Hi all, just wanted to mention that I solved this issue. It was the Switch eating up all Multicast packets. So, if someone runs into this issue and uses a 3Com hardware, you need to enable multicast on the Switch (Webinterface: Bridge => Multicast Filter => IGMP => Snoop Mode).
Cheers Tobias Tobias Orlamuende schrieb: > Hi, > > when running tshark as advised, I can only see packets originating the > physical IP going to 224.0.0.18 and no packets coming back. Is this the > right behaviour? > How common would it be, that a Layer2-Switch would block/discard > multicast if running in standard config? > > Cheers > > Tobias > > Stig Thormodsrud schrieb: >> Tobias, >> >> If both host think they're master that usually means either: >> >> 1) not seeing the other router's vrrp announcement >> 2) authentication doesn't match >> >> To verify that both routers are seeing the others announcement, your could >> run tshark on the router interface. For example: >> >> vDUT:~# tshark -i eth2 proto VRRP >> Running as user "root" and group "root". This could be dangerous. >> Capturing on eth2 >> 0.000000 172.16.139.16 -> 224.0.0.18 VRRP Announcement (v2) >> 1.003958 172.16.139.16 -> 224.0.0.18 VRRP Announcement (v2) >> >> If there is an authentication mismatch I think it will log a message. >> >> stig >> >>> Stig, >>> >>> thanks for the infos. >>> I tried the hack mentioned, which stopped the packet-loss. >>> But in "show vrrp" both servers display "State: Master"... :-( >>> I remember something that on certain implementations the highest/lowest >>> IP always becomes master. So I also tried to set vrrp priority on all >>> inter faces to 20 on R1 (lower IPs) and to 150 on R2 (higher IPs) but >>> with no success. >>> >>> I also made some tests and vrrp really seems to work since I can reboot >>> a router without loosing connection and/or packages, but this last issue >>> (which now seems to be cosmetic) still drives me crazy... >>> >>> Does anybody have further ideas or hints? >>> >>> TIA >>> Tobias >>> >>> Stig Thormodsrud schrieb: >>>> Tobias, >>>> >>>> The thread mentioned below will tell you how to hack the functionality >>>> into VC3. If you prefer not to hack you might consider trying out the >>>> Glendale alpha since it doesn't use the vmac in it's vrrp >>> implementation. >>>> It also supports multiple VIPs/group and multiple groups/interface and >>>> user feedback so far has been that the switchover times are faster. >>>> >>>> For Glendale see: >>>> >>>> http://mailman.vyatta.com/pipermail/vyatta-users/2008- >>> January/002966.html >>>> stig >>>> >>>>> This thread mentions the file to edit to disable vmac. >>>>> >>>>> >>>> http://www.mail-archive.com/vyatta- >>> [EMAIL PROTECTED]/msg00957.html >>>>> stig >>>>> >>>>> >>>>>> -----Original Message----- >>>>>> From: [EMAIL PROTECTED] [mailto:vyatta-users- >>>>>> [EMAIL PROTECTED] On Behalf Of Tobias Orlamuende >>>>>> Sent: Monday, February 25, 2008 9:44 AM >>>>>> To: [EMAIL PROTECTED] >>>>>> Subject: Re: [Vyatta-users] vrrp issues on VC3 >>>>>> >>>>>> Thanks for the answer. I|d love to trz but in VC3 there is no >>>>>> possibility. Seems we have to buy a subscription... >>>>>> Could somebody from Vyatta please confirm this (vrrp) issue? >>>>>> >>>>>> Cheers >>>>>> Tobias >>>>>> >>>>>> Justin Fletcher schrieb: >>>>>>> Some systems have issues with the virtual MAC addresses - try the >>>>>>> option to disable it. >>>>>>> >>>>>>> Best, >>>>>>> Justin >>>>>>> >>>>>>> On Mon, Feb 25, 2008 at 8:35 AM, Tobias Orlamuende >>>>>>> <[EMAIL PROTECTED]> wrote: >>>>>>>> Ken, >>>>>>>> >>>>>>>> You might have seen the vrrp priority of 150 for eth2 on R2 which >>>>> was >>>>>>>> just a test and replaced with 20 since a few days, but the >> problem >>>>>> still >>>>>>>> exists. >>>>>>>> >>>>>>>> Anyone else? ;-) >>>>>>>> >>>>>>>> Cheers >>>>>>>> Tobias >>>>>>>> >>>>>>>> Ken Rozinsky schrieb: >>>>>>>> >>>>>>>> >>>>>>>>> Hello, >>>>>>>> > >>>>>>>> > I'm in no way an expert but it looks to me like the priority on >>>>> both >>>>>>>> > your eth2 interfaces are set at 150. >>>>>>>> > setting the second to 20 might fix it for you. >>>>>>>> > >>>>>>>> > Regards, >>>>>>>> > Ken >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > Tobias Orlamuende wrote: >>>>>>>> >> Yes, all interfaces are GBit, but connected to a 100 MBit/s >>>>> switch. >>>>>>>> >> Interfaces are Intel 82571EB and 82573E/82573L >>>>>>>> >> /var/log/messages prints only errors like these ones: >>>>>>>> >> >>>>>>>> >> Feb 25 13:34:24 localhost kernel: ll header: >>>>>>>> >> ff:ff:ff:ff:ff:ff:00:00:5e:00:01:04:08:06 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: printk: 7 messages >>>> suppressed. >>>>>>>> >> Feb 25 13:35:25 localhost kernel: martian source 78.138.64.54 >>>>> from >>>>>>>> >> 78.138.64.71, on dev eth0 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: ll header: >>>>>>>> >> ff:ff:ff:ff:ff:ff:00:00:5e:00:01:04:08:06 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: martian source 78.138.64.54 >>>>> from >>>>>>>> >> 78.138.64.71, on dev eth2 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: ll header: >>>>>>>> >> ff:ff:ff:ff:ff:ff:00:00:5e:00:01:04:08:06 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: martian source 78.138.64.74 >>>>> from >>>>>>>> >> 78.138.64.71, on dev eth0 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: ll header: >>>>>>>> >> ff:ff:ff:ff:ff:ff:00:00:5e:00:01:04:08:06 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: martian source 78.138.64.74 >>>>> from >>>>>>>> >> 78.138.64.71, on dev eth2 >>>>>>>> >> Feb 25 13:35:25 localhost kernel: ll header: >>>>>>>> >> ff:ff:ff:ff:ff:ff:00:00:5e:00:01:04:08:06 >>>>>>>> >> >>>>>>>> >> Cheers >>>>>>>> >> >>>>>>>> >> Tobias >>>>>>>> >> >>>>>>>> >> Dave Strydom schrieb: >>>>>>>> >> >>>>>>>> >>> are all the interfaces 1000Mbit interfaces? >>>>>>>> >>> and >>>>>>>> >>> if you login to the routers as root, what do you have in >>>>>> /var/log/messages ? >>>>>>>> >>> >>>>>>>> >>> - Dave >>>>>>>> >>> >>>>>>>> >>> On Mon, Feb 25, 2008 at 12:54 PM, Tobias Orlamuende >>>>>>>> >>> <[EMAIL PROTECTED]> wrote: >>>>>>>> >>> >>>>>>>> >>>> Hi all, >>>>>>>> >>>> >>>>>>>> >>>> I set up 2 routers with VC3 and want them to do vrrp. Setup >>>> of >>>>>> vrrp was >>>>>>>> >>>> done exactly as described in the documentation. >>>>>>>> >>>> Unfortunately vrrp doesn't seem to work properly. On both >>>>>> routers vrrp >>>>>>>> >>>> seems to act as a master. When connecting to one of the >>>>> physical >>>>>>>> >>>> addresses of one of the routers, I get packetloss of about >>>>> 50%. >>>>>> The >>>>>>>> >>>> other router is fine as well as their virtual IP. >>>>>>>> >>>> >>>>>>>> >>>> My setup looks as follows: >>>>>>>> >>>> >>>>>>>> >>>> Upstream via a small transfer-net 83.220.149.16/29 (eth0) >>>>>>>> >>>> The following networks are received through this >>>> transfer-net: >>>>>>>> >>>> 194.8.86.0/24 (eth2) >>>>>>>> >>>> 78.138.64.0/25 (eth1) >>>>>>>> >>>> Default-route points to our upstream-provider's router >>>>>> (83.220.149.17) >>>>>>>> >>>> >>>>>>>> >>>> Router1: >>>>>>>> >>>> >>>>>>>> >>>> [EMAIL PROTECTED] show interfaces >>>>>>>> >>>> loopback lo { >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth0 { >>>>>>>> >>>> description: "upstream" >>>>>>>> >>>> hw-id: 00:15:17:39:b6:8a >>>>>>>> >>>> address 83.220.149.19 { >>>>>>>> >>>> prefix-length: 29 >>>>>>>> >>>> broadcast: 83.220.149.23 >>>>>>>> >>>> } >>>>>>>> >>>> vrrp { >>>>>>>> >>>> vrrp-group: 3 >>>>>>>> >>>> virtual-address: 83.220.149.18 >>>>>>>> >>>> authentication: "123456" >>>>>>>> >>>> priority: 150 >>>>>>>> >>>> } >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth1 { >>>>>>>> >>>> description: "old-PA" >>>>>>>> >>>> hw-id: 00:15:17:39:b6:8b >>>>>>>> >>>> address 78.138.64.71 { >>>>>>>> >>>> prefix-length: 25 >>>>>>>> >>>> broadcast: 78.138.64.127 >>>>>>>> >>>> } >>>>>>>> >>>> vrrp { >>>>>>>> >>>> vrrp-group: 4 >>>>>>>> >>>> virtual-address: 78.138.64.1 >>>>>>>> >>>> priority: 150 >>>>>>>> >>>> } >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth2 { >>>>>>>> >>>> description: "old-local" >>>>>>>> >>>> hw-id: 00:30:48:91:96:06 >>>>>>>> >>>> address 194.8.86.1 { >>>>>>>> >>>> prefix-length: 24 >>>>>>>> >>>> broadcast: 194.8.86.255 >>>>>>>> >>>> } >>>>>>>> >>>> vrrp { >>>>>>>> >>>> vrrp-group: 2 >>>>>>>> >>>> virtual-address: 194.8.86.254 >>>>>>>> >>>> priority: 150 >>>>>>>> >>>> } >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth3 { >>>>>>>> >>>> hw-id: 00:30:48:91:96:07 >>>>>>>> >>>> } >>>>>>>> >>>> >>>>>>>> >>>> [edit] >>>>>>>> >>>> >>>>>>>> >>>> [EMAIL PROTECTED]> show vrrp >>>>>>>> >>>> Physical interface: eth0, Address: 83.220.149.19 >>>>>>>> >>>> Interface state: up, Group: 3, State: master >>>>>>>> >>>> Priority: 150, Advertisement interval: 1s, Authentication >>>>>> type: simple >>>>>>>> >>>> Preempt: yes, VIP count: 1, VIP: 83.220.149.18 >>>>>>>> >>>> Advertisement timer: 3310s, Master router: 83.220.149.19 >>>>>>>> >>>> Virtual MAC: 00:00:5E:00:01:03 >>>>>>>> >>>> >>>>>>>> >>>> Physical interface: eth1, Address: 78.138.64.71 >>>>>>>> >>>> Interface state: up, Group: 4, State: master >>>>>>>> >>>> Priority: 150, Advertisement interval: 1s, Authentication >>>>>> type: none >>>>>>>> >>>> Preempt: yes, VIP count: 1, VIP: 78.138.64.1 >>>>>>>> >>>> Advertisement timer: 3310s, Master router: 78.138.64.71 >>>>>>>> >>>> Virtual MAC: 00:00:5E:00:01:04 >>>>>>>> >>>> >>>>>>>> >>>> Physical interface: eth2, Address: 194.8.86.1 >>>>>>>> >>>> Interface state: up, Group: 2, State: master >>>>>>>> >>>> Priority: 150, Advertisement interval: 1s, Authentication >>>>>> type: none >>>>>>>> >>>> Preempt: yes, VIP count: 1, VIP: 194.8.86.254 >>>>>>>> >>>> Advertisement timer: 3310s, Master router: 194.8.86.1 >>>>>>>> >>>> Virtual MAC: 00:00:5E:00:01:02 >>>>>>>> >>>> >>>>>>>> >>>> Router2: >>>>>>>> >>>> >>>>>>>> >>>> [EMAIL PROTECTED] show interfaces >>>>>>>> >>>> >>>>>>>> >>>> loopback lo { >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth0 { >>>>>>>> >>>> description: "upstream" >>>>>>>> >>>> hw-id: 00:15:17:39:b2:8c >>>>>>>> >>>> address 83.220.149.20 { >>>>>>>> >>>> prefix-length: 29 >>>>>>>> >>>> broadcast: 83.220.149.20 >>>>>>>> >>>> } >>>>>>>> >>>> vrrp { >>>>>>>> >>>> vrrp-group: 3 >>>>>>>> >>>> virtual-address: 83.220.149.18 >>>>>>>> >>>> authentication: "123456" >>>>>>>> >>>> priority: 20 >>>>>>>> >>>> } >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth1 { >>>>>>>> >>>> description: "old-PA" >>>>>>>> >>>> hw-id: 00:15:17:39:b2:8d >>>>>>>> >>>> address 78.138.64.72 { >>>>>>>> >>>> prefix-length: 25 >>>>>>>> >>>> broadcast: 78.138.64.127 >>>>>>>> >>>> } >>>>>>>> >>>> vrrp { >>>>>>>> >>>> vrrp-group: 4 >>>>>>>> >>>> virtual-address: 78.138.64.1 >>>>>>>> >>>> priority: 20 >>>>>>>> >>>> } >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth2 { >>>>>>>> >>>> description: "local" >>>>>>>> >>>> hw-id: 00:30:48:91:90:ee >>>>>>>> >>>> address 194.8.86.2 { >>>>>>>> >>>> prefix-length: 24 >>>>>>>> >>>> broadcast: 194.8.86.255 >>>>>>>> >>>> } >>>>>>>> >>>> vrrp { >>>>>>>> >>>> vrrp-group: 2 >>>>>>>> >>>> virtual-address: 194.8.86.254 >>>>>>>> >>>> priority: 150 >>>>>>>> >>>> } >>>>>>>> >>>> } >>>>>>>> >>>> ethernet eth3 { >>>>>>>> >>>> hw-id: 00:30:48:91:90:ef >>>>>>>> >>>> } >>>>>>>> >>>> >>>>>>>> >>>> [edit] >>>>>>>> >>>> >>>>>>>> >>>> [EMAIL PROTECTED]> show vrrp >>>>>>>> >>>> Physical interface: eth0, Address: 83.220.149.20 >>>>>>>> >>>> Interface state: up, Group: 3, State: master >>>>>>>> >>>> Priority: 20, Advertisement interval: 1s, Authentication >>>>> type: >>>>>> simple >>>>>>>> >>>> Preempt: yes, VIP count: 1, VIP: 83.220.149.18 >>>>>>>> >>>> Advertisement timer: 526s, Master router: 83.220.149.20 >>>>>>>> >>>> Virtual MAC: 00:00:5E:00:01:03 >>>>>>>> >>>> >>>>>>>> >>>> Physical interface: eth1, Address: 78.138.64.72 >>>>>>>> >>>> Interface state: up, Group: 4, State: master >>>>>>>> >>>> Priority: 20, Advertisement interval: 1s, Authentication >>>>> type: >>>>>> none >>>>>>>> >>>> Preempt: yes, VIP count: 1, VIP: 78.138.64.1 >>>>>>>> >>>> Advertisement timer: 526s, Master router: 78.138.64.72 >>>>>>>> >>>> Virtual MAC: 00:00:5E:00:01:04 >>>>>>>> >>>> >>>>>>>> >>>> Physical interface: eth2, Address: 194.8.86.2 >>>>>>>> >>>> Interface state: up, Group: 2, State: master >>>>>>>> >>>> Priority: 20, Advertisement interval: 1s, Authentication >>>>> type: >>>>>> none >>>>>>>> >>>> Preempt: yes, VIP count: 1, VIP: 194.8.86.254 >>>>>>>> >>>> Advertisement timer: 526s, Master router: 194.8.86.2 >>>>>>>> >>>> Virtual MAC: 00:00:5E:00:01:02 >>>>>>>> >>>> >>>>>>>> >>>> Does anybody have an idea what is going wrong here or where >>>> to >>>>>> have a >>>>>>>> >>>> closer look for fixing it? >>>>>>>> >>>> >>>>>>>> >>>> Thanks in advance! >>>>>>>> >>>> Greetings >>>>>>>> >>>> Tobias >>>>>>>> >>>> >>>>>>>> >>>> -- >>>>>>>> >>>> Mit freundlichen Gruessen / kind regards >>>>>>>> >>>> >>>>>>>> >>>> Tobias Orlamünde >>>>>>>> >>>> >>>>>>>> >>>> Emporis GmbH >>>>>>>> >>>> Robert-Bosch-Strasse 7 >>>>>>>> >>>> D-64293 Darmstadt >>>>>>>> >>>> Germany >>>>>>>> >>>> >>>>>>>> >>>> Tel +49(0)6151 500170 >>>>>>>> >>>> Fax +49(0)6151 5001799 >>>>>>>> >>>> E-Mail [EMAIL PROTECTED] >>>>>>>> >>>> http://corporate.emporis.com >>>>>>>> >>>> >>>>>>>> >>>> [Emporis is one of the world's leading providers of >>>> building- >>>>>> related >>>>>>>> >>>> information] >>>>>>>> >>>> _______________________________________________ >>>>>>>> >>>> Vyatta-users mailing list >>>>>>>> >>>> Vyatta-users@mailman.vyatta.com >>>>>>>> >>>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>>>>>> >>>> >>>>>>>> >>>> >>>>>>>> >>> _______________________________________________ >>>>>>>> >>> Vyatta-users mailing list >>>>>>>> >>> Vyatta-users@mailman.vyatta.com >>>>>>>> >>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>>>>>> >>> >>>>>>>> >> >>>>>>>> > >>>>>>>> > _______________________________________________ >>>>>>>> > Vyatta-users mailing list >>>>>>>> > Vyatta-users@mailman.vyatta.com >>>>>>>> > http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>>>>>> >>>>>>>> -- >>>>>>>> >>>>>>>> >>>>>>>> Mit freundlichen Gruessen / kind regards >>>>>>>> >>>>>>>> Tobias Orlamünde >>>>>>>> >>>>>>>> Emporis GmbH >>>>>>>> Robert-Bosch-Strasse 7 >>>>>>>> D-64293 Darmstadt >>>>>>>> Germany >>>>>>>> >>>>>>>> Tel +49(0)6151 500170 >>>>>>>> Fax +49(0)6151 5001799 >>>>>>>> E-Mail [EMAIL PROTECTED] >>>>>>>> http://corporate.emporis.com >>>>>>>> >>>>>>>> [Emporis is one of the world's leading providers of >>>> building-related >>>>>>>> information] >>>>>>>> _______________________________________________ >>>>>>>> Vyatta-users mailing list >>>>>>>> Vyatta-users@mailman.vyatta.com >>>>>>>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> Vyatta-users mailing list >>>>>>> Vyatta-users@mailman.vyatta.com >>>>>>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>>>> -- >>>>>> Mit freundlichen Gruessen / kind regards >>>>>> >>>>>> Tobias Orlamünde >>>>>> >>>>>> Emporis GmbH >>>>>> Robert-Bosch-Strasse 7 >>>>>> D-64293 Darmstadt >>>>>> Germany >>>>>> >>>>>> Tel +49(0)6151 500170 >>>>>> Fax +49(0)6151 5001799 >>>>>> E-Mail [EMAIL PROTECTED] >>>>>> http://corporate.emporis.com >>>>>> >>>>>> [Emporis is one of the world's leading providers of building-related >>>>>> information] >>>>>> _______________________________________________ >>>>>> Vyatta-users mailing list >>>>>> Vyatta-users@mailman.vyatta.com >>>>>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>>> _______________________________________________ >>>>> Vyatta-users mailing list >>>>> Vyatta-users@mailman.vyatta.com >>>>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>>> _______________________________________________ >>>> Vyatta-users mailing list >>>> Vyatta-users@mailman.vyatta.com >>>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >>> -- >>> Mit freundlichen Gruessen / kind regards >>> >>> Tobias Orlamünde >>> >>> Emporis GmbH >>> Robert-Bosch-Strasse 7 >>> D-64293 Darmstadt >>> Germany >>> >>> Tel +49(0)6151 500170 >>> Fax +49(0)6151 5001799 >>> E-Mail [EMAIL PROTECTED] >>> http://corporate.emporis.com >>> >>> [Emporis is one of the world's leading providers of building-related >>> information] >>> _______________________________________________ >>> Vyatta-users mailing list >>> Vyatta-users@mailman.vyatta.com >>> http://mailman.vyatta.com/mailman/listinfo/vyatta-users >> _______________________________________________ >> Vyatta-users mailing list >> Vyatta-users@mailman.vyatta.com >> http://mailman.vyatta.com/mailman/listinfo/vyatta-users > -- Mit freundlichen Gruessen / kind regards Tobias Orlamünde Emporis GmbH Robert-Bosch-Strasse 7 D-64293 Darmstadt Germany Tel +49(0)6151 500170 Fax +49(0)6151 5001799 E-Mail [EMAIL PROTECTED] http://corporate.emporis.com [Emporis is one of the world's leading providers of building-related information] _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
