本帖最后由 xupeng 于 2018-5-17 22:42 编辑 故障描述:
-6509为4引擎VSS 与 N7K full-mesh连接, 使用port-channel 3层口建ospf邻居. N7K之间也是port-channel 3层口建ospf邻居
-6509 VSS在switchover时, 发现从测试PC去往N7K后面的网段有7-8个icmp timeout. 显示目标地址不可达
测试结果:
-经过测试,发现在故障发生时, 从N7K ping 6509, 显示no route, 通过show ip ospf nei / sh ip route ospf, 可以看到ospf的邻居down, 没有ospf的路由.
-ospf邻居建立完成后, 数据包才恢复正常.
-然而在6500的ospf进程下已经配置了nsf (non-stop forwarding). 理论上配置了nsf后, 6500做引擎的切换,不会导致ospf邻居down并且丢包. 从测试结果显示nsf没有生效.
什么是NSF?
============
NSF Overview:
Cisco NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover. With Cisco NSF, peer networking devices do not experience routing flaps. Data traffic is forwarded through intelligent line cards while the standby RP assumes control from the failed active RP during a switchover. The ability of line cards to remain up through a switchover and to be kept current with the Forwarding Information Base (FIB) on the active RP is key to Cisco NSF operation.
以下的文档解释了为何nsf没生效, 因为N7k 只支持nsf ietf, 而6500默认的nsf是nsf cisco, 需要手动再6500配置成nsf ietf才能与N7k联动:
N7K document: Guidelines and Limitations for OSPFv2
OSPFv2 has the following configuration guidelines and limitations:
The Cisco Nexus 7000 supports the Internet Engineering Task Force (IETF) version only. As a result, NSF IETF
must be explicitly configured under the routing protocols in the Virtual Switching System (VSS).
No additional configuration is required on the Cisco Nexus 7000 pairs because they run NSF IETF graceful-restart by default. However, each neighbor device that will become Layer 3 adjacent must have NSF configured and the same mode of NSF must be enabled to successfully operate a graceful failover.
在6500通过命令行修改NSF版本:
VSS(config-router)#nsf ?
cisco Cisco Non-stop forwarding
ietf IETF graceful restart
6500 NSF ietf:
VSS#sh ip ospf nsf
Routing Process "ospf 1"
IETF Non-Stop Forwarding enabled
restart-interval limit: 120 sec, last IETF NSF restart 00:20:16 ago (took 24 secs)
IETF NSF helper support enabled
Cisco NSF helper support enabled
OSPF restart state is NO_RESTART
Handle 2162698, Router ID 10.111.0.3, checkpoint Router ID 0.0.0.0
Config wait timer interval 10, timer not running
Dbase wait timer interval 120, timer not running
6500 NSF cisco:
VSS#sh ip ospf nsf
Routing Process "ospf 1"
Non-Stop Forwarding enabled, last NSF restart 00:22:13 ago (took 24 secs)
IETF NSF helper support enabled
Cisco NSF helper support enabled
OSPF restart state is NO_RESTART
Handle 2162698, Router ID 10.111.0.3, checkpoint Router ID 0.0.0.0
Config wait timer interval 10, timer not running
Dbase wait timer interval 120, timer not running
========================
========================