cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
651
Views
0
Helpful
4
Replies

Seems like STP issue on Nexus 6K with HSRP.

Saurabh Kishore
Level 1
Level 1

Our Nexus 6K config

6K1:
interface Vlan24
  no shutdown
  vrf member ggn1
  no ip redirects
  ip address 192.168.24.4/28
  hsrp 24
    preempt delay reload 60
    priority 150
    ip 192.168.24.6

6k1(config)# show run | sec spanning
spanning-tree vlan 1-3967 priority 0

------
6k2:

interface Vlan24
  no shutdown
  vrf member ggn1
  no ip redirects
  ip address 192.168.24.5/28
  hsrp 24
    preempt delay reload 60
    priority 5
    ip 192.168.24.6

6K2# show run | sec spanning
spanning-tree vlan 1-3967 priority 0

----

Now while Doing a ping from a 192.168.24.x machine we get:
[root@usergate ~]# ping 192.168.24.6
PING 192.168.24.6 (192.168.24.6) 56(84) bytes of data.
64 bytes from 192.168.24.6: icmp_seq=1 ttl=255 time=42.8 ms
64 bytes from 192.168.24.6: icmp_seq=2 ttl=255 time=0.690 ms
64 bytes from 192.168.24.6: icmp_seq=3 ttl=255 time=41.3 ms
64 bytes from 192.168.24.6: icmp_seq=4 ttl=255 time=0.695 ms
64 bytes from 192.168.24.6: icmp_seq=5 ttl=255 time=41.6 ms
64 bytes from 192.168.24.6: icmp_seq=6 ttl=255 time=0.722 ms
64 bytes from 192.168.24.6: icmp_seq=7 ttl=255 time=37.3 ms
64 bytes from 192.168.24.6: icmp_seq=8 ttl=255 time=0.705 ms

Why does my Ping has inconsistent times?

---

All HSRP are active on Nexus 6K1

When I do a traceroute to the HSRP IP of Vlan 108  from a machine in another vlan we get:

[root@usergate ~]# traceroute 192.168.108.1
traceroute to 192.168.108.1 (192.168.108.1), 30 hops max, 60 byte packets
 1  192.168.108.40 (192.168.108.40)  3.649 ms 192.168.24.4 (192.168.24.4)  0.478 ms 192.168.108.40 (192.168.108.40)  3.848 ms
 
[root@usergate ~]# traceroute 192.168.108.1
traceroute to 192.168.108.1 (192.168.108.1), 30 hops max, 60 byte packets
 1  192.168.108.40 (192.168.108.40)  2.725 ms 192.168.24.4 (192.168.24.4)  0.449 ms 192.168.108.40 (192.168.108.40)  2.854 ms

[root@usergate ~]# traceroute 192.168.108.1
traceroute to 192.168.108.1 (192.168.108.1), 30 hops max, 60 byte packets
 1  192.168.108.40 (192.168.108.40)  3.675 ms  3.835 ms  4.016 ms

[root@usergate ~]# traceroute 192.168.108.1
traceroute to 192.168.108.1 (192.168.108.1), 30 hops max, 60 byte packets
 1  192.168.108.40 (192.168.108.40)  2.905 ms 192.168.24.4 (192.168.24.4)  0.586 ms  1.076 ms

 

 

4 Replies 4

Hi,

 

with this output i have to ask my magic 8 ball. sorry.

but if you use vPC why don't you use glbp (don't forget NXOS5.2 and lower GLBP do not support IPV6). My magic 8 ball means that you could maybe have  a problem that you forwarding traffic over your vPC-Peerlink.

But i don't know your design or from where do your icmp-request +-reply starts / end. but it seems layer3 (udp33434) has the problem, too.

regards,

flo

Just found out that with VPC Peer running it is mandate to have STP priority 0 on both the switches.

 

But this inconsistent Ping on the Network is really worrying me. The reason I am troubleshooting on this is that at times for a few minutes the network becomes very latent and Ping times to even Internal Network rises and there is a huge latency problem.

 

CPU, memory on the nexus switches seems to be normal, Interface errors on a few interfaces, but I really cannot nail down the problem to anything specific then I came across this behavior.

Even with VPC you still need to define which switch is the root and which one is backup root.

for example: if you want switch 1 to be the primary root for MST instance 1 then you need this command:

spanning-tree mst 1 root primary

and switch 2 secondary

spanning-tree mst 1 root secondary

HTH

 

My spanning Tree configuration on both the switches is:

 

spanning-tree mode rapid-pvst
spanning-tree pathcost method short
no spanning-tree port type edge default
no spanning-tree port type network default
spanning-tree bridge assurance
no spanning-tree loopguard default
spanning-tree vlan 1-3967
spanning-tree vlan 1-3967 priority 0
spanning-tree vlan 1-3967 hello-time 2
spanning-tree vlan 1-3967 fex-hello-time 12
spanning-tree vlan 1-3967 forward-time 15
spanning-tree vlan 1-3967 max-age 20

 

What are the recommended configuration changes?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: