Unsolved
This post is more than 5 years old
1 Message
0
8388
November 29th, 2007 11:00
PowerConnect 6224 VRRP/tree-spanning redundancy problem
As I am new to layer 3 switches and routing I am testing the functionality of the 6224 switches in a test environment, prior to putting them into a production environment.
In the production environment all servers (Linux) will have 2 bonded ethernet interfaces each connected to a different switch for redundancy.
In the test environment I only have 2 servers (LInux) with 1 ethernet interface, so to test each of these servers is connected to a different switch.
In the production environment all servers (Linux) will have 2 bonded ethernet interfaces each connected to a different switch for redundancy.
In the test environment I only have 2 servers (LInux) with 1 ethernet interface, so to test each of these servers is connected to a different switch.
Using VRRP on 1/g1 the master/slave configuration is recognized and fails over as expected. The spanning-tree has been disabled on these interfaces, if not the fail over mechanisme didnt seem to work properly.
Using spanning-tree the uplink between the two switches over port 1/g23 and 1/g24 is working correctly switching as expected when unplugging the cables.
Pinging Server 1 from Server 2 always works fine.
Pinging Server 2 from Server 1 always works fine.
Pinging the servers from the gateway computer works fine.
Pinging the gateway on 10.0.0.1 from both servers works fine.
Pinging 64.233.187.99 (a Google IP) from both servers works fine.
THE PROBLEM :
-------------
The problems start when I unplug 1/g1 resulting in different scenarios depending on which 1 I unplug and how long I am prepared to wait.
All tests are by pinging :
- the gateway computer on 10.0.0.1 from the servers.
- the servers from the gateway computer.
The tests are performed in the order as listed.
All tests are by pinging :
- the gateway computer on 10.0.0.1 from the servers.
- the servers from the gateway computer.
The tests are performed in the order as listed.
Unplugging QCS-05 1/g1 :
- Server 1 fails "Destination net unreacheable"
- Server 2 continues.
- Ping Server 1 from the gateway computer fails.
- Ping Server 2 from the gateway works fine.
- Server 1 fails "Destination net unreacheable"
- Server 2 continues.
- Ping Server 1 from the gateway computer fails.
- Ping Server 2 from the gateway works fine.
Plugging in QCS-05 1/g1 :
- Restores all operation.
- Restores all operation.
Unplugging QCS-06 1/g1 :
- Server 1 continues.
- Server 2 fails "Destination net unreacheable"
- Ping Server 1 from the gateway works fine.
- Ping Server 2 from the gateway computer fails.
- Server 1 continues.
- Server 2 fails "Destination net unreacheable"
- Ping Server 1 from the gateway works fine.
- Ping Server 2 from the gateway computer fails.
Plugging in QCS-06 1/g1 :
- Restores all operation.
- Restores all operation.
Unplugging QCS-05 1/g1 and waiting for 3 to 25 minutes :
- All operation is restored.
If it takes longer then 25 minutes operation is never restored.
- All operation is restored.
If it takes longer then 25 minutes operation is never restored.
Unplugging QCS-06 1/g1 and waiting for 3 to 25 minutes :
- All operation is restored.
This one usually takes longer then 10 minutes to restore, which is unacceptable.
If it takes longer then 25 minutes operation is never restored.
- All operation is restored.
This one usually takes longer then 10 minutes to restore, which is unacceptable.
If it takes longer then 25 minutes operation is never restored.
Plugging in QCS-06 1/g1 :
- Everything keeps on working.
- Everything keeps on working.
Unplugging QCS-05 1/g1 and waiting for 3 to 25 minutes :
- No access between the Gateway computer and both servers.
- After a few minutes connection with Server 2 is restored.
- After about 25 minutes connection with Server 1 is restored.
- No access between the Gateway computer and both servers.
- After a few minutes connection with Server 2 is restored.
- After about 25 minutes connection with Server 1 is restored.
Plugging in QCS-05 1/g1 :
- Everything keeps on working.
- Everything keeps on working.
Unplugging QCS-06 1/g1 and waiting for 3 to 25 minutes :
- No access between the Gateway computer and both servers.
- After 4 minutes connection with Server 1 is restored.
- After 7 minutes connection with Server 2 is restored.
- No access between the Gateway computer and both servers.
- After 4 minutes connection with Server 1 is restored.
- After 7 minutes connection with Server 2 is restored.
Plugging in QCS-06 1/g1 :
- Everything keeps on working.
- Everything keeps on working.
Unplugging QCS-05 1/g1 and waiting for 3 to 25 minutes :
- No access between the Gateway computer and both servers.
- After 7 minutes connection with Server 1 is restored.
- After 20 minutes connection with Server 2 is restored.
- No access between the Gateway computer and both servers.
- After 7 minutes connection with Server 1 is restored.
- After 20 minutes connection with Server 2 is restored.
Plugging in QCS-05 1/g1 :
- Everything keeps on working.
- Everything keeps on working.
THE QUESTION(s) :
-----------------
Clearly the time to restore connections takes to long for a redundant environment.
1) Am I doing something wrong in the setup?
2) Does it go wrong due to the TEST hardware to simulate the ISP?
I think it is quite possible that the ping from the servers actually goes to the gateway computer quickly, but the gateway computer cannot reply to the correct interface because of the test switch in between.
Unfortunately I would have no idea how to verify this asumption.
I think it is quite possible that the ping from the servers actually goes to the gateway computer quickly, but the gateway computer cannot reply to the correct interface because of the test switch in between.
Unfortunately I would have no idea how to verify this asumption.
3) Are there anny timing values I can adjust to speed up the reconnection?
The hardware setup :
--------------------
Internet
|
eth0
|
+-------------------+
| Gateway computer |
| 10.0.0.1 | route add -net 123.21.456.192/24 eth1
+-------------------+
|
eth1
|
+-------------------+
| D-Link DES-1008 |
| (simple switch) |
+-------------------+
| |
== port 1 port 2 ==== Everything above this line is a test environment to simiulate the ISP. =======
===== | ===== | ====== This might cause some problems that might not occur in production??? =========
| |
| +---------------------+
| |
1/g1 1/g1
| |
+-------------------+ +-------------------+
| PowerConnect 6224 | | PowerConnect 6224 |
| QCS-05 | | QCS-06 |
+-------------------+ +-------------------+
| | | | | |
| 1/g23 1/g24 | 1/g23 1/g24
| | | | | |
| | +-----------------------------+
| | | |
| +-----------------------------+
| |
1/g10 1/g10
| |
+-------------------+ +-------------------+
| Server 1 | | Server2 |
| 123.21.456.194 | | 123.21.456.195 |
+-------------------+ +-------------------+
|
eth0
|
+-------------------+
| Gateway computer |
| 10.0.0.1 | route add -net 123.21.456.192/24 eth1
+-------------------+
|
eth1
|
+-------------------+
| D-Link DES-1008 |
| (simple switch) |
+-------------------+
| |
== port 1 port 2 ==== Everything above this line is a test environment to simiulate the ISP. =======
===== | ===== | ====== This might cause some problems that might not occur in production??? =========
| |
| +---------------------+
| |
1/g1 1/g1
| |
+-------------------+ +-------------------+
| PowerConnect 6224 | | PowerConnect 6224 |
| QCS-05 | | QCS-06 |
+-------------------+ +-------------------+
| | | | | |
| 1/g23 1/g24 | 1/g23 1/g24
| | | | | |
| | +-----------------------------+
| | | |
| +-----------------------------+
| |
1/g10 1/g10
| |
+-------------------+ +-------------------+
| Server 1 | | Server2 |
| 123.21.456.194 | | 123.21.456.195 |
+-------------------+ +-------------------+
On both switches ports are used as follows :
1/g1 VLAN2 VRRP uplink to the outside world. (tree-spanning disabled.)
1/g2 VLAN1 uplink to the local network (not connected in the test setup).
1/g3-1/g22 VLAN3 Servers. (portfast enabled)
1/g23-1/g24 VLAN3 Switch uplink. (portfast disabled)
The switch configuration scripts :
----------------------------------
QCS-05 (The spanning-tree root switch due to a lower MAC address)
------
------
!Current Configuration:
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 2-3
exit
snmp-server location "switchlocation"
hostname "QCS-05"
stack
member 1 1
exit
ip address 192.168.0.1 255.255.255.0
ip https server
ip routing
ip route 0.0.0.0 0.0.0.0 10.0.0.1
router rip
default-metric 1
exit
interface vlan 2
name "ISP internet uplink"
routing
ip address 10.0.0.21 255.255.255.0
ip vrrp 2
ip vrrp 2 mode
ip vrrp 2 ip 10.0.0.21
exit
interface vlan 3
name "Pay123"
routing
ip address 123.21.456.220 255.255.255.224
exit
username "XXXXXX" password XXXXXXXXXXXXXXXXXXXX level 15 encrypted
ip ssh server
ip vrrp
!
interface ethernet 1/g1
description 'ISP internet uplink port'
spanning-tree disable
switchport access vlan 2
exit
!
interface ethernet 1/g2
description 'local backbone uplink port'
exit
!
interface range ethernet 1/g3-1/g22
description 'Pay123 port'
spanning-tree portfast
switchport access vlan 3
exit
!
interface range ethernet 1/g23-1/g24
description 'Switch uplink port'
switchport access vlan 3
exit
exit
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 2-3
exit
snmp-server location "switchlocation"
hostname "QCS-05"
stack
member 1 1
exit
ip address 192.168.0.1 255.255.255.0
ip https server
ip routing
ip route 0.0.0.0 0.0.0.0 10.0.0.1
router rip
default-metric 1
exit
interface vlan 2
name "ISP internet uplink"
routing
ip address 10.0.0.21 255.255.255.0
ip vrrp 2
ip vrrp 2 mode
ip vrrp 2 ip 10.0.0.21
exit
interface vlan 3
name "Pay123"
routing
ip address 123.21.456.220 255.255.255.224
exit
username "XXXXXX" password XXXXXXXXXXXXXXXXXXXX level 15 encrypted
ip ssh server
ip vrrp
!
interface ethernet 1/g1
description 'ISP internet uplink port'
spanning-tree disable
switchport access vlan 2
exit
!
interface ethernet 1/g2
description 'local backbone uplink port'
exit
!
interface range ethernet 1/g3-1/g22
description 'Pay123 port'
spanning-tree portfast
switchport access vlan 3
exit
!
interface range ethernet 1/g23-1/g24
description 'Switch uplink port'
switchport access vlan 3
exit
exit
QCS-06
------
!Current Configuration:
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 2-3
exit
snmp-server location "switchlocation"
hostname "QCS-06"
stack
member 1 1
exit
ip address 192.168.0.2 255.255.255.0
ip https server
ip routing
ip route 0.0.0.0 0.0.0.0 10.0.0.1
router rip
default-metric 1
exit
interface vlan 2
name "ISP internet uplink"
routing
ip address 10.0.0.22 255.255.255.0
ip vrrp 2
ip vrrp 2 mode
ip vrrp 2 ip 10.0.0.21
exit
interface vlan 3
name "Pay123"
routing
ip address 123.21.456.220 255.255.255.224
exit
username "XXXXXX" password XXXXXXXXXXXXXXXXXXXX level 15 encrypted
ip ssh server
ip vrrp
!
interface ethernet 1/g1
description 'ISP internet uplink port'
spanning-tree disable
switchport access vlan 2
exit
!
interface ethernet 1/g2
description 'local backbone uplink port'
exit
!
interface range ethernet 1/g3-1/g22
description 'Pay123 port'
spanning-tree portfast
switchport access vlan 3
exit
!
interface range ethernet 1/g23-1/g24
description 'Switch uplink port'
switchport access vlan 3
exit
exit
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 2-3
exit
snmp-server location "switchlocation"
hostname "QCS-06"
stack
member 1 1
exit
ip address 192.168.0.2 255.255.255.0
ip https server
ip routing
ip route 0.0.0.0 0.0.0.0 10.0.0.1
router rip
default-metric 1
exit
interface vlan 2
name "ISP internet uplink"
routing
ip address 10.0.0.22 255.255.255.0
ip vrrp 2
ip vrrp 2 mode
ip vrrp 2 ip 10.0.0.21
exit
interface vlan 3
name "Pay123"
routing
ip address 123.21.456.220 255.255.255.224
exit
username "XXXXXX" password XXXXXXXXXXXXXXXXXXXX level 15 encrypted
ip ssh server
ip vrrp
!
interface ethernet 1/g1
description 'ISP internet uplink port'
spanning-tree disable
switchport access vlan 2
exit
!
interface ethernet 1/g2
description 'local backbone uplink port'
exit
!
interface range ethernet 1/g3-1/g22
description 'Pay123 port'
spanning-tree portfast
switchport access vlan 3
exit
!
interface range ethernet 1/g23-1/g24
description 'Switch uplink port'
switchport access vlan 3
exit
exit
No Events found!

