[j-nsp] VRRP and preempt
Terry Baranski
tbaranski at mail.com
Sun Jul 16 12:41:07 EDT 2006
On Sun, Jul 16, 2006, Jee Kay wrote:
> I've got a pair of M5s (running 6.3R1.4 which I know is old etc etc)
> that present a number of VRRP addresses to end systems. Both of them
> have 'preempt { hold-time 600; }' configured for all of their
> addresses.
>
> Despite this, when the 'primary' router reboots and comes back online,
> it _immediately_ takes ownership of all the VRRP addresses resulting
> in an outage as it seems to start its VRRP processes before its OSPF
> processes and therefore is clueless as to what to do with the data
> it's just decided it should be getting.
>
> Has anyone else seen this? Part of me is wondering if this is because
> of spanning-tree delays on the switchports they plug in to, so that
> the primary ends up thinking the secondary is muscling in on its
> territory rather than the other way around. If so, what do other
> people do? Is it accepted practice to set port-fast on ports facing
> such equipment?
Portfast on router-facing ports is the way to go. But we had issues in 6.x
and 7.3 with preempt not working properly and ended up having to use "set
protocols vrrp startup-silent-period 120" (arbitrary value) in addition to a
preempt timer to fix it.
-Terry
More information about the juniper-nsp
mailing list