FREDARCE
asked on
JUniper router vrrp issue. both routers remain master
I am having an issue with 2 Juniper routers where all of the vrrp groups between them are in a master state despite the fact I have given one router higher priority than the other.
The one exception is the fxp0.0 port. This started to happen after rebooting both routers as part of maintenance test. Can someone help me determine why this is happening? or how I can fix it?
here is a sample of config router 1:
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 virtual-address 10.66.251.65
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 priority 110
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 preempt
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 accept-data
router 2:
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 virtual-address 10.66.251.65
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 priority 105
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 preempt
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 accept-data
router 1 vrrp status:
ge-1/0/2.1700 up 5 master Active A 0.832 lcl 10.66.251.66
vip 10.66.251.65
router 2 vrrp status:
ge-1/0/2.1700 up 5 master Active A 0.531 lcl 10.66.251.67
vip 10.66.251.65
Model: mx80
JUNOS Base OS boot [10.3R2.11]
JUNOS Base OS Software Suite [10.3R2.11]
JUNOS Kernel Software Suite [10.3R2.11]
JUNOS Crypto Software Suite [10.3R2.11]
JUNOS Packet Forwarding Engine Support (MX80) [10.3R2.11]
JUNOS Online Documentation [10.3R2.11]
JUNOS Routing Software Suite [10.3R2.11]
thanks
The one exception is the fxp0.0 port. This started to happen after rebooting both routers as part of maintenance test. Can someone help me determine why this is happening? or how I can fix it?
here is a sample of config router 1:
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 virtual-address 10.66.251.65
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 priority 110
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 preempt
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.66/28 vrrp-group 5 accept-data
router 2:
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 virtual-address 10.66.251.65
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 priority 105
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 preempt
set interfaces ge-1/0/2 unit 1700 family inet address 10.66.251.67/28 vrrp-group 5 accept-data
router 1 vrrp status:
ge-1/0/2.1700 up 5 master Active A 0.832 lcl 10.66.251.66
vip 10.66.251.65
router 2 vrrp status:
ge-1/0/2.1700 up 5 master Active A 0.531 lcl 10.66.251.67
vip 10.66.251.65
Model: mx80
JUNOS Base OS boot [10.3R2.11]
JUNOS Base OS Software Suite [10.3R2.11]
JUNOS Kernel Software Suite [10.3R2.11]
JUNOS Crypto Software Suite [10.3R2.11]
JUNOS Packet Forwarding Engine Support (MX80) [10.3R2.11]
JUNOS Online Documentation [10.3R2.11]
JUNOS Routing Software Suite [10.3R2.11]
thanks
ASKER
I deleted the preempt on the backup node but still no difference. I also spanned the ports on the switch the routers are connected to and i can see VRRP advertisements from borh routers. Strange part is the vrrp stats on the router only show that the router is sending vrrp and showing 0 for recieved?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi,
Can you ping 10.66.251.67 from 10.66.251.66?
Can you ping 10.66.251.67 from 10.66.251.66?
Not sure about the Juniper implementation, but unlike HSRP, in VRRP the preferred master router should be the "IP address owner", meaning that the physical interface address is the virtual address (RFC5798).
Did you change the JunOS version by chance during that maintenance reboot, so the behavior might have changed?
Tamas
Did you change the JunOS version by chance during that maintenance reboot, so the behavior might have changed?
Tamas
ASKER
appears to be a bug in Cisco switch that doesn't forward the multicast packets. Another reboot of switch is a workaround. Fix is to upgrade IOS.
thanks
thanks
Glad I could help bud :)
also is there anything in between the 2 routers that may be stopping the VRRP multicast cos both nodes that think they are master normally means that VRRP isnt getting through