.127.1
enable vrrp vlan tech_srv vrid 3
show iparp stats summaryIP ARP VR Statistics Sun Jan 24 18:02:12 2016
ARP-
ARP Total Dynamic Static Pending Unneeded Failed (Rejected)
============================================================================
Totals for all VRs
2501 1456 3 18 368 656 3686006
=============================================================================
>Output from r2:
# show iproute reserved-entries statistics
|-----In HW Route Table-----| |--In HW L3 Hash Table--|
# Used Routes # IPv4 Hosts IPv4 IPv4 IPv6 IPv4
Slot Type IPv4 IPv6 Local Remote Local Rem. Local MCast
---- --------------- ------- ------ ------ ------ ----- ----- ----- -----
1 X670V-48x 4704 0 1425 0 0 0 0 119
show vlan | i tech_srv
tech_srv 127 192.168.127.5 /24 -f-------o---v--------------- ANY 16/16 VR-Def
show configuration "vrrp" | i tech_srv
create vrrp vlan tech_srv vrid 3
configure vrrp vlan tech_srv vrid 3 priority 120
configure vrrp vlan tech_srv vrid 3 version v2
configure vrrp vlan tech_srv vrid 3 add 192.168.127.1
enable vrrp vlan tech_srv vrid 3
show iparp stats summary
IP ARP VR Statistics Sun Jan 24 18:01:26 2016
ARP-
ARP Total Dynamic Static Pending Unneeded Failed (Rejected)
============================================================================
Totals for all VRs
1934 1422 3 19 293 197 3682122
============================================================================
EXOS 15.6.3.1.p1-9 on both routers.
At the moment of the incident VRRP-Gw has not moved on from the r1 to r2, two masters in the same was not. VRRP-gw has not been available both inside and outside the network. Hosts are mutually available, however, were not available from other networks . And all this with only one vlan , all the rest worked normally. STP on the network is not configured - we use mlag.
>Output from r1:
show iproute reserved-entries statistics
|-----In HW Route Table-----| |--In HW L3 Hash Table--|
# Used Routes # IPv4 Hosts IPv4 IPv4 IPv6 IPv4
Slot Type IPv4 IPv6 Local Remote Local Rem. Local MCast
---- --------------- ------- ------ ------ ------ ----- ----- ----- -----
1 X670V-48x 4706 0 1459 0 0 0 0 137
show vlan | i tech_srvtech_srv 127 192.168.127.4 /24 -f-------o---v--------------- ANY 16/16 VR-Default
show config vrrp | i tech_srvcreate vrrp vlan tech_srv vrid 3
configure vrrp vlan tech_srv vrid 3 priority 110
configure vrrp vlan tech_srv vrid 3 version v2
configure vrrp vlan tech_srv vrid 3 add 192.168.127.1
enable vrrp vlan tech_srv vrid 3
show iparp stats summaryIP ARP VR Statistics Sun Jan 24 18:02:12 2016
ARP-
ARP Total Dynamic Static Pending Unneeded Failed (Rejected)
============================================================================
Totals for all VRs
2501 1456 3 18 368 656 3686006
=============================================================================
>Output from r2:
# show iproute reserved-entries statistics
|-----In HW Route Table-----| |--In HW L3 Hash Table--|
# Used Routes # IPv4 Hosts IPv4 IPv4 IPv6 IPv4
Slot Type IPv4 IPv6 Local Remote Local Rem. Local MCast
---- --------------- ------- ------ ------ ------ ----- ----- ----- -----
1 X670V-48x 4704 0 1425 0 0 0 0 119
show vlan | i tech_srv
tech_srv 127 192.168.127.5 /24 -f-------o---v--------------- ANY 16/16 VR-Def
show configuration "vrrp" | i tech_srv
create vrrp vlan tech_srv vrid 3
configure vrrp vlan tech_srv vrid 3 priority 120
configure vrrp vlan tech_srv vrid 3 version v2
configure vrrp vlan tech_srv vrid 3 add 192.168.127.1
enable vrrp vlan tech_srv vrid 3
show iparp stats summary
IP ARP VR Statistics Sun Jan 24 18:01:26 2016
ARP-
ARP Total Dynamic Static Pending Unneeded Failed (Rejected)
============================================================================
Totals for all VRs
1934 1422 3 19 293 197 3682122
============================================================================
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-24-2016 07:51 AM
Hi,
Are the VIP physical IP of the Master?
Are we positive the issue is on VRRP? What about the ARP table, is it full or not?
You can check it with:
show iproute reserved-entries statisticsWhat EXOS version in use?
Are the VIP physical IP of the Master?
Are we positive the issue is on VRRP? What about the ARP table, is it full or not?
You can check it with:
show iproute reserved-entries statisticsWhat EXOS version in use?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-24-2016 04:43 AM
Problem is solved? I have the same situation on two x670v: vrrp-gw is not responding on one vlan. Changing priority of vrrp interface on the second x670v solve the problem quickly, but what is the cause of incident? All other svi works correctly on the moment of incident.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-29-2015 07:00 PM
Please confirm that the following have been done
- enable vrrp
- if you migrating firewall IP to switch, reconfigure FW with new IP. The fact that when you clear arp you get respond it show that there is IP conflict.
- enable ipforwading for you vlan or globaly.
- If other VLAN are still L2 on the switch, you'll still need FW else convert them to L3 so that inter VLAN communication can use SW only without going to FW.
- enable vrrp
- if you migrating firewall IP to switch, reconfigure FW with new IP. The fact that when you clear arp you get respond it show that there is IP conflict.
- enable ipforwading for you vlan or globaly.
- If other VLAN are still L2 on the switch, you'll still need FW else convert them to L3 so that inter VLAN communication can use SW only without going to FW.
