03-30-2010 11:19 PM
Hello
We have 2 Cisco ACE service modules in a failover cluster configuration. The modules are running on version A2(3.0) in transparent and multicontext mode.
Almost every night I see lots of following messages:
Mar 30 23:59:41 <host> Mar 30 2010 23:59:40 <context>: %ACE-4-411002: Line protocol on Interface vlan1101, changed state to down
Mar 30 23:59:41 <host> Mar 30 2010 23:59:40 <context>: %ACE-4-411002: Line protocol on Interface vlan1117, changed state to down
Mar 30 23:59:41 <host> Mar 30 2010 23:59:40 <context>: %ACE-4-411002: Line protocol on Interface vlan1121, changed state to down
Mar 30 23:59:41 <host> Mar 30 2010 23:59:40 <context>: %ACE-4-411001: Line protocol on Interface vlan1121, changed state to up
Mar 31 00:00:11 <host> Mar 31 2010 00:00:10 <context>: %ACE-4-411001: Line protocol on Interface vlan1101, changed state to up
Mar 31 00:00:11 <host> Mar 31 2010 00:00:10 <context>: %ACE-4-411001: Line protocol on Interface vlan1117, changed state to up
In the Cisco messages guide I found that one should check the line if this message appears. But which line? Theese vlans are not connected over a line (at least not an external) but directly over the backplane with the switch.
Does anybody know how to interpret theese messages and what to do against?
Thanks in advance
Patrik
03-31-2010 10:45 PM
Ahh ...
It seems the icmp-guard was the source of this problem. After issuing the 'no icmp-guard' command the lines seem to be stable.
In our environment it's no problem to disable the icmp-guard as we use the ace as pure loadbalancer with additional fwsm firewalls in front of it.
regards
Patrik
04-06-2010 11:03 PM
No, it was not only the icmp-guard option but the resource allocation.
Now I changed the resource allocation to an oversubscribing model. Now it works fine.
regards
Patrik
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: