Standby Preempt Reload

Unanswered Question
Dec 30th, 2009

According to the Cisco documentation the "standby preempt delay reload" command is used to delay preemption after a reload.  It also states that the "standby delay reload" is only used to delay HSRP group initialization.

standby preempt delay reload

http://www.cisco.com/en/US/docs/ios/ha/command/reference/ha_s3.html#wp1116351

reload seconds

(Optional) Specifies the preemption delay, in seconds, after a reload only. This delay period applies only to the first interface-up event after the router has reloaded.

standby delay reload

http://www.cisco.com/en/US/docs/ios/ha/command/reference/ha_s3.html#wp1115877

The standby delay minimum reload interface configuration command delays HSRP groups from initializing for the specified time after the interface comes up.

This command is separate from the standby preempt delay interface configuration command, which enables HSRP preemption delay.

This does not make any mention that using the "standby delay reload" command and not using the reload option in the "standby preempt delay" command would disable preemtion on a reload but this is what I'm observing in testing.  When I reload the active router it does not preempt but when I bounce the interface it does.  I'm really looking for some documentation that confirms this rather than base production on an assumption.

Following is the configurations of my two standby interfaces.

R1

interface GigabitEthernet0/2

ip address 10.2.2.6 255.255.255.248

standby delay reload 120

standby 0 ip 10.2.2.1

standby 0 priority 110

standby 0 preempt

standby 0 name external

standby 0 track GigabitEthernet0/1 20

crypto map pfg-map redundancy external stateful

R2

interface GigabitEthernet0/2

ip address 10.2.2.4 255.255.255.248

standby delay reload 120

standby 0 ip 10.2.2.1

standby 0 priority 110

standby 0 preempt

standby 0 name external

standby 0 track GigabitEthernet0/1 20

crypto map pfg-map redundancy external stateful

I understand that my priorities are the same but the active router should be selected based on the higher IP address (10.2.2.6) when the HSRP coup (preemption) is sent.

Why am I doing this you might ask.  You'll see I have the crypto map statement for stateful IPSec failover and according to that documentation this is the recommended configuration and the desired action of the configuration.

http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_failover_ipsec.html#wp1027195

The devices are acting according to this document but it does not appear to be acting according to the command documents.

The IP addresses on the HSRP-tracked interfaces of the standby and active routers should both be either lower or higher on one router than the other. In the case of equal priorities (an HA requirement), HSRP will assign the active state on the basis of the IP address. If an addressing scheme exists so that the public IP address of Router A is lower than the public IP address of Router B, but the opposite is true for their private interfaces, an active/standby-standby/active split condition could exist which will break connectivity.

According to the RFC 2281 the router "may" send a coup message if configured to preemmp indicating it is optional.

Preemption capability
If a router has higher priority than the active router and preemption is configured, it MAY take over as the active router using a Coup message.
To recap my question is; Where is the Cisco documentation that indicates a coup is not sent on reload in a configuration like mine?
Any help would be greatly appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Wed, 12/30/2009 - 09:28

Hello,

we have implemented Stateful IPSec but we have decided to use different HSRP priorities to make clear who is the master.

My understanding is that if you use equal HSRP priorities you need to ensure that on the internal and on the external interface / subnet to provide consistency you need to have the higher ip address in both cases on the same router or it will not work.

Be aware that in case of change of HA redundancy state, by feature, the slave is reloaded (partially defeating the objective of the feature !)

Also during testing any attempt to change config on slave of HSRP priority caused a reload too.

We had troubles of intermittent connectivity that we solved with an IOS upgrade after long analysis with TAC.

We are using 12.4.(20)T advanced ip services on two 7200 NPE-G2.

We have not experimented with the option you are investigating.

At start we had equal HSRP priorities but in our case we could see frequent changes of HSRP active.

Hope to help

Giuseppe

Actions

This Discussion