No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Wrong deleting smallest access vlan passing through of supper vlan leads to VRRP dault master

Publication Date:  2012-10-31 Views:  2 Downloads:  0
Issue Description
Topology:
2 S9300 switch master and backup topology, open VRRP as gateway,sever dauble connect to 2 switches:
    |          |
S9312-1 ---- S9312-2
     |        |
     |        |
       server
failure:
   2 S9312 switches opened Supper VLAN + VRRP,2 switches of VRRP state are MASTER,
[IDC-S9312-2-Vlanif100]dis vrrp
  Vlanif100 | Virtual Router 10
    State : Master
    Virtual IP : 211.138.248.190
    PriorityRun : 100
    PriorityConfig : 100
    MasterPriority : 100
    Preempt : YES   Delay Time : 0
    TimerRun : 1
    TimerConfig : 1
    Auth Type : NONE
    Virtual Mac :  0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
  [IDC-S9312-1-Vlanif100]dis vrrp
  Vlanif100 | Virtual Router 10
    State : Master
    Virtual IP : 211.138.248.190
    PriorityRun : 120
    PriorityConfig : 120
    MasterPriority : 120
    Preempt : YES   Delay Time : 60
    TimerRun : 1
    TimerConfig : 1
    Auth Type : NONE
    Virtual Mac :  0000-5e00-010a
    Check TTL : YES
    Config type : normal-vrrp
 

Alarm Information
9312-2 opened vlan100,vlan vrrp state was back first,then updata to master

[IDC-S9312-2-Vlanif100] undo shutdown
[IDC-S9312-2-Vlanif100]
#Apr 28 18:43:38 2010 IDC-S9312-2 IFNET/4/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Interface 1031 turned into UP state.
#Apr 28 18:43:38 2010 IDC-S9312-2 IFNET/4/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Interface 1031 turned into UP state.
Apr 28 2010 18:43:38 IDC-S9312-2 %%01IFNET/4/IF_STATE(l): Interface Vlanif100 has turned into UP state.
Apr 28 2010 18:43:38 IDC-S9312-2 %%01IFNET/4/LINKNO_STATE(l): The line protocol on the interface Vlanif100 has entered the UP state.
Apr 28 2010 18:43:38 IDC-S9312-2 %%01VRRP/4/STATEWARNING(l): Virtual Router state INITIALIZE changed to BACKUP, because of interface UP. (Interface=Vlanif100, VrId=10)
#Apr 28 18:43:42 2010 IDC-S9312-2 VRRP/3/VRRPCHANGETOMASTER:OID 1.3.6.1.2.1.68.0.1 Became to be new master!
Apr 28 2010 18:43:42 IDC-S9312-2 %%01VRRP/4/STATEWARNING(l): Virtual Router state BACKUP changed to MASTER, because of protocol timer expired. (Interface=Vlanif100, VrId=10)

Handling Process
1、S9312-1 open vrrp heartbeat packet debug switch,device has sent the heartbeat packet;
debugging vrrp packet vrid 10
ter de
ter debugging
Info:Current terminal debugging is on.

*5.2158251802 IDC-S9312-1 VRRP/7/DebugPacket:
Vlanif100 | Virtual Router 10:sending from 211.138.248.188, priority = 120,timer = 1, auth type is no, SysUptime: (5,2158251801)
2、Backup S9312-2 open debug switch and there is no warning.
debugging vrrp packet vrid 10
3、VLAN 100 configuration is not identical,master S9312-1 VLAN100 has VLAN 101,backup S9312-2 does not have,id doubt  heartbeat packet pass through only on the smallest sub VLAN,packet capturing pvoded the peoblem;
S9312-1 configuration
vlan 100                                 
description JiChu-vlan-1
aggregate-vlan
access-vlan 101 102
traffic-policy deny inbound
S9312-2 configuration
vlan 100                                 
description JiChu-vlan-1
aggregate-vlan
access-vlan   102
traffic-policy deny inbound
4、Confirm with client, the scene maintenance engineer modified the data and caused the failure.

Root Cause
VRRP dault master state generally caused by lost heartbeat,there are follows reasons:
1、Master S9312-1 device failing and did not send the heartbeat packet;
2、The interconnecting link is problematic caused lost heartbeat;
3、Backup S9312-2device failing and did not handle the receiving packet;
Suggestions
1. Confirm whether the client has did other operation before checking the failure, this failure is that whether the data has been modified cannot be known because the applying failure member and modifying data member are not the same one.
2. Kilomeqa network card defaultly gets rid of VLAN tag in packet capturing, reference way can be used:
Some network adapters defaultly get rid of vlan tag when they receiving the packet in recent years, that mades the packet captured by tools do not contain the vlan tag, data analysis is not convenient, you can modify the register table to keep vlan tag:
For Intel PRO/1000 or PRO/100 network adapters, it need to register:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\00xx MonitorModeEnabled changes to 1
If it does not exist, rebuild a dword key.
For Broadcom kilomeqa network adapter, it need to add one item: PreserveVlanInfoInRxPacket=1,
Type is string, location same with TxCoalescingTicks,last one can be searched in KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet,this is different for various computers,it is in this position of my computer : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325- 11CE-BFC1-08002bE10318}\0009.
It need to reboot the device for effect. This way can be searched in UniCA User Manual. The newer network adapters supports this function.
Notice: The problem after modifying will appear, these network adapters can connect tag ports of some switch formerly,(precondition is ports PVID=corresponding vlan), tag does not filtrate in bottom layer, send it to up layer software for handling, windows will not identify, so it blocked.

END