The S5700s Enabled with VRRP and RSTP Are Fully Meshed. After the Uplink Interface of the Endpoint Device Goes Down and Up, Packets Are Discarded During the Ping to the Gateway

Publication Date:  2015-11-02 Views:  285 Downloads:  0
Issue Description
As shown in Figure 1-1, SW1, LSW2, LSW31, and LSW4 are S5700s. They are enabled with VRRP and RSTP and fully meshed. After all interfaces transparently transmit packets from the same VLAN; the endpoint device LSW4 connects to terminals, and the VRRP virtual IP address is used as the gateway address. When uplink interface GE0/0/2 on LSW4 is shut down, packet forwarding is normal and few packets are discarded. When the interface is restored, multiple packets are discarded due to the ping to the gateway fails.

Figure 1-1 S5700s are enabled with VRRP and RSTP. When the uplink interface of the endpoint device goes Down and then Up. Packets are discarded due to the ping to the gateway fails.

Handling Process
1. Check STP information when GE0/0/2 on LSW4 is restored.

<LSW4> display stp brief
MSTID   Port                        Role  STP State     Protection 
    0    GigabitEthernet0/0/1        ALTE  DISCARDING      NONE     
    0    GigabitEthernet0/0/2        ROOT  FORWARDING      NONE     
    0    GigabitEthernet0/0/3        DESI  FORWARDING      NONE

The STP convergence is fast, and GE0/0/2 enters the forwarding state rapidly.

2. Check MAC addresses when GE0/0/2 on LSW4 is restored.

<LSW4> display mac-address
------------------------------------------------------------------------------- 
MAC Address          VLAN/VSI                    Learned-From        Type       
-------------------------------------------------------------------------------
4c1f-cc1a-597c       1/-                         GE0/0/2             dynamic 
4c1f-cc5f-2061       1/-                         GE0/0/2             dynamic 
5489-981f-4088       1/-                         GE0/0/3             dynamic
0000-5e00-0101       1/-                         GE0/0/1             dynamic
-------------------------------------------------------------------------------
Total items displayed = 4

3. The outbound interface corresponding to the virtual MAC address is GE0/0/1, and the outbound interface corresponding to the destination MAC address is the blocked interface. As a result, communication fails.

Reduce the interval for the VRRP master to send gratuitous ARP packets. The default interval is 120s and the minimum value is 30s. Then the terminal can ping the VRRP virtual IP address after the interface on LSW4 goes Up or Down.

[LSW1] vrrp gratuitous-arp timeout 30
Root Cause
The VRRP master sends gratuitous ARP packets at an interval of 120s by default. After the topology convergence, the switch does not receive gratuitous ARP packets from the virtual IP address for a long period of time. The virtual MAC address corresponding to the VRRP virtual IP address cannot be updated. The outbound interface corresponding to the virtual MAC address is the blocked interface, which cannot forward traffic.

Change the interval for the VRRP master to send gratuitous ARP packets to 30s. Then the switch can rapidly update the outbound interface corresponding to the virtual MAC address.
Solution
Reduce the interval for the VRRP master to send gratuitous ARP packets.

END