we have a FX2 with 2 FN410T as IOMs. I changed the mode from Standalone to VLT and I'm not sure if this works correctly. I did it strongly like advised in the Deployment-Guide found here:
But the Backup-Link in the 2 modules are a 169-IP-address wich is a little suspicous for me. Also I tried to reboot one of the 2 IOM. I first set the 2 external ports to down wich sets also the internal ports down. That makes me a bit wondering. But the connection was still okay and the other IOM did all the work.
Than I reloaded the first IOM wich was offline and after it was back the connection to the servers was lost for appr. a minute. And this is totaly weird in my opinion.
The Dashboard of the 2 IOMs say it is all okay and VLT is up and running with all necessary links and heartbeats and so on. But why is after a reload the connection lost for a while?
According to the documentation, the VLTi link is going to use the management IP.
# vlt domain 1
# peer-link port-channel 127
# back-up destination 172.25.189.27
# unit-id 1
What do you have the backup destination set to? The management IP set to? What show command are you running to see the 169 command?
Here is another VLT document with some good best practices to follow.
I would have a look at adjusting the delay timer.
"The delay-restore feature waits for all saved Configurations to be applied, then starts a Configurable timer. After the timer expires, the VLT ports are enabled one-by-one in a controlled manner. The delay between bringing up each VLT port-channel is proportional to the number of physical members in the port-channel. The default is 90 seconds. To change the duration of the Configurable timer, use the delay-restore command."
Yes, I expected the backup-link to be the Management-IP. And I configured one on each of the IOM. And they are both pingable by each other. Than I used the VLT-Mode wich is kinda autoconfiguration. The PO 127 as VLT-Peer-Link is configured and working. But this mode seems not allowing me to configure the VLT-Domain.
I got the address by a standard "sh run". Here's the vlt-domain part:
vlt domain 1
peer-link port-channel 127
back-up destination 169.254.31.22
system-mac mac-address 00:01:06:01:02:09
I'll have a look at the document you mentioned. Thx. But I suppose I'm not allowed to change this parameter in this mode.
And I thought that VLT is the possibility to have maintenance (incl. a reload) on one of the IOMs without service interruption? And now a reload without any maintenance gives me the interruption!?
You should be able to use the command # back-up distention, to make the change to the management IP.
The service should not be interrupted when just one switch is down. When you said the connection to the server was lost for a minute, I thought you meant the connection to the switch that was reloaded. But I guess you meant ALL connections to the servers were lost, including the switch that stayed up? If that is the case, then that is not normal operation. Did the logs record anything during this time?
No, sorry. I do not have this command. In EXEC and CONF I have the following:
asset-tag Write AssetTag information
bmp BMP commands
cd Change current directory
clear Reset functions
clock Manage the system clock
clone-config Configure cloning related commands
configure Configuring from terminal
copy Copy from one file to another
debug Debug functions
delete Delete a file
diag Run diagnosis
dir List files on a filesystem
disable Turn off privileged commands
enable Turn on privileged commands
exit Exit from the EXEC
format Format a filesystem
monitor Monitoring feature
no Negate a command
offline Take stack-unit offline
online Bring stack-unit online
ping Send echo messages
power-cycle Power-cycle the unit(s)
pwd Display current working directory
redundancy stack-unit failover
release Release the ip address back to dhcp server
reload Halt and perform a cold restart
rename Rename a file
renew Renew the lease of IP address obtained through dhcp
reset Reset selected card
restore Restore sub commands
show Show running system information
ssh-peer-stack-unit Open a SSH connection to the peer stack-unit
start Start shell
stop Stop the BMP functionality
tcpdump Capture the TCP traffic at CPU
tdr-cable-test Start diagnostics (TDR test) for the cable
telnet Open a telnet connection
telnet-peer-stack-unit Open a telnet connection to the peer stack-unit
terminal Set terminal line parameters
traceroute Trace route to destination
undebug Disable debugging
upgrade Upgrade subcommands
upload Upload file
write Write running configuration to memory or terminal
aaa Authentication, Authorization and Accounting
banner Define a login banner
boot Modify system boot parameters
clock Configure time-of-day clock
dcb Data Center Bridging
default Set a command to its default
enable Modify enable parameters
end Exit from configuration mode
exit Exit from configuration mode
feature Feature enable options
ftp-server FTP configuration subcommands
hostname Set system's network name
interface Select an interface to configure
io-aggregator I/O Aggregator Blade Switch configuration
ip Global IP configuration subcommands
lacp Configure LACP
line Configure a terminal line
logging Modify message logging facilities
management Create a management crypto or route, etc
monitor Monitor monitored ports
ntp Configure NTP
protocol Select a protocol to configure
radius-server Set up RADIUS server
redundancy Set up stack-unit redundancy configuration
reload-type Enter reload-type submode
script Start or stop a script
service Service selected component
snmp-server Modify SNMP parameters
stack-unit Configure stack-unit
tacacs-server Set up TACACS+ server
uplink-state-group Uplink state group creation and configurations
username Establish user name authentication
Nothing to change to VLT or BACKUP. And as I said: the management-ip is set. Also Gaeway, routing, DNS, ...
The logs of the IOM wich should stayed up mention the following:
Aug 25 03:49:03: %STKUNIT0-M:CP %IFMGR-5-OSTATE_DN: Changed interface state to down: Te 0/9
Aug 25 03:49:03: %STKUNIT0-M:CP %IFMGR-5-OSTATE_DN: Changed interface state to down: Po 127
Aug 25 03:49:04: %STKUNIT0-M:CP %VLTMGR-6-VLT_ICL_DOWN: InterChassis Link is down (link down).
Aug 25 03:49:06: %STKUNIT0-M:CP %VLTMGR-6-VLT_HBEAT_DOWN: Heart beat link is down (down).
Aug 25 03:49:06: %STKUNIT0-M:CP %VLTMGR-6-VLT_ELECTION_ROLE: Chassis is transitioning to primary role.
Aug 25 03:49:06: %STKUNIT0-M:CP %VLTMGR-6-VLT_PEER_STATUS: Peer chassis is down.
Aug 25 03:50:49: %STKUNIT0-M:CP %LLDP-5-LLDP_PEER_AGE_OUT: DCBX operationally disabled due to LLDP peer timing out on interface Te 0/9
Aug 25 03:51:02: %STKUNIT0-M:CP %IFMGR-5-OSTATE_UP: Changed interface state to up: Te 0/9
Aug 25 03:51:02: %STKUNIT0-M:CP %IFMGR-5-OSTATE_UP: Changed interface state to up: Po 127
Aug 25 03:51:19: %STKUNIT0-M:CP %IFMGR-5-OSTATE_DN: Changed interface state to down: Te 0/9
Aug 25 03:51:20: %STKUNIT0-M:CP %IFMGR-5-OSTATE_DN: Changed interface state to down: Po 127
Aug 25 03:51:24: %STKUNIT0-M:CP %IFMGR-5-OSTATE_UP: Changed interface state to up: Te 0/9
Aug 25 03:51:24: %STKUNIT0-M:CP %IFMGR-5-OSTATE_UP: Changed interface state to up: Po 127
Aug 25 03:51:31: %STKUNIT0-M:CP %VLTMGR-6-VLT_ICL_UP: InterChassis Link is up.
Aug 25 03:51:32: %STKUNIT0-M:CP %VLTMGR-6-VLT_PEER_STATUS: Peer chassis is up.
Aug 25 03:51:32: %STKUNIT0-M:CP %VLTMGR-6-VLT_HBEAT_UP: Heart beat link is up.
And yes, I pinged a VM from the external side and have successful pings during the complete reload-process. when the IOM was up this ping was unseccessful for a while and came back than.
The back-up command will be present under the vlt domain.
# vlt domain 1
# back-up destination x.x.x.x
I suggest getting the backup destination set correctly. Perhaps reduce the timer to 30 or 60 seconds. Look through that best practice list for any other tweaks that can be made. Then test again, hopefully the changes will get rid of the loss of connection that you saw.
Here is a KB article with some more information on testing.
In this forum post, a community member found that adjusting the rstp hello timers helped with switch facing interfaces. May be another area to fine tune.
thx for your suggestions. But I cannot Change to the vlt-mode. I showed you all comands I can issue in EXEC and conf-mode. But no VLT.
And RSPT is not enabled in the Moment.
Thx and regards
we are faceing the same problem with the VLT configured on the management interface IP. When the pair comes up we are experiencing a 30 sec timeout.
Did you find a solution for your case? Would you share it?
sorry, currently I haven't found a solution. Bute I opened a case and now I should first update my firmware. Let's see. This is planned for next friday