Two 9300's running VRRP and Global STP.
The routers are "blocking" the master path and forcing edge routers to use the "backup VRRP" If as I suspect STP is seeing the VRRP virtual MAC address from vrrp enabled routers as a loop, is there a command to enable ignoreSTP/AllClosed, or will disabling stp on Vlan/ports clear this problem ?

Kell van Daal
Respected Contributor

During normal VRRP operation, the backup router won't initiate any traffic originating from the virtual MAC address. The backup router does this only when he becomes active for that VRID. It will then sent a gratutious ARP, and will respond to ARP requests etc.
Even more, STP doesn't look at MAC addresses for determining whether there is a loop or not. STP calculates the shortest route to the root bridge, and put other ports in blocking mode.

The VRRP routers need to be in the same broadcast domain for normal operation. The master sends multicast messages. As long as the backup router receives these, it will not become active for that VRID.

What I suspect is the problem in your network, is that your root bridge is in a "not-so-good" spot. Have you manually configured your root bridge?
I don't know your network environment, but probably the two routers are connected directly with eachother? I assume you mean that with "master path"? My best bet would be to make one of those routers root bridge.
Also make sure that the VLAN's you use with VRRP are all active on that link.
In that case the link between those two should never be blocked and the multicast traffic originating from the master will allways be heard by the backup during normal operations.