Discussion:
[c-nsp] svi autostate issue
Андрей Андреев
2011-12-15 09:06:01 UTC
Permalink
Hi list,

We have several catalyst 6500/sup720 12.2(18)SXF17 connected to l2 ring.
All vlans bound to MST0 instance.
One of switch has ring interface in BLK state, and other ring interface
in FWD state.

Several ring vlans has L3 SVI on that switch.

According to MSTP rule, when topology change occured switch temporary
block all l2 ports.
There is no L2 port in forwarding state so it put SVIs to DOWN state.
Then it move alternate BLK port into FWD state and put all SVI to UP state.

How can i disable svi autostate feature to avoid SVI flaps?
There is no such command in native IOS.

Thank you.


Andrey.

_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Peter Rathlev
2011-12-15 12:11:58 UTC
Permalink
Post by Андрей Андреев
How can i disable svi autostate feature to avoid SVI flaps?
There is no such command in native IOS.
AFAIK you cannot do this in native IOS for the Catalyst switches. CatOS
can do it and some routers can do it. Hopefully some day

What is your goal? There might be another way of accomplishing that.

If you need an interface that is always up, you can use a Loopback
interface. If you need a route to be active (and exported via e.g. BGP)
you can use a floating static route.
--
Peter


_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.neth
Андрей Андреев
2011-12-15 12:41:05 UTC
Permalink
Some SVI has OSPF adjacencies and some eBGP to clients.
In period of STP convergence SVI flaps and OSPF/BGP flaps too.
Post by Peter Rathlev
Post by Андрей Андреев
How can i disable svi autostate feature to avoid SVI flaps?
There is no such command in native IOS.
AFAIK you cannot do this in native IOS for the Catalyst switches. CatOS
can do it and some routers can do it. Hopefully some day
What is your goal? There might be another way of accomplishing that.
If you need an interface that is always up, you can use a Loopback
interface. If you need a route to be active (and exported via e.g. BGP)
you can use a floating static route.
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.net
Peter Rathlev
2011-12-15 17:45:37 UTC
Permalink
Post by Андрей Андреев
Some SVI has OSPF adjacencies and some eBGP to clients.
In period of STP convergence SVI flaps and OSPF/BGP flaps too.
And your STP convergence means that the line-protocol flaps, right? So
it's not the convergence time as such, but simply the fact that the
line-protocol flaps and that this is signalled to the routing processes.

I don't think there's a way to tell OSPF to wait for the usual timeouts
instead of reacting to link down, it's a link-state protocol after all.
But OSPF convergence can be fast too, so my main concern would by CPU
load from the churn.

I don't understand why eBGP would flap though. AFAIK, unless you enable
"neighbor n.n.n.n fall-over", it shouldn't tear down an eBGP session
just becase the line-protocol drops.

A dirty hack would be to use two physical interfaces and a looping cable
to always carry the VLAN(s).

If per-VLAN STP was a possibility, topology changes would at least only
affect the VLANs where it was relevant.

Or ask Cisco to implement "no autostate" on the 6500. :-)
--
Peter


_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp
Peter Rathlev
2011-12-15 19:37:59 UTC
Permalink
Post by Peter Rathlev
I don't understand why eBGP would flap though. AFAIK, unless you enable
"neighbor n.n.n.n fall-over", it shouldn't tear down an eBGP session
just becase the line-protocol drops.
Oh, eBGP. :-)

You can use "neighbor n.n.n.n disable-connected-check" to not have it
tear down an eBGP session on link flap. Timers or BFD would decide when
to tear the session down.
--
Peter


_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Андрей Андреев
2011-12-16 05:57:02 UTC
Permalink
I mean indirect ring link failure.

Assume Switch A (not STP root) detect ring interface DOWN.
Switch A send TCN bpdu on path to root, when root receive TCN bpdu it
send TCA bpdu to all ports.
Switch B (it has ospf and eBGP adjacencies) receive TCA bpdu and put all
not edge stp port on BLK state.
And autostate feature put SVI in DOWN state.
Then it start proposal/agreement procces to select new root port.
When the process finish Switch B unblock ports.
Post by Peter Rathlev
Post by Андрей Андреев
Some SVI has OSPF adjacencies and some eBGP to clients.
In period of STP convergence SVI flaps and OSPF/BGP flaps too.
And your STP convergence means that the line-protocol flaps, right? So
it's not the convergence time as such, but simply the fact that the
line-protocol flaps and that this is signalled to the routing processes.
I don't think there's a way to tell OSPF to wait for the usual timeouts
instead of reacting to link down, it's a link-state protocol after all.
But OSPF convergence can be fast too, so my main concern would by CPU
load from the churn.
I don't understand why eBGP would flap though. AFAIK, unless you enable
"neighbor n.n.n.n fall-over", it shouldn't tear down an eBGP session
just becase the line-protocol drops.
A dirty hack would be to use two physical interfaces and a looping cable
to always carry the VLAN(s).
If per-VLAN STP was a possibility, topology changes would at least only
affect the VLANs where it was relevant.
Or ask Cisco to implement "no autostate" on the 6500. :-)
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.

Andrew Hoyos
2011-12-15 16:51:03 UTC
Permalink
Post by Андрей Андреев
How can i disable svi autostate feature to avoid SVI flaps?
There is no such command in native IOS.
Try 'no autostate' on the SVI. It's not a documented command anywhere, think it might be hit or miss across code trains.

--
Andrew Hoyos
***@gmail.com




_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.ne
Loading...