[c-nsp] VRRP tuning

Phil Bedard philxor at gmail.com
Mon Sep 17 10:12:55 EDT 2007 

There is a "msec" keyword to the advertisement interval timers, so it  
can be tuned down to the msec range.  Roughly  
3*advertisement_interval is a down event.  I'm not sure how low it  
can be sent before busy router events might have an effect on  
processing, or you run into scalability issues.

Phil


On Sep 17, 2007, at 5:58 AM, Gier, Menno de ((Menno)) wrote:

> Hello,
>
> Does anyone have experience with changing VRRP timers?
> I like to speed up the VRRP switch over time to convert within 1 sec.
> What are good practices with VRRP tuning.
>
> Greeting, Men
>
> -----Original Message-----
> From: Gier, Menno de (Menno)
> Sent: woensdag 1 augustus 2007 13:00
> To: 'Tolstykh, Andrew'; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Cisco 6509 VRRP no preemption
>
> Here is the requested output:
>
> R1#show spanning-tree vlan 1100 detail
>
>  VLAN1100 is executing the ieee compatible Spanning Tree protocol
>   Bridge Identifier has priority 32768, sysid 1100, address
> 0015.c721.7880
>   Configured hello time 2, max age 20, forward delay 15
>   Current root has priority 33868, address 0015.c721.68c0
>   Root port is 423 (GigabitEthernet4/39), cost of root path is 4
>   Topology change flag not set, detected flag not set
>   Number of topology changes 73 last change occurred 20:20:13 ago
>           from GigabitEthernet3/25
>   Times:  hold 1, topology change 35, notification 2
>           hello 2, max age 20, forward delay 15
>   Timers: hello 0, topology change 0, notification 0, aging 300
>
>  Port 281 (GigabitEthernet3/25) of VLAN1100 is forwarding
>    Port path cost 19, Port priority 128, Port Identifier 128.281.
>    Designated root has priority 33868, address 0015.c721.68c0
>    Designated bridge has priority 33868, address 0015.c721.7880
>    Designated port id is 128.281, designated path cost 4
>    Timers: message age 0, forward delay 0, hold 0
>    Number of transitions to forwarding state: 1
>    Link type is point-to-point by default
>    BPDU: sent 36597, received 0
>
>  Port 423 (GigabitEthernet4/39) of VLAN1100 is forwarding
>    Port path cost 4, Port priority 128, Port Identifier 128.423.
>    Designated root has priority 33868, address 0015.c721.68c0
>    Designated bridge has priority 33868, address 0015.c721.68c0
>    Designated port id is 128.423, designated path cost 0
>    Timers: message age 2, forward delay 0, hold 0
>    Number of transitions to forwarding state: 1
>    Link type is point-to-point by default
>    BPDU: sent 73, received 4573075
>
>
> R2#show spanning-tree vlan 1100 detail
>
>  VLAN1100 is executing the ieee compatible Spanning Tree protocol
>   Bridge Identifier has priority 32768, sysid 1100, address
> 0015.c721.68c0
>   Configured hello time 2, max age 20, forward delay 15
>   We are the root of the spanning tree
>   Topology change flag not set, detected flag not set
>   Number of topology changes 34 last change occurred 20:19:22 ago
>           from GigabitEthernet4/39
>   Times:  hold 1, topology change 35, notification 2
>           hello 2, max age 20, forward delay 15
>   Timers: hello 1, topology change 0, notification 0, aging 300
>
>  Port 282 (GigabitEthernet3/26) of VLAN1100 is forwarding
>    Port path cost 4, Port priority 128, Port Identifier 128.282.
>    Designated root has priority 33868, address 0015.c721.68c0
>    Designated bridge has priority 33868, address 0015.c721.68c0
>    Designated port id is 128.282, designated path cost 0
>    Timers: message age 0, forward delay 0, hold 0
>    Number of transitions to forwarding state: 1
>    Link type is point-to-point by default
>    BPDU: sent 3073752, received 0
>
>  Port 423 (GigabitEthernet4/39) of VLAN1100 is forwarding
>    Port path cost 4, Port priority 128, Port Identifier 128.423.
>    Designated root has priority 33868, address 0015.c721.68c0
>    Designated bridge has priority 33868, address 0015.c721.68c0
>    Designated port id is 128.423, designated path cost 0
>    Timers: message age 0, forward delay 0, hold 0
>    Number of transitions to forwarding state: 1
>    Link type is point-to-point by default
>    BPDU: sent 4573029, received 72
>
> /M
>
> -----Original Message-----
> From: Tolstykh, Andrew [mailto:ATolstykh at integrysgroup.com]
> Sent: dinsdag 31 juli 2007 22:50
> To: Gier, Menno de (Menno); cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Cisco 6509 VRRP no preemption
>
> Router configured with no preempt will never attempt to transfer the
> master role in presence of the existing Master. Do you have spanning
> tree enabled on the segment connecting R1 to R2?
> Most likely you rebooted the second switch and it caused the spanning
> tree reconvergence on the trunk that connects two switches together.
> VRRP group 10 on R1 became active before it had a chance to detect the
> existing group with the same ID running on R2.
>
> Please post:
>
> show spanning-tree vlan 1100 detail
>
> -----Original Message-----
> From: Gier, Menno de (Menno) [mailto:mdegier at alcatel-lucent.com]
> Sent: Tuesday, July 31, 2007 3:33 PM
> To: cisco-nsp at puck.nether.net
> Cc: Tolstykh, Andrew
> Subject: RE: [c-nsp] Cisco 6509 VRRP no preemption
>
>
> We don't want the router to switch back if the original master  
> recovers.
>
> My understanding from no preemption is that there will no switch back
> unless manual override or if the 'new' master fails.
>
> We use
> interface Vlan1100
>  ip address 10.0.0.2 255.255.255.0
>  vrrp 10 ip 10.0.0.1
>  no vrrp 10 preempt
>  vrrp 10 priority 200
>
> Below is the output.
>
> /M
>
> R1#show vrrp all
> Vlan1100 - Group 10
>   State is Master
>   Virtual IP address is 10.0.0.1
>   Virtual MAC address is 0000.5e00.010a
>   Advertisement interval is 1.000 sec
>   Preemption disabled
>   Priority is 200
>   Master Router is 10.0.0.2 (local), priority is 200
>   Master Advertisement interval is 1.000 sec
>   Master Down interval is 3.218 sec
>
> R1#show vrrp interface Vlan 1100
> Vlan1100 - Group 10
>   State is Master
>   Virtual IP address is 10.0.0.1
>   Virtual MAC address is 0000.5e00.010a
>   Advertisement interval is 1.000 sec
>   Preemption disabled
>   Priority is 200
>   Master Router is 10.0.0.2 (local), priority is 200
>   Master Advertisement interval is 1.000 sec
>   Master Down interval is 3.218 sec
>
> R2#show vrrp all
> Vlan1100 - Group 10
>   State is Backup
>   Virtual IP address is 10.0.0.1
>   Virtual MAC address is 0000.5e00.010a
>   Advertisement interval is 1.000 sec
>   Preemption disabled
>   Priority is 100
>   Master Router is 10.0.0.2, priority is 200
>   Master Advertisement interval is 1.000 sec
>   Master Down interval is 3.609 sec (expires in 2.681 sec)
>
> R2#show vrrp interface Vlan 1100
> Vlan1100 - Group 10
>   State is Backup
>   Virtual IP address is 10.0.0.1
>   Virtual MAC address is 0000.5e00.010a
>   Advertisement interval is 1.000 sec
>   Preemption disabled
>   Priority is 100
>   Master Router is 10.0.0.2, priority is 200
>   Master Advertisement interval is 1.000 sec
>   Master Down interval is 3.609 sec (expires in 2.717 sec)
> #
>
> -----Original Message-----
> From: Tolstykh, Andrew [mailto:ATolstykh at integrysgroup.com]
> Sent: dinsdag 31 juli 2007 22:18
> To: Gier, Menno de (Menno); cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Cisco 6509 VRRP no preemption
>
> Please post the output of the VRRP interface configuration and "show
> vrrp all" commands.
>
> By default VRRP will preempt for all configured groups.
> You need to disable preemption explicitly with no vrrp [group]  
> preempt.
>
>
> By default, a preemptive scheme is enabled whereby a higher priority
> virtual router backup that becomes available takes over for the  
> virtual
> router backup that was elected to become virtual router master. You  
> can
> disable this preemptive scheme using the no vrrp preempt command. If
> preemption is disabled, the virtual router backup that is elected to
> become virtual router master remains the master until the original
> virtual router master recovers and becomes master again.
>
>
> ISP1-INET-RTR1#sho vrrp all
> FastEthernet0/0 - Group 1
>   State is Master
>   Virtual IP address is 160.1.1.2
>   Virtual MAC address is 0000.5e00.0101
>   Advertisement interval is 1.000 sec
>   Preemption enabled
>   Priority is 100
>   Master Router is 160.1.1.1 (local), priority is 100
>   Master Advertisement interval is 1.000 sec
>   Master Down interval is 3.609 sec
>
> no vrrp 1 preempt
>
> ISP1-INET-RTR1#sho vrrp all
> FastEthernet0/0 - Group 1
>   State is Master
>   Virtual IP address is 160.1.1.2
>   Virtual MAC address is 0000.5e00.0101
>   Advertisement interval is 1.000 sec
>   Preemption disabled
>   Priority is 100
>   Master Router is 160.1.1.1 (local), priority is 100
>   Master Advertisement interval is 1.000 sec
>   Master Down interval is 3.609 sec
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gier, Menno de
> (Menno)
> Sent: Tuesday, July 31, 2007 2:25 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Cisco 6509 VRRP no preemption
>
> All,
>
> We have two Cisco 6509 switches (A1 and A2) running VRRP over a trunk
> between both switches. We have configured VRRP with no vrrp  
> preemption.
>
> After a power down of switch A1, which was selected as master VRRP,  
> the
> VRRP moved to the switch A2, as it should be.
>
> After power up it of the switch A1 it became Master for the VRRP again
> and the other switch A2 became backup unexpectedly.
>
> Is this normal behavior of VRRP after a reboot?
>
> We have configured VRRP to be non preemption to avoid a second traffic
> interruption. We want to have the switch-over taking place in service
> hours under our control.
>
> Thanks in advance,
>
> /mg
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> The information transmitted is intended only for the person or  
> entity to
> which it is addressed and may contain confidential
> and/or privileged material.  Any review, retransmission, dissemination
> or other use of, or taking of any action in reliance upon,
> this information by persons or entities other than the intended
> recipient is prohibited.   If you received this in error, please
> contact the sender and delete the material from any computer.
>
> The information transmitted is intended only for the person or  
> entity to
> which it is addressed and may contain confidential
> and/or privileged material.  Any review, retransmission, dissemination
> or other use of, or taking of any action in reliance upon,
> this information by persons or entities other than the intended
> recipient is prohibited.   If you received this in error, please
> contact the sender and delete the material from any computer.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

Phil Bedard
philxor at gmail.com

More information about the cisco-nsp mailing list