VRRP question

I'm trying to get VRRP on dot1q sub-interfaces working.  I'm seeing some strange behaviour with both sides being MASTER

R1 ->2960 stack port 1/0/1
R2 ->2960 stack port 2/0/1

 

sho run int g1/0/1

interface GigabitEthernet1/0/1

 description RTR1Ge0/0

 switchport mode trunk

end

 

sho run int g2/0/1

interface GigabitEthernet2/0/1

 description RTR2Ge0/0

 switchport mode trunk

end

 

sho int trunk

Port        Mode             Encapsulation  Status        Native vlan

Gi1/0/1     on               802.1q         trunking      1



Port        Vlans allowed on trunk

Gi1/0/1     1-4094


Gi2/0/1     1-4094




Port        Vlans in spanning tree forwarding state and not pruned

Gi1/0/1     1-3,5,38-39,43-45,100,246-247



Gi2/0/1     1-3,5,38-39,43-45,100,246-247




============

R1


interface GigabitEthernet0/0

 description UPLINK ***

 no ip address

 no ip redirects

 no ip unreachables

 no ip proxy-arp

 duplex auto

 speed auto

!

interface GigabitEthernet0/0.2

 description VLAN2 Network ***

 encapsulation dot1Q 2

 ip address 172.16.240.2 255.255.255.128

 ip helper-address 172.17.206.41

 ip helper-address 172.19.219.7

 vrrp 2 ip 172.16.240.1

 vrrp 2 preempt delay minimum 1

 vrrp 2 priority 110

 vrrp 2 authentication PASSWORD

 vrrp 2 track 1 decrement 30



GigabitEthernet0/0.2 - Group 2

  State is Master

  Virtual IP address is 172.16.240.1

  Virtual MAC address is 0000.5e00.0102

  Advertisement interval is 1.000 sec

  Preemption enabled, delay min 1 secs

  Priority is 110

    Track object 1 state Up decrement 30

  Authentication text, string "PASSWORD"

  Master Router is 172.16.240.2 (local), priority is 110

  Master Advertisement interval is 1.000 sec

  Master Down interval is 3.570 sec



===================

Shut, no shut on R1 results in the following log messages:



Apr 22 14:53:56.859 UTC: %VRRP-6-STATECHANGE: Gi0/0.2 Grp 2 state Master -> Init

Apr 22 14:55:50.735 UTC: %VRRP-6-STATECHANGE: Gi0/0.2 Grp 2 state Init -> Backup

Apr 22 14:55:54.307 UTC: %VRRP-6-STATECHANGE: Gi0/0.2 Grp 2 state Backup -> Master

Apr 22 14:55:54.307 UTC: VRRP: tbridge_smf_update failed




==========================



R2


interface GigabitEthernet0/0

 description UPLINK ***

 no ip address

 no ip redirects

 no ip unreachables

 no ip proxy-arp

 duplex auto

 speed auto

!

interface GigabitEthernet0/0.2

 description VLAN2 Network ***

 encapsulation dot1Q 2

 ip address 172.16.240.3 255.255.255.128

 ip helper-address 172.17.206.41

 ip helper-address 172.19.219.7

 ip nat inside

 ip virtual-reassembly in

 vrrp 2 ip 172.16.240.1

 vrrp 2 authentication PASSWORD





sho vrrp int g0/0.2

GigabitEthernet0/0.2 - Group 2

  State is Master

  Virtual IP address is 172.16.240.1

  Virtual MAC address is 0000.5e00.0102

  Advertisement interval is 1.000 sec

  Preemption enabled

  Priority is 100

  Authentication text, string "PASSWORD"

  Master Router is 172.16.240.3 (local), priority is 100

  Master Advertisement interval is 1.000 sec

  Master Down interval is 3.609 sec





=====================

Shut, no shut int g0/0.2 and I get the following on R2
Apr 22 14:52:09.461 UTC: %VRRP-6-STATECHANGE: Gi0/0.2 Grp 2 state Master -> Init 

Apr 22 14:52:14.853 UTC: %VRRP-6-STATECHANGE: Gi0/0.2 Grp 2 state Init -> Backup

Apr 22 14:52:18.465 UTC: %VRRP-6-STATECHANGE: Gi0/0.2 Grp 2 state Backup -> Master



======================


The wierd thing is other sub interfaces show up as master and backup correctly while some do not.  I'm baffled.  Any ideas?





======================

R1#sho vrrp br

Interface          Grp Pri Time  Own Pre State   Master addr     Group addr

Gi0/0.2            2   110 3570       Y  Master  172.16.240.2    172.16.240.1

Gi0/0.3            3   110 3570       Y  Master  172.16.240.130  172.16.240.129

Gi0/0.43           43  110 3570       Y  Master  10.43.240.2     10.43.240.1

Gi0/0.44           44  110 3570       Y  Master  10.44.240.2     10.44.240.1

Gi0/0.45           45  110 3570       Y  Master  10.45.240.2     10.45.240.1

Gi0/0.246          246 110 3570       Y  Master  10.246.240.2    10.246.240.1







R2#sho vrrp br

Interface          Grp Pri Time  Own Pre State   Master addr     Group addr

Gi0/0.2            2   100 3609       Y  Master  172.16.240.3    172.16.240.1

Gi0/0.3            3   100 3609       Y  Backup  172.16.240.130  172.16.240.129

Gi0/0.43           43  100 3609       Y  Master  10.43.240.3     10.43.240.1

Gi0/0.44           44  100 3609       Y  Backup  10.44.240.2     10.44.240.1

Gi0/0.45           45  100 3609       Y  Master  10.45.240.3     10.45.240.1

Gi0/0.246          246 100 3609       Y  Backup  10.246.240.2    10.246.240.1




Comments

  • I would check the switch connected to the R1 and R2 and verify vlan 2 is on that trunk.

    Mark

  • It is in your output here:

    sho int trunk

    Port        Mode             Encapsulation  Status        Native vlan

    Gi1/0/1     on               802.1q         trunking      1

    MISSIG Gi2/0/1 like above, it should show the ecapsulation mode and status eh? Maybe a bug



    Port        Vlans allowed on trunk

    Gi1/0/1     1-4094

    Gi2/0/1     1-4094



    Port        Vlans in spanning tree forwarding state and not pruned

    Gi1/0/1     1-3,5,38-39,43-45,100,246-247


    Gi2/0/1     1-3,5,38-39,43-45,100,246-247

  • I was able to solve this problem.  There was a firewall inbetween the routers and the switch that was dropping some VRRP packets and passing others.

    I had the firewall guys allow all that traffic and it worked. 

Sign In or Register to comment.