[IAG] After IAG is deployed in active/standby mode and the connected switch is switched, the active IAG is still receiving data packets
Problem Description
Active/standby IAG switches (IAG1 is only connected to switch 1, IAG2 is only connected to switch 2, and the two switches have the same configuration) After the active IAG fails, the line is switched, but the active IAG is still receiving packets, resulting in some packets being sent to the active IAG without any return packets.
Effective troubleshooting steps
- Check the customer's network topology as follows. The two switches have the same configuration, but are not stacked.
- After communication and checking, it was found that the switch had been sending data packets to the main IAG because the ARP of the switch had not aged. However, the main IAG had stopped running services due to the active-standby switch.
- For this situation, you can configure stacking configuration on the switch to combine the two switches into one logical unit; for optimization on the IAG, you can configure the monitoring network port power failure configuration, and when the master and standby switches, the service is also interrupted, waiting for the switch ARP aging switch
Root cause
Due to the long aging time of the switch ARP table, the switch was not switched and the MAC address of the main IAG was learned. Data packets were sent to the main IAG.
solution
Enable the power-off configuration of the monitoring network port on the IAG to give the switch enough time to react to the switchover. However, if this configuration is enabled, services will be interrupted during the active/standby switchover.
Make adjustments on the switch and modify the switch ARP table aging configuration
Original Link
https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=26636&isOpen=true