The topology and configuration of related devices can be referred to the attachment.
NE80E version: NE40E-NE80E-VRP5.30-31002M.03
1. Eth-Trunk 2 of NE80E-1 and NE80E-2 enables VRRP and Eth-Trunk 1 of NE80E-1 and NE80E-2 also enables VRRP. Four attached S8505 and L2 switch of N device form a large L2 network which attaches MSServer and MGW wireless signaling device of N enterprise (AX4000 and ECHO Server are used for test).
2. VRRP design uses load balancing, e.g. parts of VVRP groups on Eth-Trunk 2 of NE80E-1 act as master devices and others backup ones. In contrary, parts of VVRP groups on Eth-Trunk 2 of NE80E-2 act as backup devices and others master ones. Eth-Trunk 1 is similar to Eth-Trunk 2. The whole local network forms two traffic plates: ETH2－－NE80E-2－－ETH1 (master plate, traffic one) and ETH2－－NE80E-1－－ETH1(backup plate, traffic two).
3. NE80E-1 reaches S8505-3 and NE80E-2 reaches S8505-1 through bare fiber. NE80E-1 passes S8505-2 and NE80E-2 passes S8505-4 through MSTP optical transmission.
4. Backup vrrp group configures bfd for vrrp to realize sensitive link..
Shutdown two bundled physical interfaces of two upstream NE80E-2 on S8505-4 and then undo shutdown. At the moment traffic two disrupts and it recovers about 12s.
Delete bfd for vrrp on two NE80Es and there is no disruption.
Delete the configuration of bfd for vrrp of NE80E and the problem is solved.
1. Port traffic statistics: S8505-3 sends traffic to ETH2 of NE80E-1. ETH2 of NE80E-1 receives the traffic, but NE80E-1 does not forward the traffic to ETH1.
2. According to forwarding statistics of NE80E-1 interface board, it is found that NE80E-1 attached S8505-2 board in slot 2 (ETH1) discards these packets because of encapsulation (there may be error in related L2 phenomenon).
3. Analyze the log of NE80E-1 and NE80E-2. It is found that abnormal VRRP switchover triggers the loss.
4. Shutdown S8505-4 and bfd session on NE80E-2 is quickly down. The hard disc of interface board pre-reserves BFD microcode and makes millisecond-level sensitive. And then it informs VRRP group 13 (backup): Present master has been unreachable. For existing mstp transmission, related physical and logical interface on NE80E-2 are up. VRRP group 13 increases by 30 of the priority which becomes 130 and rapidly switches over master state. VRRP group 13 is still up on NE80E-1 and remains master (priority 120) and resumes virtual gateway for guiding forwarding. VRRP group 13 on NE80E-1 and NE80E-2 is master, i.e. dual-master.
5. Undo shutdown S8505-4. Due to dual-master, NE80E-1 sends VRRP advertisement every 1s (priority 120) and NE80E-2 also sends VRRP advertisement every 1s (priority 130). Finally NE80E-2 remains master, but NE80E-1 switches over backup state.
6. At the same time BFD program of NE80E MPU sends and receives BFD negotiate packet. And then it builds BFD session through three TCP handshakes. The building of BFD session costs about 10s because it is BFD session of control platform.
7. Before NE80E-2 has been master and remains master now. According to the rule specified in RFC2338 (VRRP), VRRP of NE80E-2 will not send gratuitous ARP packet to S8505-4 (by default master sends gratuitous ARP packet once every five minutes). At the moment NE80E-1 in VRRP group 13 cannot sends the traffic with virtual MAC as the source to S8505-3 (in any case source MAC is actual MAC of NE80E interface). Virtual MAC address of VRRP group 13 on S8505-3 and S8505-4 is learnt from NE80E-1 by default. MAC of virtual gateway of related VRRP group 13 points to the interface of NE80E-1. S8505-3 and S8505-4 send the traffic of VRRP group 13 to ETH2 of NE80E-1.
8. On NE80E-1 VRRP group 13 is backup and it will directly discard the packet: according to the rule specified by RFC2338 (VRRP), backup will discard the packet with destination packet as virtual one. There is loss of NE80E-1 and instant disruption.
9. VRRP group 13 on NE80E-2 configures BFD trace. After bfd session “up”, BFD will inform VRRP module and VRRP group 13 will reduce priority by 30 and it becomes 100. NE80E-1 and NE80E-2 compete with each other: NE80E-1 (120) changes from backup to master, sends VRRP advertisement and gratuitous ARP. NE80E-2 is reduced to backup. Virtual MAC of gratuitous ARP points to NE80E-1, so S8505 MAC does not change and still sends traffic to NE80E-1. At the moment NE80E-1 has been master and will correctly forward the traffic. The traffic recovers.
10. NE80E-1 switches over from backup (the traffic is interrupted) to bfd session "up" for 9s. It recovers normal to VRRP and lasts for 3s. The disruption lasts about 12s and is close to disruption time of test meter.
11. Summary: NE80E configures bfd for vrrp. When VRRP master/slave switchover recovers for the port is from down to up (or other operations), the building of bfd session delays VRRP interacted competition and there is abnormal master/slave switchover of backup plate. There is mstp transmission loop, so there is dual-master before NE80E has master/slave switchover. New master NE80E does not send gratuitous ARP and MAC of attached S8505 still points to slave NE80E. There is instant disruption of backup plate traffic.
Reserve transmission mstp and delete bfd for vrrp.
1. It will not cause abnormal switchover of backup plate and disruption of 12s.
2. After bfd for vrrp is deleted, normal VRRP switchover changes from millisecond to 3s.
3. Signaling device of N enterprise can solve 3s problem: For detailed VRRP switchover, signaling device makes millisecond-level sensitive and switches the traffic to backup plate.
Reserve bfd for vrrp and change mstp transmission as bare fiber.
1. MSTP transmission has been changed as bare fiber, so there should be no dual-master.
2. Suppose that two optical sending links of two pairs of bare fiber of NE80E are down, but optical receiving links are up, there is still dual-master and instant disruption of 12s.
3. bfd for vrrp is reserved, so there is still abnormal VRRP switchover. There is the problem: Suppose there is slow sending VRRP packet on the or slightly slow VRRP competition for abnormal VRRP switchover, there is instant disruption of 1s.
Add VRRP and enables L3 on S8505 (no bfd). Transparently transmit VRRP heartbeat packet with four FE links of S8505.
1. Unless four FE links of S8505 disrupt or one S8505 is down (seldom), there may be VRRP switchover.
Frequent VRRP switchover results in delay and instability.
2. For common problem, there is no VRRP switchover. Signaling device can make millisecond-level check and finish rapid switchover.
3. Even if there is the problem in "1" and VRRP master/slave switchover, it is normal. The millisecond-level switchover of switchover delay (3s) signaling device can avoid.
4. This solution is optimal and should be recommended.