Monday, March 28, 2011

UDP Forwarding Support for IP Redundancy Virtual Router Group

User Datagram Protocol (UDP) forwarding is a Cisco IOS feature used to forward broadcast and multicast packets received for a specific IP address. Virtual Router Group (VRG) support is currently implemented with the Hot Standby Routing Protocol (HSRP), which groups multiple routers as a logical router.

The UDP Forwarding Support for IP Redundancy Virtual Router Group feature enables the forwarding of UDP-based broadcast and multicast packets to be VRG aware – forwarding is only done by the active router in the VRG, instead of all routers within the VRG, which can cause some DHCP servers to operate incorrectly.

VRG awareness is achieved with IP Redundancy Service (IRS), which provides addition, deletion, state change notifications / updates, and state querying of a VRG. State change notification is used to avoid the performance impact of the periodic state querying of the VRG. The UDP forwarding process caches the VRG state for each defined helper address. When the UDP forwarding process executes, it checks the current state of the VRG associated with the helper address, followed by the forwarding action performed by the active router in the VRG.


Below shows the HSRP states on RT1 and RT2:
RT1#sh standby
FastEthernet1/0 - Group 1
  State is Active
    6 state changes, last state change 00:24:45
  Virtual IP address is 10.1.1.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (default)
  Hello time 3 sec, hold time 10 sec
Next hello sent in 0.164 secs
  Preemption enabled
  Active router is local
  Standby router is 10.1.1.3, priority 100 (expires in 8.508 sec)
  Priority 110 (configured 110)
  IP redundancy name is "hsrp-Fa1/0-1" (default)
RT1#
======================================================================
RT2#sh standby
FastEthernet1/0 - Group 1
  State is Standby
    7 state changes, last state change 00:24:56
  Virtual IP address is 10.1.1.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.280 secs
  Preemption disabled
  Active router is 10.1.1.2, priority 110 (expires in 6.836 sec)
  Standby router is local
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Fa1/0-1" (default)
RT2#

The output of the debug ip packet command on RT1 and RT2 shows that the DHCP (UDP) forwarding is performed by all routers within the VRG before this feature is enabled:
RT1#debug ip packet 101
IP packet debugging is on for access list 101
RT1#
00:25:16: IP: s=0.0.0.0 (FastEthernet1/0), d=255.255.255.255, len 604, rcvd 2
00:25:16: IP: tableid=0, s=10.1.1.2 (local), d=10.2.2.10  (FastEthernet2/0), routed via FIB
00:25:16: IP: s=10.1.1.2 (local), d=10.2.2.10 (FastEthernet2/0), len 604, sending
--------------------------------------------------
RT2#debug ip packet 101
IP packet debugging is on for access list 101
RT2#
00:25:16: IP: s=0.0.0.0 (FastEthernet1/0), d=255.255.255.255, len 604, rcvd 2
00:25:16: IP: tableid=0, s=10.1.1.3 (local), d=10.2.2.10 (FastEthernet2/0), routed via FIB
00:25:16: IP: s=10.1.1.3 (local), d=10.2.2.10 (FastEthernet2/0), len 604, sending
Remarks:
access-list 101 remark *** Filter HSRP packets in debug ip packet ***
access-list 101 deny ip any 224.0.0.0 0.0.0.255
access-list 101 permit ip any any

Below shows the UDP Forwarding Support for IP Redundancy Virtual Router Group configuration on RT1 and RT2:
RT1:
interface FastEthernet1/0
 ip address 10.1.1.2 255.255.255.0
 ip helper-address 10.2.2.2 redundancy hsrp-Fa1/0-1
 standby 1 ip 10.1.1.1
 standby 1 priority 110
 standby 1 preempt
!
--------------------------------------------------
RT2:
interface FastEthernet1/0
 ip address 10.1.1.3 255.255.255.0
 ip helper-address 10.2.2.2 redundancy hsrp-Fa1/0-1
 standby 1 ip 10.1.1.1
!

The ip helper-address {ip-addr} redundancy {vrg-name} interface subcommand enables the UDP Forwarding for IP Redundancy Virtual Router Group feature for a particular interface.
Note: This feature is available only on platforms that support VRGs.

After this feature is enabled on RT1 and RT2, the UDP forwarding is only done by RT1 at a time, the active router in the VRG.

The debug ip packet messages below shows that RT2 forwards the UDP DHCP requests to 10.2.2.10 (DHCP server) when it becomes the active router in the VRG when RT1 fails.
RT2#sh standby
FastEthernet1/0 - Group 1
  State is Active
    8 state changes, last state change 00:01:39
  Virtual IP address is 10.1.1.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.336 secs
  Preemption disabled
  Active router is local
  Standby router is unknown
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Fa1/0-1" (default)
RT2#
00:32:46: IP: s=0.0.0.0 (FastEthernet1/0), d=255.255.255.255, len 604, rcvd 2
00:32:46: IP: tableid=0, s=10.1.1.3 (local), d=10.2.2.10 (FastEthernet2/0), routed via FIB
00:32:46: IP: s=10.1.1.3 (local), d=10.2.2.10 (FastEthernet2/0), len 604, sending
RT2#

No comments:

Post a Comment