We have a setup at a customer site, whereby a Cisco 887-VA-K9 and a Cisco 887-VA-SEC-K9 are each connected to their own ADSL connections into our customers MPLS cloud.
We have HSRP running on the LAN side between these routers and the Active router (the SEC-K9) is tracking our MPLS Sponge address (10.10.10.1). The HSRP priority will drop from 110 to 80 if the tracker goes down.
The setup is as follows:
Active Config (887-VA-SEC-K9)
track 123 ip sla 1 reachability
ip sla auto discovery ip sla 1 icmp-echo 10.10.10.1 source-interface Dialer0 frequency 10 ip sla schedule 1 life forever start-time now
interface Vlan1 ip address 192.168.1.252 255.255.255.0 ip nbar protocol-discovery standby 10 ip 192.168.1.254 standby 10 priority 110 standby 10 preempt standby 10 track 123 decrement 30
Standby Config (887-SEC-K9)
interface Vlan1 ip address 192.168.1.253 255.255.255.0 ip nbar protocol-discovery standby 10 ip 192.168.1.254 standby 10 priority 90 standby 10 preempt
Our customer has not complained of any performance issues. However when I look at the logs of the primary I can see severe HSRP flapping.
Jun 10 13:21:16 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Up->Down Jun 10 13:21:16 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Active -> Speak Jun 10 13:21:21 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Down->Up Jun 10 13:21:22 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Speak -> Active Jun 10 13:36:26 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Up->Down Jun 10 13:36:28 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Active -> Speak Jun 10 13:36:31 BST: %TRACKING-5-STATE: 123 ip sla 1 reachability Down->Up Jun 10 13:36:34 BST: %HSRP-5-STATECHANGE: Vlan1 Grp 10 state Speak -> Active
My understanding of the above config is that the Active will poll the MPLS Sponge IP at 10 second intervals using ICMP. However based on the above log, it appears that the Active router detects that a ping fails at 13:36:26 but then realizes it comes back at 13:36:31 only 5 seconds later. But if it only polls every 10 seconds, should it not be AT LEAST10 seconds until it polls again to see that it is up?
Given the noise and line length on some of these MPLS sites, a small bit of packet loss and reduced line speed is acceptable. However I want to make sure that I fully understand how tracking works before I look at adjusting its sensitivity to perhaps allow more tolerance.
This seems to be working. We have set this on a couple of affected customer sites and the flapping seems to have stopped without any adverse affect to the customers setup. I cannot see any instances of the atm interface bouncing so what I have done is clear the vdsl counters and I will monitor it over the next few days for errors.
Anyway, that's more information than needed. The information you have given was what I needed for my query. Thanks.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...