Solved: HSRP Flapping query

steven.crutchley · ‎06-13-2014

We have a setup at a customer site, whereby a Cisco 887-VA-K9 and a Cisco 887-VA-SEC-K9 are each connected to their own ADSL connections into our customers MPLS cloud.

We have HSRP running on the LAN side between these routers and the Active router (the SEC-K9) is tracking our MPLS Sponge address (10.10.10.1). The HSRP priority will drop from 110 to 80 if the tracker goes down.

The setup is as follows:

Active Config (887-VA-SEC-K9)

track 123 ip sla 1 reachability

ip sla auto discovery
ip sla 1
icmp-echo 10.10.10.1 source-interface Dialer0
frequency 10
ip sla schedule 1 life forever start-time now

interface Vlan1
ip address 192.168.1.252 255.255.255.0
ip nbar protocol-discovery
standby 10 ip 192.168.1.254
standby 10 priority 110
standby 10 preempt
standby 10 track 123 decrement 30

Standby Config (887-SEC-K9)

interface Vlan1
ip address 192.168.1.253 255.255.255.0
ip nbar protocol-discovery
standby 10 ip 192.168.1.254
standby 10 priority 90
standby 10 preempt

Our customer has not complained of any performance issues. However when I look at the logs of the primary I can see severe HSRP flapping.

Jun 10 13:21:16 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Up->Down
Jun 10 13:21:16 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Active -> Speak
Jun 10 13:21:21 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Down->Up
Jun 10 13:21:22 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Speak -> Active
Jun 10 13:36:26 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Up->Down
Jun 10 13:36:28 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Active -> Speak
Jun 10 13:36:31 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Down->Up
Jun 10 13:36:34 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Speak -> Active

My understanding of the above config is that the Active will poll the MPLS Sponge IP at 10 second intervals using ICMP. However based on the above log, it appears that the Active router detects that a ping fails at 13:36:26 but then realizes it comes back at 13:36:31 only 5 seconds later. But if it only polls every 10 seconds, should it not be AT LEAST 10 seconds until it polls again to see that it is up?

Given the noise and line length on some of these MPLS sites, a small bit of packet loss and reduced line speed is acceptable. However I want to make sure that I fully understand how tracking works before I look at adjusting its sensitivity to perhaps allow more tolerance.

Thanks for any help in advance. :)

paul driver · ‎06-13-2014

Hello

The tracking will poll the ip sla I think every 5 sec ( not sure on this) and your sending a ping every 10 secs via ip sla

So if the sla misses a ping then the tracking will poll again before another sla ping and the tracking will kick in and down your hrsp state.

You have verified that the destination sla address is indeed reachable, so maybe try adding a delay to the tracking for the down state.

track 123
delay 30 down

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎06-13-2014

Hello

Can you ping 10.10.10.1 sourced from the dialer 0 interface ?

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

steven.crutchley · ‎06-13-2014

Yes. The default route of the router is out of the dialer 0 interface. So any ping to 10.10.10.1 would go out the dialer interface and hence be sourced from it.

The question I'm asking is about the technical working of the tracking/sla configuration, rather than specific connectivity issues about this particular site.

paul driver · ‎06-13-2014

Hello

The tracking will poll the ip sla I think every 5 sec ( not sure on this) and your sending a ping every 10 secs via ip sla

So if the sla misses a ping then the tracking will poll again before another sla ping and the tracking will kick in and down your hrsp state.

You have verified that the destination sla address is indeed reachable, so maybe try adding a delay to the tracking for the down state.

track 123
delay 30 down

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

steven.crutchley · ‎06-23-2014

Hi Paul,

This seems to be working. We have set this on a couple of affected customer sites and the flapping seems to have stopped without any adverse affect to the customers setup. I cannot see any instances of the atm interface bouncing so what I have done is clear the vdsl counters and I will monitor it over the next few days for errors.

Anyway, that's more information than needed. The information you have given was what I needed for my query. Thanks.