Solved: Cisco 4500x in VSS stack and Microsoft NLB

Fellmerex3 · ‎07-21-2017

Hello all !

I have microsoft NLB cluster configured in multicast mode.
I have a VSS with two 4500x, 2 stacks of 2xCisco 2960x (2 nodes, LACP) are connected to it.
After setting up the VSS, he noticed that the user's mailbox did not open the mail, on a closer look saw that some users had access to the NLB address and some did not.

If i shut standby node, everything ok, i can ping NLB cluster address.

if i unplug 2 cables going from Cisco 2960x stack's to standby node vss stack, everything ok, i can ping NLB cluster address.

For test i connected another 2960x standalone switch to the standby 4500x and saw that the no pings to the NLB address, but i can ping all nodes NLB cluster.

Now standby node powerred off and we work on active node.

Who faced this problem ?

Why is the traffic not traversing the the VSL link i.e. PC -> VSS Node 2 -> VSL -> VSS Node1 -> Server ?

i install latest 03.09.02.E software on 2 nodes

active :

Version 03.09.02.E RELEASE SOFTWARE (fc4)

ROM: 15.0(1r)SG11

on standby

Version 03.09.02.E RELEASE SOFTWARE (fc4)

ROM: 15.0(1r)SG12

Fellmerex3 · ‎11-13-2017

I found the solution myself but forgot to write about it on the forum. The problem was not in the setup of the VSS stack and other hardware, but in the firmware bug Version 03.09.02.E RELEASE SOFTWARE (fc4).

Link to bug : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd69060

Symptom:

Packets sent via Standby VSS are not reachoing the NLB server

Conditions:
This is seen in VSS setup, where Standby VSS forwards the packets to Active VSS
so that the Active VSS CPU takes the forwarding decision to reach NLB server

After updating the firmware of the stack to version 3.10.0E (cat4500e-universalk9.SPA.03.10.00.E.152-6.E.bin) it all worked :)

View solution in original post

Reza Sharifi · ‎07-21-2017

Hi,

When VSS (both chassis) are up and running, can you post the output of the following show commands?

sh redun

sh switch virtual

sh switch virtual role

HTH

Fellmerex3 · ‎07-22-2017

Hi Reza, yes i can. Now all VSS stack nodes is powered up, but i only plug cables going from Cisco 2960x Stacks to 4500x VSS active node.

All cables unplugged from standby node, without test 2960x. From it I check the availability of NLB address.

show redundancy

Redundant System Information :

------------------------------
Available system uptime = 1 week, 6 days, 12 hours, 57 minutes
Switchovers system experienced = 0
Standby failures = 2
Last switchover reason = none

Hardware Mode = Duplex
Configured Redundancy Mode = Stateful Switchover
Operating Redundancy Mode = Stateful Switchover
Maintenance Mode = Disabled
Communications = Up

Current Processor Information :
------------------------------
Active Location = slot 1/1
Current Software state = ACTIVE
Uptime in current state = 1 week, 6 days, 12 hours, 55 minutes
Image Version = Cisco IOS Software, IOS-XE Software, Catalyst 4 500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.09.02.E RELEASE SOF TWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Mon 01-May-17 02:17 by prod
Configuration register = 0x2101

Peer Processor Information :
------------------------------
Standby Location = slot 2/1
Current Software state = STANDBY HOT
Uptime in current state = 6 days, 10 hours, 26 minutes
Image Version = Cisco IOS Software, IOS-XE Software, Catalyst 4 500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.09.02.E RELEASE SOF TWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Mon 01-May-17 02:17 by pr
Configuration register = 0x2101

show switch virtual

Executing the command on VSS member switch role = VSS Active, id = 1

Switch mode : Virtual Switch
Virtual switch domain number : 1
Local switch number : 1
Local switch operational role: Virtual Switch Active
Peer switch number : 2
Peer switch operational role : Virtual Switch Standby

Executing the command on VSS member switch role = VSS Standby, id = 2

Switch mode : Virtual Switch
Virtual switch domain number : 1
Local switch number : 2
Local switch operational role: Virtual Switch Standby
Peer switch number : 1
Peer switch operational role : Virtual Switch Active

show switch virtual role

Executing the command on VSS member switch role = VSS Active, id = 1

RRP information for Instance 1

--------------------------------------------------------------------
Valid Flags Peer Preferred Reserved
Count Peer Peer

--------------------------------------------------------------------
TRUE V 1 1 1

Switch Switch Status Preempt Priority Role Local Remote
Number Oper(Conf) Oper(Conf) SID SID
--------------------------------------------------------------------
LOCAL 1 UP FALSE(N ) 110(110) ACTIVE 0 0
REMOTE 2 UP FALSE(N ) 100(100) STANDBY 3107 4581

Peer 0 represents the local switch

Flags : V - Valid
In dual-active recovery mode: No