Wireless Access

Reply
Contributor II

VLAN1 should not be used for Master-Master VRRP??

I am testing Master-Master, Master-Standby VRRP shown below:

 

[Master-Master]  ArubaOS 5.0.4.6  Aruba 3400 

interface vlan 1
        ip address 172.200.1.206 255.255.252.0

 

master-redundancy
  master-vrrp 10
  peer-ip-address 172.200.1.207 ipsec ********

vrrp 10
  priority 110
  ip address 172.200.1.208
  vlan 1
  preempt
  tracking master-up-time 30 add 20
  no shutdown

ip default-gateway 172.200.1.1

 

[Master-Standby]  ArubaOS 5.0.4.6  Aruba 3400 

interface vlan 1
        ip address 172.200.1.207 255.255.252.0

 

master-redundancy
  master-vrrp 10
  peer-ip-address 172.200.1.206 ipsec ********

vrrp 10
  priority 110
  ip address 172.200.1.208
  vlan 1
  preempt
  tracking master-up-time 30 add 20
  no shutdown

ip default-gateway 172.200.1.1

 

When I configured above, WebUI for 172.200.1.208 has a problem. After typed userid and password in WebUI,

it takes so long (more than 30mins) to show first screen. In the show log,

May  3 03:37:50  webui[1314]: PAPI_Send: To: 7f000001:8224 Type:0x4 Timed out.

 

Also, when I tried to perform "show running-config" in Master-Master controller using serial connection,

Module STM busy is displayed.

(Master-Master) #show run
Building Configuration...
Module STM is busy. Please try later

There is a entry in show log:

May  3 03:24:46  stm[1432]: <304001> <ERRS> |stm|  Unexpected stm (Station managment) runtime error at data_path_handler, 649, data_path_handler: recv - Network is down

Off cource, Master-Master and Master-Standby communicates each other in Layer2 switch.

I left above over night and WebUI showed normally and show running-config responded normally. I do not know how long did it take for timeout.

 

From my experience in past, when I used VLAN1 for Master-Local redundancy, same symptom occured.

Since then, I avoid using VLAN1 for Master-Master or Master-Local controller ipsec communication.

 

If I use VLAN10 instead of VLAN1, everything works fine. (I posted Master-Master and Master-Standby VRRP redundancy successful case using VLAN10 in previous post)

 

I am going to attach show log below. It seems that PAPI communication fails, even though two controllers are connected each other through VLAN1.

 

Aruba's sample configuration never use VLAN1 for actual controller-controller communication. Aruba sample config uses VLAN99, not VLAN1. Also Loopback should be defined as a endpoint of controller cimmunication.

 

I am fine how to fix this problem, just avoid using VLAN1. But I want to see Aruba's document why VLAN1 should not be used.

 

[Master-Master's show log all - from initial boot time]

 

May  3 03:23:49  ike[1338]: <103062> <INFO> |ike|  Starting cryptoPOST
May  3 03:23:51  fpapps[1406]: <315382> <CRIT> |fpapps|  Reboot Cause: User reboot.
May  3 03:23:51  fpapps[1406]: <315382> <CRIT> |fpapps|  Reboot Cause: User reboot.
May  3 03:23:52  isakmpd[1422]: <103061> <ERRS> |ike|  udp_make: setsockopt (-1, 65535, 4, 0x7f8aab40, 4)
May  3 03:23:52  isakmpd[1422]: <103061> <ERRS> |ike|  udp_make: setsockopt (-1, 65535, 4, 0x7f8aab40, 4)
May  3 03:23:52  isakmpd[1422]: <103061> <ERRS> |ike|  virtual_bind_ADDR_ANY: could not allocate default IPv6 ISAKMP port(s)
May  3 03:23:52  isakmpd[1422]: <103061> <ERRS> |ike|  virtual_bind_ADDR_ANY: could not allocate default IPv6 ISAKMP port(s)
May  3 03:23:55  KERNEL:     max_val[0] = a2c2a, max_val[others] = 3640e,
/////// Omit several KERNEL lines ///////

May  3 03:23:55  KERNEL: Aruba Networks
May  3 03:23:55  KERNEL: ArubaOS Version 5.0.4.6 (build 33270 / label #33270)
May  3 03:23:55  KERNEL: Built by p4build@corsica on 2012-04-13 at 07:05:48 PDT (gcc version 3.4.3)
May  3 03:23:55  KERNEL: ility-core init in kernel
May  3 03:23:55  KERNEL: klogd started: BusyBox v1.01 (2012.04.13-14:01+0000)
May  3 03:24:04  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 03:24:04  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 03:24:06  cts[1463]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:06  cts[1463]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:09  mobileip[1436]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:09  mobileip[1436]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:10  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 03:24:12  dbsync[1445]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:12  dbsync[1445]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:12  snmp[1439]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 03:24:12  snmp[1439]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 03:24:12  snmp[1441]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 03:24:12  snmp[1441]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 03:24:13  authmgr[1431]: PAPI RxPacket: ACK to invalid packet type 0x00000022
May  3 03:24:13  authmgr[1431]: PAPI RxPacket: ACK to invalid packet type 0x00000022
May  3 03:24:13  syslogdwrap[1401]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:13  syslogdwrap[1401]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 03:24:16  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 03:24:18  cli[1321]: PAPI_Send: To: 7f000001:8372 Type:0x4 Timed out.
May  3 03:24:18  fpapps[1406]: <313256> <WARN> |fpapps| Route resolve returned an Error
May  3 03:24:18  fpapps[1505]: <313328> <WARN> |fpapps|  vrrp: vrid "10" - VRRP state transitioned from INIT to BACKUP
May  3 03:24:18  httpd[1466]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 03:24:18  httpd[1466]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 03:24:20  publisher[1399]: <306510> <WARN> |publisher|  Dropping message from 8214 for service 'aaa-idle-user-timeout (service not found)'
May  3 03:24:22  KERNEL: 3:<4>process `snmpd' is using obsolete setsockopt SO_BSDCOMPAT
May  3 03:24:25  KERNEL: 1:<4>process `trapd' is using obsolete setsockopt SO_BSDCOMPAT
May  3 03:24:25  snmp[1441]: IP addr 0xa8001ce port 0
May  3 03:24:25  snmp[1441]: trapSrcIp 0x0
May  3 03:24:28  ads[1449]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 03:24:28  ads[1449]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 03:24:34  authmgr[1431]: <325022> <ERRS> |authmgr|  Bogus VLAN ID:4095 received.
May  3 03:24:34  authmgr[1431]: <325022> <ERRS> |authmgr|  Bogus VLAN ID:4095 received.
May  3 03:24:46  stm[1432]: <304001> <ERRS> |stm|  Unexpected stm (Station managment) runtime error at data_path_handler, 649, data_path_handler: recv - Network is down
May  3 03:24:46  stm[1432]: <304001> <ERRS> |stm|  Unexpected stm (Station managment) runtime error at data_path_handler, 649, data_path_handler: recv - Network is down
May  3 03:24:48  fpapps[1505]: <313328> <WARN> |fpapps|  vrrp: vrid "10" - VRRP state transitioned from BACKUP to MASTER
May  3 03:24:48  fpapps[1505]: <313331> <WARN> |fpapps|  VRRP: vrid "10" - Missed 3 Hello Advertisements from VRRP Master 172.200.1.206
May  3 03:25:22  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:25:22  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:25:58  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 03:25:58  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 03:26:50  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 03:26:50  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 03:26:54  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8345 failed, errno Connection timed out
May  3 03:26:54  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8345 failed, errno Connection timed out
May  3 03:26:54  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:26:54  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:28:14  cli[1321]: USER: admin has logged in using serial.
May  3 03:28:26  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:28:26  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:28:49  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:28:49  webui[1314]: USER: Error Executing the Command
May  3 03:28:53  cli[1321]: PAPI_Send: To: 7f000001:8222 Type:0x4 Timed out.
May  3 03:28:53  cli[1321]: USER:admin Error Executing the Command
May  3 03:29:49  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:29:49  webui[1314]: USER: Error Executing the Command
May  3 03:29:58  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:29:58  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:30:49  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:30:49  webui[1314]: USER: Error Executing the Command
May  3 03:31:30  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:31:30  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:31:49  webui[1314]: PAPI_Send: To: 7f000001:8224 Type:0x4 Timed out.
May  3 03:32:49  webui[1314]: PAPI_Send: To: 7f000001:8222 Type:0x4 Timed out.
May  3 03:32:49  webui[1314]: USER: Error Executing the Command
May  3 03:33:02  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:33:02  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:33:49  webui[1314]: PAPI_Send: To: 7f000001:8224 Type:0x4 Timed out.
May  3 03:34:34  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:34:34  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:34:50  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:34:50  webui[1314]: USER: Error Executing the Command
May  3 03:35:50  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:36:06  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:36:06  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:36:50  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:36:50  webui[1314]: USER: Error Executing the Command
May  3 03:37:38  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:37:38  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:37:50  webui[1314]: PAPI_Send: To: 7f000001:8224 Type:0x4 Timed out.
May  3 03:38:50  webui[1314]: PAPI_Send: To: 7f000001:8222 Type:0x4 Timed out.
May  3 03:38:50  webui[1314]: USER: Error Executing the Command
May  3 03:39:10  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:39:10  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:39:48  cli[1321]: PAPI_Send: To: 7f000001:8222 Type:0x4 Timed out.
May  3 03:39:48  cli[1321]: USER:admin Error Executing the Command
May  3 03:39:50  webui[1314]: PAPI_Send: To: 7f000001:8224 Type:0x4 Timed out.
May  3 03:39:50  webui[1314]: USER: Error Executing the Command
May  3 03:40:42  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:40:42  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:42:14  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:42:14  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:43:12  webui[1314]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 03:43:12  webui[1314]: USER: Error Executing the Command

 

 

In the log,

May  3 03:24:48  fpapps[1505]: <313331> <WARN> |fpapps|  VRRP: vrid "10" - Missed 3 Hello Advertisements from VRRP Master 172.200.1.206

is really strange. Because Master-Master's VLAN1 interface IP is 172.200.1.206. Therefore this Master-Master(perhaps VRRP IP 172.200.1.208) tried to receive VRRP Hello from himself, 172.200.1.206 .... I do not know why this only happens with VLAN1.

 

 

 

 

 

 

 

Guru Elite

Re: VLAN1 should not be used for Master-Master VRRP??

Turn authentication on, on the VRRP on both sides to make sure if you have a mystery VRRP or HSRP on your network, it is not bothering it.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: VLAN1 should not be used for Master-Master VRRP??

I added authentication for each VRRP 10 definition:

   Auth type PASSWORD, Auth data: ********

then rebooted Master-Master and Master-Standby.

 

Symptom was slightly changed.

 

WebUI through VRRP IP 172.200.1.208 - Became OK. (Previously NG)

WebUI to 172.200.1.206 (Master-Master) - Became OK. (Previously NG)

WebUI to 172.200.1.207 (Master-Standby) - Became NH (Previously OK)

show run at Master-Master became OK (Previously NG - Module STM is busy)

show run at Master-Standby became NG (Previously OK)

 

I still believe that VLAN1 is special and should not be used for Controller communication.

If I keep VLAN1 having initial IP 172.21.x.x. assigned and disabled,

and assign VLAN10 for controller-controller communication, everything worked fine.

 

Do you know why VLAN1 is so special?

 

Aruba Employee

Re: VLAN1 should not be used for Master-Master VRRP??

I use VLAN 1 for VRRP in my production master-standy and my lab master-standy setup and never saw a problem.

Re: VLAN1 should not be used for Master-Master VRRP??

There's nothing wrong with VLAN 1 conceptually in this scenario. A lot of security purists don't like the use of VLAN 1 on any network gear, but that's subjective.

 

Anyway, can you post your physical interface config, "show port status" outputs, "show arp" outputs, "show vlan" outputs please?

 

I've used VLAN 1 tons for VRRP. I've hit some bugs with it in advanced setups that the support guys resolved with updates. Need to see your outputs first to work out what's going on.

 

Thanks.

 

Kudos appreciated, but I'm not hunting! (ACMX 104)
Aruba Employee

Re: VLAN1 should not be used for Master-Master VRRP??

You're right about the purists, Racking Monkey.  I think it all goes back to Cisco always telling people to avoid using VLAN 1 on their switches, because Cisco  uses VLAN 1 for control plane traffic on their switches.  I have no idea if Aruba does that though.

Re: VLAN1 should not be used for Master-Master VRRP??

Bl**dy Cisco. LOL. Yeah, that's where it comes from. Even then though, it's nothing that worries me once you understand why they tow that line. Anyway....

 

AFAIK, Aruba is VLAN agnostic as it were in terms of specific numbers (quite right too). Can't remember any specific gotchas.

 

There's two typical stumbling blocks I've seen people hit.

 

1. Leaving the ports untrusted where the VRRP hellos come in/out. That will break it unless you put an ACL on the port (I had to write one once).

2. Overlapping VRRP IDs or IP conflicts. That tends to wreck it really quickly.

 

 

Kudos appreciated, but I'm not hunting! (ACMX 104)
Contributor II

Re: VLAN1 should not be used for Master-Master VRRP??

Hi The.racking.monkey and mike.j.gallagher,

 

I am going to attach outputs here.

I think this issue is "Master-Master redundancy" issue. In the beninning, I configured VRRP10 in VLAN1 and that was fine.

Afterwords, when I configured Master-Master redundancy over VRRP10, this symptom started.

 

Switch is Cisco 2960G and all port is default (VLAN1)

 

(Master-Master) #show run
Building Configuration...
Module STM is busy. Please try later ===> This is the symtom (1)

 

Another symptom is - 172.200.1.206 and 172.200.1.208 WebUI does not respond - process is very slow.

                                        172.200.1.207 WebUI is fine.

 

(Master-Master) #show port status

Port Status
-----------
Slot-Port  PortType  adminstate  operstate  poe      Trusted  SpanningTree  PortMode
---------  --------  ----------  ---------  ---      -------  ------------  --------
1/0        GE        Enabled     Up         Enabled  Yes      Forwarding    Access
1/1        GE        Enabled     Down       Enabled  Yes      Disabled      Access
1/2        GE        Enabled     Down       Enabled  Yes      Disabled      Access
1/3        GE        Enabled     Down       Enabled  Yes      Disabled      Access

(Master-Master) #show arp

Protocol        Address         Hardware Address        Interface
Internet        172.200.1.33     68:B5:99:F4:15:5D       vlan1
Internet        172.200.1.207    00:0B:86:6D:A5:EC       vlan1

(Master-Master) #show vlan

VLAN CONFIGURATION
------------------
VLAN  Description  Ports
----  -----------  -----
1     Default      GE1/0-3 Pc0-7

(Master-Master) #show crypto ipsec sa

IPSEC SA Active Session Information
-----------------------------------
Initiator IP     Responder IP      InitiatorID   ResponderID  Flags    Start Time      Inner IP
------------     ------------      -----------   -----------  ----------   ----------      --------
172.200.1.206     172.200.1.207       172.200.1.206/32 172.200.1.207/32  T    May  3 08:00:33     -
172.200.1.207     172.200.1.206       172.200.1.207/32 172.200.1.206/32  T    May  3 08:00:26     -

Flags: T = Tunnel Mode; E = Transport Mode; U = UDP Encap
       L = L2TP Tunnel; N = Nortel Client; C = Client

Total IPSEC SAs: 2

<<Comment - I think two ipsec tunnels between Master-Master and Master-Standby is not normal .. I think there should be only one ipsec sa>>

 

(Master-Master) #show vrrp


Virtual Router 10:
    Description
    Admin State UP, VR State MASTER
    IP Address 172.200.1.208, MAC Address 00:00:5e:00:01:0a, vlan 1
    Priority 110, Advertisement 1 sec, Preemption Enable
    Auth type NONE
    tracking type is master-up-time, duration 30 minutes, value 20
    tracked priority 130

 

(Master-Master) show log all

 

I think - key to resolve this problem is the log message:

May  3 08:00:05  fpapps[1505]: <313331> <WARN> |fpapps|  VRRP: vrid "10" - Missed 3 Hello Advertisements from VRRP Master 172.200.1.206

This is Master-Master, and Master-Master's VLAN1 interface is 172.200.1.206. Log above tried to receive Hello Advertisements from 172.200.1.206 - that is itself. At this time, Master-Master has VRRP IP Address 172.200.1.208. If Master-Master sends Hello Advertisement using IP 172.200.1.208 (VRRP IP) but expecting to receive Hello Advertisement from 172.200.1.206, this never happen.....

 

May  3 07:59:12  KERNEL: klogd started: BusyBox v1.01 (2012.04.13-14:01+0000)
May  3 07:59:21  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 07:59:21  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 07:59:22  syslogdwrap[1401]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:22  syslogdwrap[1401]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:23  cts[1462]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:23  cts[1462]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:27  mobileip[1436]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:27  mobileip[1436]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:27  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 07:59:29  dbsync[1444]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:29  dbsync[1444]: PAPI_Send: To: 7f000001:8226 Type:0x4 Timed out.
May  3 07:59:29  snmp[1441]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 07:59:29  snmp[1441]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 07:59:30  authmgr[1431]: PAPI RxPacket: ACK to invalid packet type 0x00000022
May  3 07:59:30  authmgr[1431]: PAPI RxPacket: ACK to invalid packet type 0x00000022
May  3 07:59:30  snmp[1440]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 07:59:30  snmp[1440]: PAPI_Send: To: 7f000001:8212 Type:0x4 Timed out.
May  3 07:59:33  nanny[1262]: PAPI_Send: To: 7f000001:8407 Type:0x4 Timed out.
May  3 07:59:34  httpd[1466]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 07:59:34  httpd[1466]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 07:59:35  fpapps[1406]: <313256> <WARN> |fpapps| Route resolve returned an Error
May  3 07:59:35  fpapps[1505]: <313328> <WARN> |fpapps|  vrrp: vrid "10" - VRRP state transitioned from INIT to BACKUP
May  3 07:59:37  cli[1321]: PAPI_Send: To: 7f000001:8372 Type:0x4 Timed out.
May  3 07:59:37  publisher[1399]: <306510> <WARN> |publisher|  Dropping message from 8214 for service 'aaa-idle-user-timeout (service not found)'
May  3 07:59:40  KERNEL: 0:<4>process `snmpd' is using obsolete setsockopt SO_BSDCOMPAT
May  3 07:59:44  KERNEL: 3:<4>process `trapd' is using obsolete setsockopt SO_BSDCOMPAT
May  3 07:59:44  snmp[1441]: IP addr 0xa8001ce port 0
May  3 07:59:44  snmp[1441]: trapSrcIp 0x0
May  3 07:59:45  ads[1450]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 07:59:45  ads[1450]: PAPI_Send: To: 7f000001:8214 Type:0x4 Timed out.
May  3 07:59:46  cli[1321]: PAPI_Send: To: 7f000001:8372 Type:0x4 Timed out.
May  3 07:59:50  authmgr[1431]: <325022> <ERRS> |authmgr|  Bogus VLAN ID:4095 received.
May  3 07:59:50  authmgr[1431]: <325022> <ERRS> |authmgr|  Bogus VLAN ID:4095 received.
May  3 08:00:03  stm[1432]: <304001> <ERRS> |stm|  Unexpected stm (Station managment) runtime error at data_path_handler, 649, data_path_handler: recv - Network is down
May  3 08:00:03  stm[1432]: <304001> <ERRS> |stm|  Unexpected stm (Station managment) runtime error at data_path_handler, 649, data_path_handler: recv - Network is down
May  3 08:00:05  fpapps[1406]: PAPI RxPacket: Timer already removed - could be a duplicate ACK
May  3 08:00:05  fpapps[1406]: PAPI RxPacket: Timer already removed - could be a duplicate ACK
May  3 08:00:05  fpapps[1505]: <313328> <WARN> |fpapps|  vrrp: vrid "10" - VRRP state transitioned from BACKUP to MASTER
May  3 08:00:05  fpapps[1505]: <313331> <WARN> |fpapps|  VRRP: vrid "10" - Missed 3 Hello Advertisements from VRRP Master 172.200.1.206
May  3 08:00:39  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:00:39  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:01:15  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 08:01:15  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 08:01:15  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8345 failed, errno Connection timed out
May  3 08:01:15  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8345 failed, errno Connection timed out
May  3 08:02:07  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 08:02:07  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8224 failed, errno Connection timed out
May  3 08:02:10  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8345 failed, errno Connection timed out
May  3 08:02:10  publisher[1399]: <306514> <ERRS> |publisher|  Pubsub send message code 0 source port 8378 to destination port 8345 failed, errno Connection timed out
May  3 08:02:11  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:02:11  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:46:39  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
/// Omitted same wms messages ///

May  3 08:48:11  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:48:11  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:49:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:49:41  webui[1312]: USER: Error Executing the Command
May  3 08:49:43  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:49:43  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:50:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:50:41  webui[1312]: USER: Error Executing the Command
May  3 08:51:15  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:51:15  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:51:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:52:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:52:41  webui[1312]: USER: Error Executing the Command
May  3 08:52:47  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:52:47  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:53:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:53:43  cli[1321]: USER: admin has logged in using serial.
May  3 08:54:19  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:54:19  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:54:23  cli[1321]: PAPI_Send: To: 7f000001:8222 Type:0x4 Timed out.
May  3 08:54:23  cli[1321]: USER:admin Error Executing the Command
May  3 08:54:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:54:41  webui[1312]: USER: Error Executing the Command
May  3 08:55:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:55:41  webui[1312]: USER: Error Executing the Command
May  3 08:55:51  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:55:51  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:56:41  webui[1312]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:57:23  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.
May  3 08:57:23  wms[1427]: PAPI_Send: To: 7f000001:8345 Type:0x4 Timed out.

(Master-Standby) #show port status

Port Status
-----------
Slot-Port  PortType  adminstate  operstate  poe      Trusted  SpanningTree  PortMode
---------  --------  ----------  ---------  ---      -------  ------------  --------
1/0        GE        Enabled     Up         Enabled  Yes      Disabled      Access
1/1        GE        Enabled     Down       Enabled  Yes      Disabled      Access
1/2        GE        Enabled     Down       Enabled  Yes      Disabled      Access
1/3        GE        Enabled     Down       Enabled  Yes      Disabled      Access

(Master-Standby) #show arp

Protocol        Address         Hardware Address        Interface
Internet        172.200.1.206    00:0B:86:6D:A6:98       vlan1
Internet        172.200.1.33     68:B5:99:F4:15:5D       vlan1

(Master-Standby) #show vlan

VLAN CONFIGURATION
------------------
VLAN  Description  Ports
----  -----------  -----
1     Default      GE1/0-3 Pc0-7

(Master-Standby) #show vrrp


Virtual Router 10:
    Description
    Admin State UP, VR State BACKUP
    IP Address 172.200.1.208, MAC Address 00:00:5e:00:01:0a, vlan 1
    Priority 100, Advertisement 1 sec, Preemption Enable
    Auth type NONE
    tracking type is master-up-time, duration 30 minutes, value 20
    tracked priority 100

(Master-Standby) #show crypto ipsec sa

IPSEC SA Active Session Information
-----------------------------------
Initiator IP     Responder IP      InitiatorID   ResponderID  Flags    Start Time      Inner IP
------------     ------------      -----------   -----------  ----------   ----------      --------
172.200.1.206     172.200.1.207       172.200.1.206/32 172.200.1.207/32  T    May  3 10:41:33     -
172.200.1.207     172.200.1.206       172.200.1.207/32 172.200.1.206/32  T    May  3 10:41:26     -

Flags: T = Tunnel Mode; E = Transport Mode; U = UDP Encap
       L = L2TP Tunnel; N = Nortel Client; C = Client

Total IPSEC SAs: 2

 

For comparison, I will change VLAN from VLAN1 to VLAN10 and post the same command outputs.

Re: VLAN1 should not be used for Master-Master VRRP??

Please post your physical interface commands/running config too.

Kudos appreciated, but I'm not hunting! (ACMX 104)

Re: VLAN1 should not be used for Master-Master VRRP??

Full config for both boxes excluding ACLs/roles etc. Starting at first physical port etc.

Kudos appreciated, but I'm not hunting! (ACMX 104)
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: