Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1599
Views
0
Helpful
9
Replies

Multiple Group Optimization for VRRP

anandbhalla
Level 1
Level 1

‎10-12-2013 11:30 AM

Hi experts,

Could someone guide me towards configuration template for achieving MGO for VRRP.

I have two ASR9006 connected to a there respective switch on a 1Gig link. The switches are interconnected and passing the VLANs.

The 1Gig interface is configured with 10 dot1q sub-interfaces on both the ASR's. Would like to run VRRP on the 1st sub-interface and assign it a name. The remaining sub-interfaces to be configured as slave and to follow the mgo sesssion name.

Br,

Anand


Labels:
0 Helpful
9 Replies 9

xthuijs
Cisco Employee
Cisco Employee

‎10-13-2013 06:48 AM

Here is an example:

RP/0/0/CPU0:ios#configure 
RP/0/0/CPU0:ios(config)#interface gigabitEthernet 0/0/0/0 
RP/0/0/CPU0:ios(config-if)#ipv4 address 10.0.0.50/24
RP/0/0/CPU0:ios(config-if)#exit
RP/0/0/CPU0:ios(config)#router hsrp
RP/0/0/CPU0:ios(config-hsrp)#interface gigabitEthernet 0/0/0/0 
RP/0/0/CPU0:ios(config-hsrp-if)#address-family ipv4
RP/0/0/CPU0:ios(config-hsrp-ipv4)#hsrp 1
RP/0/0/CPU0:ios(config-hsrp-gp)#address 10.0.0.1
RP/0/0/CPU0:ios(config-hsrp-gp)#name AFC
RP/0/0/CPU0:ios(config-hsrp-gp)#exit
RP/0/0/CPU0:ios(config-hsrp-ipv4)#hsrp 10 slave
RP/0/0/CPU0:ios(config-hsrp-slave)#address 10.0.0.10
RP/0/0/CPU0:ios(config-hsrp-slave)#follow AFC

Note that VRRP MGO requires 4.3.0 onwards (432 recommended right now, 434 is end of nov/early dec and will be a "golden" release)

xander

0 Helpful

Rakesh Madupu
Level 1
Level 1
In response to xthuijs

‎10-13-2013 07:22 AM

Hello Alexander,

I have the below configuration template for vrrp  MGO which I am intending for a deployment, will this work , any enhancements for the below configuration from your prespective ?

What is the Default-Mac Referesh Rate for for Slave Groups and should we go with increasing or decreasing the value ? Most of my configurations are based on Sub-Interfaces based the same-Physical Interface , so Should i worry about Mac-Refresh ?

Thanks

-------------------------

router vrrp

interface GigabitEthernet0/0/0/2.100

  address-family ipv4

   vrrp 100

    name MASTER1

    priority 90

    address 200.0.0.100

   !

  !

!

interface GigabitEthernet0/0/0/2.101

  address-family ipv4

   vrrp 101 slave

    follow MASTER1

    address 201.0.0.100

   !

  !

!

!

interface GigabitEthernet0/0/0/2.102

  address-family ipv4

   vrrp 102 slave

    follow MASTER1

    address 202.0.0.100

   !

  !

!

!

interface GigabitEthernet0/0/0/2.103

  address-family ipv4

   vrrp 103 slave

    follow MASTER1

    address 203.0.0.100

   !

  !

-------------------------------------

0 Helpful

xthuijs
Cisco Employee
Cisco Employee
In response to Rakesh Madupu

‎10-13-2013 07:30 AM

This configlet looks like it is correct Madupu!

As for failover time, it is basically a TCAM rewrite in the "for me" mac table, that goes rather quick in the order of msecs,

after the failover is detected as required by the master (and that depends on state change notification and hello times etc).

regards

xander

0 Helpful

Rakesh Madupu
Level 1
Level 1
In response to Rakesh Madupu

‎10-13-2013 07:42 AM

Thank you so much for a swift Reply. As per the Trail above, we are using 4.3.2 and faced issues during the initial configuration while trying to configure the same. And we encountered the core-dump for the vrrp process and we have a Tac Case opened. With your due Permission, can we have your email id to share the case details ?

As far the failover with Vrrp goes, we are planning for 300 msec failover for ASR to ASR , and defaults with non-cisco Nodes.

One More query w.r.t to Vrrp Would be, we have a corner case scenario , where we are running Ldp Based VPLS for Passing VRRP Hello's between two back-to-back connected ASR 9006 Routers and intent for VPLS as you already know is to create a L2 channel and source Hello's through BVI which will be gateway to End-Nodes.

As there are implementations based on Ldp and Bgp as well, is there any preferred method of doing VPLS or constructing a L2 channel between these two ASR routers ?

Thank You

0 Helpful

xthuijs
Cisco Employee
Cisco Employee
In response to Rakesh Madupu

‎10-13-2013 08:27 AM

Found your case Rakesh, I checked a few things, but it looks like you have unconvered a new issue ...

This is a DDTS and Is ee that your TAC eng is working with our development group for HSRP/VRRP to sort this out.

it seems to fail on a memory allocation of a rather exorbitant size. With a little luck after this core things have "healed" and you can continue your configuration, but regardless this is a SW fault that needs to be fixed, which is in progress...

regards

xander

0 Helpful

Rakesh Madupu
Level 1
Level 1
In response to xthuijs

‎10-13-2013 08:50 AM

Thank You so much Xander, Would request you to help me out with the second query

"

As far the failover with Vrrp goes, we are planning for 300 msec failover for ASR to ASR , and defaults with non-cisco Nodes.

One  More query w.r.t to Vrrp Would be, we have a corner case scenario ,  where we are running Ldp Based VPLS for Passing VRRP Hello's between two  back-to-back connected ASR 9006 Routers and intent for VPLS as you  already know is to create a L2 channel and source Hello's through BVI  which will be gateway to End-Nodes.

As  there are implementations based on Ldp and Bgp as well, is there any  preferred method of doing VPLS or constructing a L2 channel between  these two ASR routers ?

"

Thank you

0 Helpful

xthuijs
Cisco Employee
Cisco Employee
In response to Rakesh Madupu

‎10-13-2013 10:30 AM

Rakesh:

300msec is doable, when using BFD for peer failure detection.

you're running LDP and BGP over VRRP peerings? That is you have an LDP session BETWEEN edge nodes that use the vmac/vip to peer with BGP and LDP. Forget it mate, this is not a good idea. VRRP/HSRP is design for end stations and providing a default gateway, not for BGP or LDP peerings it will not work.

If your ask is I want to converge quicker from my core facing side so that core traffic is directed to the new active faster, that is possible of course. You would probably want to use tracking either locally or with EEM to find out core state and induce failover that way. If using EEM it will not be 300msec but a second or 2 something like that (this because the EEM script kick in and reconfig takes that long, async process driven).

regards

xander

0 Helpful

Rakesh Madupu
Level 1
Level 1
In response to xthuijs

‎10-13-2013 01:00 PM

Hello Xander,

Thanks for revert, I might have not communicated well in my earlier post, here is the below Design which we are trying to achieve

The query would be, In order to Pass VRRP Hello Between these BVI interfaces in this case we are using LDP based VPLS to achieve the L2 Channel for VRRP pass through,

q1 Is Ldp based Vpls is stable enought ?

q2 Is Bgp Based Vpls is good to go ?

q3 Would either of these two work ?

q4 Any other way can we achieve the vrrp Pass through

We initially thought about having End-to-End Sub-interfaces (L2) so that it will be a pure L2-channel, but we realised its going to be cumbersome,

Also can you please shed some more light on Usage of EEM, Looks like I am going to need more coffee Now !

Have a Great Day ahead Sir !

Thanks

0 Helpful

Rakesh Madupu
Level 1
Level 1
In response to Rakesh Madupu

‎10-13-2013 01:03 PM

Looks like Image is not displayed,

0 Helpful
Customers Also Viewed These Support Documents