Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Antonio
Explorer

VSX routes on vs R80.20 static routes in manager but not in the gateways

Hi people.

 

I have 2 VS in a VSX CLuster.

 

The firstone (VS) works ok, and when I run the #vsx_util view_vs_conf I can see the statics routes was i configured, on the report, and applied in the gateways, the report represent the status vith a "V" in every vsx gateway box.

 

+----------------------------------------------------------+-----+-------------+
|Ipv4 Routes |Mgmt |VSX GW(s) |
+--------------------------+--------------------+----------+-----+------+------+
|Destination / Mask Length |Gateway |Interface | |nvsxgw|nvsxgw|
+--------------------------+--------------------+----------+-----+------+------+
|10.0.110.0/29 | |eth3 | V | V | V |
|10.0.160.0/29 | |eth5 | V | V | V |
|192.168.2.0/26 | |wrp128 | V | V | V |
|10.100.48.27/32 |10.0.110.1 | | V | V | V |
|0.0.0.0/0 |192.168.2.1 | | V | V | V |
+--------------------------+--------------------+----------+-----+------+------+

 

BUt in the secondone, when I run the same report from the Manager, the boxes say me with a "-" the static routes are not present in the gateways.


Routing table:

+----------------------------------------------------------+-----+-------------+
|Ipv4 Routes |Mgmt |VSX GW(s) |
+--------------------------+--------------------+----------+-----+------+------+
|Destination / Mask Length |Gateway |Interface | |nvsxgw|nvsxgw|
+--------------------------+--------------------+----------+-----+------+------+
|10.0.16.64/26 | |eth4 | V | V | V |
|192.168.2.0/26 | |wrp192 | V | V | V |
|10.100.48.27/32 |10.0.16.65 | | V | - | - |
|0.0.0.0/0 |192.168.2.1 | | V | V | V |
+--------------------------+--------------------+----------+-----+------+------+

Routing Table Legend:

V - Route exists on the gateway and matches management information (if defined on the management).
- - Route does not exist on the gateway.

 

The bahavior is that i have comunication with the first VS, but not to the second, the lastone canot be release it have a configured route with the SmartConsole, on the topology pane. And canot deliver responses to the packets from the internal network.

 

Trying to TS, I was delete the VS, and create again, shutdown the gateways, delete and restore the static routes needed, without expected results.

 

someone have any idea what can i do?

 

thanks a lot for your help.

 

0 Kudos
7 Replies
PhoneBoy
Admin
Admin

Recommend opening a TAC case so we can investigate as it sounds like configuration is not being pushed properly.
0 Kudos
Maarten_Sjouw
Champion
Champion

If that network is on a vlan, I would double check that the VLAN is really available on that second unit, it sounds like the network is not properly connected.
Regards, Maarten
0 Kudos
Vladimir
Champion
Champion

Static routes are present but not active until interface behind which the next hop is defined connected.

0 Kudos
Antonio
Explorer

Hi, I have visibility on the switch where the IP appliance is connected, the 10G interface is up and running. Let me know if you refer to a status on the checkpoint appliance 5800, when I do the Show interfaces all, Ifconfig, or fw getifs, the interfaces looks up and running. 

0 Kudos
Maarten_Sjouw
Champion
Champion

Do you have VLAN's on that 10Gb interface?
I'm not really talking about the physical interface, the logical interface is more important in this case, I'm sure you checked that the physical interfcae is up and running, how about the VLAN, is it allowed on the switches' trunk interfaces, is the VLAN created on the switch, is the VLAN available in any uplink etc etc.
Regards, Maarten
Antonio
Explorer

HI all, 

 

On first time after your responses, I try updating the Manager to R80.20M2 but the behavior remains.

Viewing the configuration on GAIA, (firt seting vsx off to gain acces to the web access), I say two interfaces vlans, that I don't need on my architecture, and forget to delete in the past. When I delete de two vlans, the routes appears replicated on the gateways, seeing the report with the vsx_util, and finally we can reach the internal interface of the virtual system.

 

Thanks to all for your suggestions. 

0 Kudos
Antonio
Explorer

really, the 10GB interfaces are configured to physically dedicated attend the traffic, without vlan tag, the switchport is in access mode.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events