SNMP IN Admin and User Context

gopi_sivam · ‎08-06-2012

Hi Guys,

I have a issue in ACE context , while discovering the each context separately . I have 4 user context and one admin context in HA mode , when i tried to discover the contexts independently , with the interface vlan ip configured in my NMS tool ( HP NNMI ) . It shows error message as duplicate device is discovered and it delete the existing other context that it discovered already in the same box .i tried lot of option and i held up on it .

When the admin context is discovered , i tried to generate the trap and check by shut the physical interface . But still i am awaiting for the trap to hit my tool . In user context , snmp traps works fine for rserver , serverfarm , interface vlan . configuration is same in both user and admin context . Required MIBS uploaded in NMS .

Regards ., Gopinath Vedagiri

sivaksiv · ‎08-06-2012

Hi,

I'm afraid this is supported on ACE. To get SNMP traps from each context , we will need to have a Management interface in each context, trap can ONLY be sent using the user context IP address and cannot be sent through Admin context IP address.

Regards,
Siva

gopi_sivam · ‎08-07-2012

Hi SIva ,

We are using the Vlan Interface ip to discover it in NMS . Separate management interface is there in ACE to configure the management ip ?

sivaksiv · ‎08-09-2012

Hi Gopinath,

Do you have vlan interface in each context to manage via NMS or just Admin? If not have a vlan in each context so it can be managed from NMS similar to you have in Admin.

-

Siva

gopi_sivam · ‎08-14-2012

Hi all ,

The issue is NMS tracking mac address for interface vlans in each context . so , when the mac address is found same in bettween context for interface vlan that deletes it from NMS . I used the mac-address autogenerate command in interface vlan in all the context to auto generate the mac address to solve the issue , and its worked i expected .

MY questiion is any other way is there , to generate the mac address that should be unique from all the interface vlan in all the context .

Gopinath Vedagiri

sivaksiv · ‎08-14-2012

Hi Gopinath,

Glad you got this resolved and it happens to be the NMS tracking MAC address of interface.

Here is the information about ACE mac-address aloocation:

By default, the bank of MAC addresses that the ACE uses is randomly selected at boot time. However, if you configure two ACE appliances in the same Layer 2 network and they are using shared VLANs, the ACEs may select the same address bank, which results in the use of the same MAC addresses.

This design will work fine when there is only a single ACE on a shared VLAN, adding a redundant ACE could lead to communication problems due to duplicate MAC addresses being use. This will happen if more than one ACE on the shared VLAN randomly selects the same Host ID when they boot up. This will cause them to use the same bank of MAC addresses for their shared VLAN interfaces.

For example, If both ACE appliances booted up and selected Host ID 4, then they would both use the same bank of MAC addresses.

To avoid this conflict, you must configure the bank that the ACEs will use.

To configure a specific bank of MAC addresses for an ACE, use the shared-vlan-hostid command in configuration mode in the Admin context. The syntax for this command is as follows:

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/configuration/routing_bridging/guide/vlansif.html#wp1053891

About VLANs and its mac-addresses, in most scenarios, using the same burned-in MAC address for multiple non-shared VLAN interfaces on the ACE does not present a problem. However, the ACE can be configured to use one
of the MAC addresses from the selected bank for the physical interfaces.

This is accomplished with the mac-address autogenerate interface configuration command.

For example:

I have this in my ACE:

vlan112 is up, administratively up
Hardware type is VLAN
MAC address is 00:23:8b:03:72:4c

Then, I applied the command "mac-address autogenerate":

interface vlan 112
ip address 10.198.16.90 255.255.255.192
peer ip address 10.198.16.91 255.255.255.192
mac-address autogenerate -------------------------> Here
access-group input Allow
service-policy input NSS_MGMT
no shutdown

This is the result:

vlan112 is up, administratively up
Hardware type is VLAN
MAC address is 00:12:43:dc:77:00

Regards,
Siva

gopi_sivam · ‎08-15-2012

Hi Shiva ,

Thanks for ur response .

I have some questions on the Implemention part of this configuration :

1. Assume I have 5 Contexts in the Primary and also 5 Contexts in Secondary ACE they are in HA Mode and each context is having 2 vlans in it . when i execute the command mac-address autogenerate in all the Primary ACE context interface vlans , so the configuration will get replicate to secondary ace . Is the Mac Address would be same in both the ACE in interface vlans at context level ?

2. IF i use the shared-vlan-hostid 4 command and it contains 1024 mac address in it pool , so i am using so many VIPs and interface ips , rservers . what happens when that mac address pool is full ?

Regards,

Gopinath Vedagiri

sivaksiv · ‎08-15-2012

Hi Gopinadh,

Like I said if both ACE appliances booted up and selected Host ID 4, then they would both use the same bank of MAC addresses and end up using same mac-address on both vlan.

Only interface vlan's get the mac-address allocated and as per document you can only configure 1024 shared VLAN's.

For VIP's, alias and NAT we use virtual mac and allocated in the following format.

00.0b.fc.fe.1b.

Rservers have their own mac address dynamically learnt by ACE and not allocated by ACE.

Regards,

Siva