Aruba & ProVision-based
1748202 Members
3009 Online
108759 Solutions
New Discussion юеВ

Re: VRRP not working with E5406

 
nemix
Occasional Advisor

VRRP not working with E5406

Hi there,

currently i┬┤m trying to configure VRRP with 2 E5406 connected via 10GbE Direct Attach.
My "basic" config:


Owner Router:
A1 is the Uplink to the other VRRP Router

ip routing
vlan 1
name "VRRP_TEST"
ip address 10.40.0.1 255.255.255.0
tagged A1
exit
router vrrp
vlan 1
vrrp vrid 1
owner
virtual-ip-address 10.40.0.1 255.255.255.0
priority 255
enable
exit
exit

Backup Router:

ip routing
vlan 1
name "VRRP_TEST"
ip address 10.40.0.216 255.255.255.0
tagged A1
exit
vlan 1
vrrp vrid 1
backup
virtual-ip-address 10.40.0.1 255.255.255.0
enable
exit

When i try to perform a failover i get this message:

Owner:
Attempt to specify failover to VR when it is not operating as master.
Backup:
Attempt to specify failover to VR when it is not operating as master.

When I disable A1 on the master router, the backup is trying to failover but use the VLAN1 IP Address as master IP:

Before:

Vlan ID : 1
Virtual Router ID : 1
State : Backup
Up Time : 25 mins
Virtual MAC Address : 00005e-000101
Master's IP Address : 10.40.0.1

After Failover:

Vlan ID : 1
Virtual Router ID : 1
State : Master
Up Time : 27 mins
Virtual MAC Address : 00005e-000101
Master's IP Address : 10.40.0.216


Why is the Master IP 10.40.0.216 after a failover? I thought the Virtual IP will Failover and the Master IP is 10.40.0.216


Any suggestions?


Ok after Reading another PDF with this Hint, i will check if i can still ping between VLANS:

PDF:
http://h40060.www4.hp.com/procurve/uk/en/pdfs/application-notes/How_to_configure_Virtual_Router_Redundancy_Protocol_%28VRRP%29_Configuration_note_Sept_08_EMEA_Eng_A4.pd.pdf

Note:
When the Owner fails and the Backup takes over, the virtual address can not be reached by a ping command any more. ARP table is updated.
9 REPLIES 9
EckerA
Respected Contributor

Re: VRRP not working with E5406

u might try:

router vrrp virtual-ip-ping

then the virtual ip should be pingable.

i prefer setting up vrrp just like HSRP with 3 IP addresses.
i do setup both switches as backup, with one having a priority of 254 (this one becomes the "master")
then u can track for interfaces..

hth
Alex
cenk sasmaztin
Honored Contributor

Re: VRRP not working with E5406

example vrrp config

vlan 1
name "DEFAULT_VLAN"
untagged 1-6,20-24
no untagged 7-19
no ip address
exit
vlan 10
name "office"
untagged 13-18
ip address 10.2.0.252 255.255.255.0
tagged 1-12,20-24
exit
vlan 20
name "user"
ip helper-address 10.240.0.200
ip address 10.2.3.2 255.255.255.224
tagged 1-12,20-24
exit
vlan 30
name "wan"
untagged 19
ip address 10.2.3.38 255.255.255.224
tagged 20-24
exit
ip route 0.0.0.0 0.0.0.0 10.2.3.33
router vrrp
router vrrp virtual-ip-ping
spanning-tree
spanning-tree priority 0 force-version rstp-operation
vlan 10
vrrp vrid 10
backup
virtual-ip-address 10.2.0.254 255.255.255.0
priority 155
enable
exit
exit
vlan 20
vrrp vrid 20
backup
virtual-ip-address 10.2.3.1 255.255.255.224
priority 155
enable
exit
exit
vlan 30
vrrp vrid 30
backup
virtual-ip-address 10.2.3.36 255.255.255.224
enable
exit
exit
no autorun
password manager



---------------------------------------------------------------
vlan 1
name "DEFAULT_VLAN"
untagged 1-6,20-24
no untagged 7-19
no ip address
exit
vlan 10
name "office"
untagged 13-18
ip address 10.2.0.253 255.255.255.0
tagged 1-12,20-24
exit
vlan 20
name "user"
ip helper-address 10.240.0.200
ip address 10.2.3.3 255.255.255.224
tagged 1-12,20-24
exit
vlan 30
name "wan"
untagged 19
ip address 10.2.3.37 255.255.255.224
tagged 20-24
exit
ip route 0.0.0.0 0.0.0.0 10.2.3.33
router vrrp
router vrrp virtual-ip-ping
spanning-tree
spanning-tree priority 1 force-version rstp-operation
vlan 10
vrrp vrid 10
backup
virtual-ip-address 10.2.0.254 255.255.255.0
enable
exit
exit
vlan 20
vrrp vrid 20
backup
virtual-ip-address 10.2.3.1 255.255.255.224
enable
exit
exit
vlan 30
vrrp vrid 30
backup
virtual-ip-address 10.2.3.36 255.255.255.224
enable
exit
exit
no autorun
password manager
cenk

Mohammed Faiz
Honored Contributor

Re: VRRP not working with E5406

The ability to ping the virtual IP was only added in later software revisions. What version are you running on each 5400?
nemix
Occasional Advisor

Re: VRRP not working with E5406

Latest K15

I├В┬┤ve enable virtual-ip-ping but nothing happen, when i make a failover.
Routing is working correctly when i make a failover, so i thing this is no big issue
Mohammed Faiz
Honored Contributor

Re: VRRP not working with E5406

I think the output that states:

"Master's IP Address : 10.40.0.216 " refers to the normal IP address of the Master not the virtual address.
What do you see on the output of "show ip" on after a failover?
MichaelvLonden
Advisor

Re: VRRP not working with E5406

I have the same issue.
My two 8212 (K.13.25) are master (prio 255)and backup (prio 100).
On remote location I have 5406 (K.14.49m)as backup (prio 1)
The first I tested the failover the 5406 became master with the right ip adresses, the second time it became master, but the ip address was it's own adres and not the virtual configured address.
Unfortunatly I cannot rememeber if the first succesfull failover was before or after the upgrade of the 5406 from K.13.25 to K.14.49m

Which firmware do you use?

Reards,
Michael
nemix
Occasional Advisor

Re: VRRP not working with E5406

Hi,

we├В┬┤re using latest K.15.03.0007 on our E5406.

I will check sh ip later and post it her.
Routing is working perfectly, when we├В┬┤ve tested failover.
cenk sasmaztin
Honored Contributor

Re: VRRP not working with E5406

hi nemix
can you test my configuration
cenk

Srinath_Komandu
Occasional Visitor

Re: VRRP not working with E5406

With 3 IP's, When both switches are up, do a "sh ip route"

you will find the routing is happening on backup switch and master switch reject the routing,  consider if the gateway is connected to master switch, All the packets will pass thru the trunk to reach backup switch for routing and returned the same path to reach master switch to find gateway.

Whereas in 2 IP's, When both switch are up, do a "sh ip route"

you can see routing taking place on both switchs, in this case only the backup switch need to forwards the packets to switch A where the gateway is connected,

but you wont be able to issue failover / failback command for testing, Howerver it recommended to include interface to the "vrrp vrid xx" and issue disable/enable to that interface and testing the VRRP function, (I am yet to test this failover method),

For the routing reasons, I dont prefer the 3 IP senario