Product and Software: This article applies to all Aruba controllers and ArubaOS versions.
The VRRP tracking mechanism provides the ability to track a particular variable and adjust the priority accordingly these variables are:
a. master-up-time tracking based on how long we have been MASTER
b. vrrp-master-state tracking based on another vrrp's MASTER state The master-up-time option tracked the duration that the controller has been Master for this VRRP instance and the vrrp-master-state option track the master state of the other VRRP group.
Aruba controllers can be configured as master, local or standby. The master and standby controllers are function as a group to provide master redundancy. The role of the controller is base on the state of the VRRP group configured in the master redundancy configuration.
If the VRRP state is master, the controller role is master, and if the VRRP state is backup, the controller role is standby. The standby controller will become the master controller should the master controller failed. The default VRRP priority is 100, the higher the value, the higher the priority.
If preempt is enable, the controller with higher priority will be the VRRP master for the VRRP group.
The VRRP preempt option has to be enable on both controllers for VRRP tracking to work.
If more than one VRRP groups are configured on the controller, it is important to ensure that the master redundancy will failover to the other controller if the any of the VRRP group failed, this could be done with the vrrp-master-state option.
The VRRP group is shutdown by default, it is recommended that you enable the VRRP group after you have configured the master redundancy.
Configuration on master controller:
peer-ip-address 10.168.15.5 ipsec <key> (The IPSEC key is required for AOS 3.x configuration)
ip address 10.168.8.35
tracking master-up-time 30 add 20
The "tracking master-up-time 30 add 20" means that a priority of 20 should be added to the configured priority
if the switch stays as the Master for this VRRP group for 20 minutes or more.
Syntax: show vrrp
Description: To verify VRRP configuration and check the state
(Lab-02) #show vrrp
Virtual Router 1:
Admin State UP, VR State MASTER
IP Address 10.168.8.35, MAC Address 00:00:5e:00:01:01, vlan 1
Priority 110, Advertisement 1 sec, Preemption Enable
Auth type NONE
tracking type is master-up-time, duration 30 minutes, value 20
tracked priority 130
Syntax: show master-redundancy
Description: Check master redundancy state
(Lab-02) #show master-redundancy
Master redundancy configuration:
VRRP Id 1 current state is MASTER
Peer's IP Address is 10.168.15.5
Peer's IPSEC Key is ********
CLI: AOS 2.5.x and 3.x
Syntax: show switches
Description: Check master redundancy state between the master and standby
(Lab-02) #show switches
IP Address Name Location Type Version Status Configuration State Config Sync Time (sec)
---------- ---- -------- ---- ------- ------ ------------------- ----------------------
10.168.15.3 Lab-02 Building1.floor1 master 184.108.40.206 up UPDATE SUCCESSFUL 0
10.168.15.5 Lab-03 Building1.floor1 standby 220.127.116.11 up UPDATE SUCCESSFUL 5
CLI: AOS 3.x
Syntax: show crypto ipsec sa
Description: Check ipsec tunnel status between master and stanby
(Lab-02) #show crypto ipsec sa
Initiator IP: 10.168.15.5
Responder IP: 10.168.15.3
Initiator cookie:1231f7a723c2475f Responder cookie:bd1beabce1fc6cb9
Ipsec-map name: default-primary-master-ipsecmap
SA Creation Date: Thu Dec 20 08:39:54 2007
Life secs: 7200
Initiator Phase2 ID: 10.168.15.5/255.255.255.255
Responder Phase2 ID: 10.168.15.3/255.255.255.255
Phase2 Transform: EncAlg:esp-3des HMAC:esp-sha-hmac
OUT SPI c6da4200, IN SPI bb40ff00
Reference count: 3
CLI: AOS 2.5.x and 3.x
Syntax: show vrrp statistics <VRRP ID>
Description: Check VRRP statistictics and master up time
(Lab-02) #show vrrp statistics 1
Sent: 83194 Received: 170
Zero priority sent: 1 Zero priority received: 0
Tracking priority overflow: 0
Advertisements received errors:
Interval mismatch 0 Invalid TTL 0
Invalid packet type 0 Authentication failure 0
Invalid auth type 0 Mismatch auth type 0
Invalid VRRP IP address 0 Invalid packet length 0
VRRP Up timestamp: Wed Dec 19 12:03:10 2007
Master Up timestamp: Wed Dec 19 18:12:11 2007
Last advertisement sent timestamp: Wed Dec 19 22:56:07 2007
Last advertisement received timestamp: Wed Dec 19 18:12:08 2007
Current time: Wed Dec 19 22:56:08 2007
Number times became VRRP Master: 4