Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX/QFX] LACP times out 10 minutes after master Routing Engine is halted or shut down in VC and VCF with NSB configured

0

0

Article ID: KB29511 KB Last Updated: 04 Mar 2017Version: 2.0
Summary:

This article explains the behavior of the Link Aggregation Control Protocol (LACP) flap 10 minutes after the master Routing Engine is halted or shut down in a Virtual Chassis (VC) and Virtual Chassis Fabric (VCF) environment.

Symptoms:

In a Virtual Chassis (VC) and Virtual Chassis Fabric (VCF) environment, when the master Routing Engine goes down, the backup Routing Engine takes over the role of master. The nonstop bridging (NSB) feature is available to ensure that the LACP daemon runs on both the master and backup Routing Engine. NSB ensures that the LACP adjacency is maintained with the neighbor device and that LACP PDUs are seamlessly received and transmitted even when a master Routing Engine switchover takes place. 

However, in a VC and VCF environment on an EX/QFX device, we consistently notice that if the master Routing Engine is permanently shut down, removed, or halted, then the LACP flap is seen exactly 10 minutes after the successful completion of the mastership switchover. 

Cause:
  • The Virtual Chassis (VC) MAC address (also referred to as the system MAC base address) is determined by the MAC address of the VC master device.
  • LACP advertises this system MAC base address of the master chassis as its "system-identifier" when it forms an adjacency with a neighbor device. 
  • The LACP system-identifier field uniquely identifies the virtual switch. 
  • When a VC master is removed from the VC and a new VC master takes over, the default behavior for the system MAC base address of the new VC master is to become active after 10 minutes.
  • This 10 minutes is the default value for the MAC persistence timer. If the previous VC master does not rejoin the VC during this period, the VC takes the system MAC base address of the new VC master as the VC MAC address.
  • The MAC persistence timer specifies how long the Virtual Chassis or VCF continues to use the MAC address of the switch that was originally configured in the master role as the system MAC base address after the original master switch is removed from the VC or VCF. 
  • Due to the system MAC base address change, after the expiration default of 10 minutes for the persistence timer, LACP restarts on the VC and all the aggregated Ethernet interfaces flap.
  • Once LACP restarts, it advertises the present master Routing Engine system MAC base address as its system-identifier.
Notes: 
  • This behavior will only be seen in situations where the original master Routing Engine does not join the Virtual Chassis within the timeframe specified by the MAC persistence timer. The default MAC persistence timer is 10 minutes. 
  • 10 minutes after a normal Routing Engine switchover (gracefully done through the CLI or ungracefully during a reboot of the original master Routing Engine) the LACP protocol flap will not be noticed. 
Solution:

Available workarounds to avoid the LACP flap 10 minutes after old master Routing Engine shutdown: 

  • Configure and tweak the MAC persistence timer settings as per network requirements. 
  • Statically define the LACP system-identifier on the LACP LAG bundle. 
  • Disable the MAC persistence timer. 

Configure the MAC persistence timer for the backup Routing Engine to start using Its own base MAC address as the system MAC address for the entire VC/VCF (CLI):

When a backup member takes control of a VC configuration, due to reset or some other temporary failure, the backup uses the MAC address of the old master. This helps to ensure a smooth transition of mastership with no disruption to network connectivity. The MAC persistence timer is used in situations where the master is no longer a member of the Virtual Chassis configuration, as it has been physically disconnected or removed.

The default timer value is 10 minutes. There are no minimum or maximum limits; this timer can be modified as per the network requirement. The maximum timer limit is 60 minutes starting with Junos OS Release 12.2.

Before configuring the timer, ensure that at least two member switches are present in the Virtual Chassis configuration.

To configure or modify the MAC persistence timer, use the following command:

[edit virtual-chassis]
user@switch# set mac-persistence-timer  < value> 

Configure a static system-identifier for a particular LACP LAG bundle:  

set interfaces ae1 aggregated-ether-options lacp system-priority <value>
set interfaces ae1 aggregated-ether-options lacp system-id < value>
commit

Disable the MAC persistence timer (CLI):

user@switch# set mac-persistence-timer  disable    
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search