Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
30
Helpful
8
Replies

9800-40 to 4507 VSS failure over fiber

Go to solution
lcaruso
Level 6
Level 6

‎11-11-2022 07:30 PM

9800-40s running in any configuration (HA, Standalone) experience communication issues with directly connected 4507 VSS cores. I have TAC currently engaged but looking for inputs.

The 9800-40 fails to ping the directly connected SVI on the core and vice versa with multi-chassis LAG setup on the core.

If I remove all ports except one from the port channel on the core, then it works, and, if I add back second or more ports, it fails. 

I had originally deployed the VSS with split links model using RMI+RP and found failover malfunctioned because the standby always went into recovery because it could not ping the RMI gateway. So then I started to pare it down and identified a repeatable behavior.  I ended up with a stand-alone 9800 that could not ping its default gateway and vice versa. 

I have had several engineers validate the port channels configs on both ends. The behavior is occurring over a fiber connected 9800 and does not occur over a copper connected 9800. All SFPs are straight off the approved list for both the 9800s and the 4507s. 

Plan is to change ports and fibers next week but interfaces are running clean, so how to tell if this is fiber or SFP problem?

 

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
lcaruso
Level 6
Level 6
In response to MHM Cisco World

‎11-13-2022 08:43 AM

The 9800 side was just two ports in a single port channel with one each going to a different 4507 in VSS. It was the 4507 side that needed changing. Instead of one port channel on the VSS side (as with the Nexus switches), I had to split it up into two port channels. The model is called VSS with split links. I had assumed all links could reside in the same port channel but that was the configuration that was unstable. So port channel x has two ports, one on each 4507, coming from the primary 9800 and port channel y has two ports, one on each 4507, coming from the secondary 9800 in a RMI+RP setup. 

View solution in original post

8 Replies 8

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎11-11-2022 08:41 PM

@lcaruso wrote:
Plan is to change ports and fibers next week but interfaces are running clean, so how to tell if this is fiber or SFP problem?

Check for line errors at both ends.  

 

Go to solution
Arshad Safrulla
VIP Alumni
VIP Alumni

‎11-12-2022 04:26 AM

Are you sing DOM capable SFPs?  If yes, you may check the readings directly from the transceiver from the device. It is always recommended that you do a fluke test for the cables. You may also check the show interface from both WLC and the switch side.

From the switch side make sure that you don't use any native VLAN under the ports connecting to the WLC and make sure that all the VLANs allowed in the ports connecting to WLC and from WLC to Switch.

Refer the below link, as it has well summarized guide on how to build HA SSO.

Cisco 9800 RMI+RP High Availability Best Practice Configuration – How I WI-FI (howiwifi.com)

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

Go to solution
lcaruso
Level 6
Level 6
In response to Arshad Safrulla

‎11-12-2022 03:22 PM

Great tip on those DOM stats, thank you kindly!

Easy to prove fiber was in spec and all parms were within normal ranges. 

0 Helpful

Go to solution
marce1000
VIP
VIP

‎11-12-2022 07:29 AM

 

 - Speaking about  validating configs this is always useful :   Review the 9800-40   configuration with the CLI command : show  tech   wireless , have the output analyzed by  https://cway.cisco.com/tools/WirelessAnalyzer/  , please note do not use classical show tech-support (short version) , use the command denoted in green for Wireless Analyzer.               Checkout all advisories!

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Go to solution
marce1000
VIP
VIP

‎11-12-2022 07:36 AM

 

 - Check  this bug report too  : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve05543

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Go to solution
lcaruso
Level 6
Level 6

‎11-12-2022 03:27 PM

Thanks to all the nice ideas shared. I found the issue and corrected it, but not sure if this represents an unsupported configuration or a code issue. The workaround was to not have all four ports from the 9800s in the same port channel in multi-chassis LAG on the VSS core. When I changed the setup to two port channels on the core, it became immediately reliable. Fiber checked out. 

Go to solution
MHM Cisco World
VIP
VIP
In response to lcaruso

‎11-13-2022 01:21 AM

that interest, can you share final config of Port-channel in C9800?

0 Helpful

Go to solution
lcaruso
Level 6
Level 6
In response to MHM Cisco World

‎11-13-2022 08:43 AM

The 9800 side was just two ports in a single port channel with one each going to a different 4507 in VSS. It was the 4507 side that needed changing. Instead of one port channel on the VSS side (as with the Nexus switches), I had to split it up into two port channels. The model is called VSS with split links. I had assumed all links could reside in the same port channel but that was the configuration that was unstable. So port channel x has two ports, one on each 4507, coming from the primary 9800 and port channel y has two ports, one on each 4507, coming from the secondary 9800 in a RMI+RP setup. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card