cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1599
Views
5
Helpful
4
Replies

query vlan in cisco ACE

gavin han
Beginner
Beginner

I've configured query vlan FT internface as follow:

class-map type management match-any query_VLAN
  2 match protocol icmp any

policy-map type management first-match query_VLAN_MGT
  class query_VLAN
    permit


interface vlan 11
  description ##query vlan##
  ip address 192.30.3.196 255.255.255.252
  peer ip address 192.30.3.195 255.255.255.252
  access-group input ANY-ANY
  service-policy input query_VLAN_MGT
  no shutdown

ft interface vlan 10
  ip address 192.30.3.192 255.255.255.252
  peer ip address 192.30.3.191 255.255.255.252
  no shutdown

ft peer 1
  heartbeat interval 300
  heartbeat count 10
  ft-interface vlan 10
  query-interface vlan 11

and when I do "sh ft peer sum" I see following:

sh ft peer sum

Peer Id                      : 1
State                        : FSM_PEER_STATE_COMPATIBLE
Maintenance mode             : MAINT_MODE_OFF
FT Vlan                      : 10
FT Vlan IF State             : UP
My IP Addr                   : 192.30.3.191
Peer IP Addr                 : 192.30.3.192
Query Vlan                   : 11
Query Vlan IF State          : UP, Manual validation - please ping peer
Peer Query IP Addr           : 192.30.3.196
Heartbeat Interval           : 300
Heartbeat Count              : 10
SRG Compatibility            : COMPATIBLE
License Compatibility        : COMPATIBLE
FT Groups                    : 5

would you please advise why "Query Vlan IF State " is showing "Manual validation - please ping peer" do I need to configure anything else?

Thanks....

1 Accepted Solution

Accepted Solutions

Andrew Nam
Beginner
Beginner

You don't need to configure anything further. Your config looks good.

The query interface thing can be a bit misleading.  The ACE does not use the query interface until the FT vlan goes down. This is the reason why we added a etxt to request users to manually verify query interface is functioning properly as below :

"Manual validation - please ping peer"

So if you need to check if the query vlan is up, then manually ping the peer ip address. That's what the message means.

- Andrew

View solution in original post

4 Replies 4

Andrew Nam
Beginner
Beginner

You don't need to configure anything further. Your config looks good.

The query interface thing can be a bit misleading.  The ACE does not use the query interface until the FT vlan goes down. This is the reason why we added a etxt to request users to manually verify query interface is functioning properly as below :

"Manual validation - please ping peer"

So if you need to check if the query vlan is up, then manually ping the peer ip address. That's what the message means.

- Andrew

Thanks.

how do I test it to verify that query vlan is working fine as expected?

Gavin

You configured "Peer Query IP Address" with 192.30.3.196. So ping this ip address to see if you get replies. This is the address you configured to monitor.

-Andrew

Thanks Andrew,

but is there a way to test the failure of FT interface and see if query vlan works as expected and the ACE that was active earlier still stays active?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: