[case] Load balancing by static routes on switch causes drop packets periodically Highlighted

Latest reply: Nov 9, 2018 09:15:31 321 2 2 0
Topology shows as below:
topology

spine1 and spine2 connect to sw1 with two links respectively,and both of them configured with static route next-hop towards to sw1.
when trying ping server1 from server2,we find every four packets with one timeout.As shown in the picture.
phenomenon

checking routing-table on the serverleaf:
routing-table
according to the output information above,there are two route paths towarding to 192.168.200.0/24,both of them learns from OSPF,and next-hop are spine1 and spine2 respectively.


checking route information on spine1 and spine2
spine1spine2

according to the output information,there are two routes towards to 192.168.200.0/24 on spine1,and only one route towards to 192.168.200.0/24 on spine2.This does not match the expectations.

checking configuration on spine1 and spine2
conf_spine1conf_spin2

with the output information,we can learn that command
ip route-static 192.168.200.0 255.255.255.0 192.168.1.13
doesn't take effect.Preliminary judgment that there is a link between Spine2 and SW1 is faulty.

checking interface status on spine2
interface_spine2

interface g1/0/1 is in down state,it may caused by link failure between spine2 and sw1


checking information on sw1
interface1_sw1interface2_sw1

from the output information,we find something stange,interface g0/0/4 is in down state,but the route path towards to the 192.168.1.14 still exists in the routing-table,which should be baned because of the link failure.

with further inspection,or more observant,we can find that the output interface of route path which towards to 192.168.1.14 is vlan21.
Interface vlan21 should be in down state because of the link failure,but it is up,so there must be more interface that allows vlan 21 passing through and they must be in up state.

checking vlan 21 on sw1
vlan

from the output,interface g0/0/5 allows vlan 21 passing through,and it is up,this results in interface vlan21 doesn't turn to down when interface g0/0/4 turns to down state.


Static route wouldn't inspect if the next-hop is accessible,whether the static route are enabled is based on the state of the layer 3 interface that it associated with.

When switch connectes to other layer 3 devices with vlan interface,and configures static route with next-hop but assign none output interface,this may lead to corresponding route not been removed from routing-table because vlan interface is in up state.
So,when configuring static route,we'd better assign next-hop and output interface both,if the more sensitive demands are required,it's better to implement BFD or NQA monitoring the link state.

Tips: 
1.if two switches connecte to each other with vlan interface,which contains more than one physical link,with one of the physical link failure,it wouldn't results in next-hop unreachable,because the other link will share the traffic.
2.when switch configured with load-balance per packet,it will lead to phenomenon described in this case, if switch configured with load-balance per flow,it will result in some services normal and other abnoraml.

If you guys find any errors in this post,plz figure it out,and it's pleasure to see you sharing your thoughts~ [case] Load balancing by static routes on switch causes drop packets periodically-2790543-12

This article contains more resources

You need to log in to download or view. No account?Register

x
  • x
  • convention:

Torrent Created Nov 6, 2018 11:24:27 Helpful(1) Helpful(1)

when configuring static route,we'd better assign next-hop and output interface both
this is very important , we usually do like this.
thanks for sharing
  • x
  • convention:

chenhui Admin Created Nov 9, 2018 09:15:31 Helpful(1) Helpful(1)

Posted by Torrent at 2018-11-06 11:24 when configuring static route,we'd better assign next-hop and output interface boththis is very impo ...
hope this little tip can help more people.[case] Load balancing by static routes on switch causes drop packets periodically-2797495-1
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

Login and enjoy all the member benefits

Login
Fast reply Scroll to top