I was under the impression that our virtual IP implementation was designed to allow two switches to share a common IP address so if one went down, the backup would take over and the change would be transparent to any network entity that they were communicating with, such as MU, AAP or a router. But when configuring IP address of a VLAN, the secondary IP-address box does not allow a secondary IP address in the same subnet range. For example, the following scheme is NOT allowed: switch1: primary addr= 10.10.10.1 secondary addr= 10.10.10.10 switch2: primary addr= 10.10.10.2 secondary addr= 10.10.10.10 If the secondary IP address can not be in the same subnet, then I can not figure out a use-case for this. Perhaps I am looking in the wrong place to set the virtual-IP settings. Has anyone played with this yet?
need clarification of Virtual IP in WiNG 4.1// Expert user has replied. |
3 Replies
You're looking in a wrong place. This VLAN Secondary IP Box is mere an IP alian for an interface. That's why it should be from other subnet. What you need is called "Cluster Virtual IP" I believe and can be configured from CLI only in v4.1 - just search the 4.1 CLI Guide for "Virtual-IP"
Hi Afshin, though to share some more points regarding Virtual IP
Brief Description about Virtual IP ======================== Virtual IP (VIP) Feature is designed similar to VRRP protocol. So this feature needs to have a cluster topology to work. [With out redundancy configuration on Wireless switch (RFS7K/RFS6K), Virtual ip feature can be enabled, but it will not work correctly, it will be INILIZITATION state]. Ideally this feature will work “Active – Active” / “Active – Standby” / “N+1” Cluster/redundancy topology. By having VIP feature, no need to change the default gateway of MUs when Primary Wireless Switches goes down and the Standby Switch takes over (Acting as Primary). Virtual ip feature can be enabled only via CLI and not via GUI or SNMP. VIP uses 51525 port numbers for communication between VIP peers.
Point to Remember
===============
Virtual IP feature uses redundancy interface to send VIP peer packets (uses port number 51525)
Master Virtual IP switch will be selected based on the configured mode as Automatic / Manual. (In case of automatic selection, lowest ip address of redundancy interface will be the Master VIP switch. In case of manual priority, user can configure values between .
Common Topology for VIP
====================
Please refer the attachment virtual_ip_topology_diagram.ppt “John Eveleth” has sent in previous mail
From the topology diagram, consider Vlan 11 is external Vlan (wired side) goes to the core routers and Vlan 12, 13 and 14 are wireless side. Consider we are running redundancy on Vlan 11 and need Virtual IPs on Vlan 11, Vlan 12, Vlan 13 and Vlan 14.
Need to configure redundancy interface ip address , member ip address and enable ( all on Vlan 11 ip address)
Configure Virtual ip address for Vlan 11, 12, 13, and 14.
Configure a single Virtual MAC for VIP
Enable VIP feature
Configuration parameters
=====================
Switch (config)# Virtual-ip vlan è ( here the vlan means, in that vlan you are going to use the virtual ip)
Switch (Config)# Virtual-ip advt-timeout è (This is advertisement time of VIP packets, default value is 2)
Switch (Config)# Virtual-ip garp-timeout è (This is Gratuitous ARP intervals timeout, default value is 180 seconds)
Switch (Config)# Virtual-ip learing-timeout è ( This is learning timeout for VIP, default value is 5 seconds)
Switch (config)# Virtual-ip priority < automatic or manual, in case of manual values are between 1 to 256)
Switch (Config)# Virtual- ip VMAC < use the reserved vmac for VIP feature , vmac range is 00-15-70-88-8a-90 to 00-15-70-88-8b-8f)
There are two show commands for VIP
Switch (config)# show virtual-ip config è shows the virtual ip configurations
Switch (Config)# show virtual-ip status è show the VIP peer status and VIP master details
You will be able to add a secondary ip address from the same subnet as primary in 4.1.0.0-042R via CLI.
If you have further quires please mail me Azif@motorola.com
Thanks
Azif
Hi Afshin, I believe it's to be used in cluster environments when MU's have the switch as their gateway. When the switch is acting as the gateway in a cluster environment, you can use VIP so that the gateway stays up in even when the switch currently acting as the gateway goes down. There's other uses for it too (see attached) but I think that is the most common usage scenario.