ipso clustering 390 performance degraded

[kwm30]

Seeing Ierrors and in_checksum errors on most interfaces on a IP390, 2 node cluster running IPSO 4.2B051-HFA02, NGX65HFA_02, IPSO clustering,
unicast, static.
The primary,2nd and fw1 sync i/f's are all on their own network.
The other data carrying cluster i/f's all show the above errors except one i/f which connects to a managed cisco 3750 switch for both modules.
The other data carrying i/f's connect too unmanaged D-Link, switchs, all 100FDX.
The 3 sync i/f's connect to Linksys unmanaged switchs, all 100FDX.
All i/f's in voyager configured for 100FDX, auto-avertise off.
All cabling has been replaced with cat 5e with no effect (original was 5e also)

Below are outputs for netstat -ni on both modules.

Note: Cluster A, s1p1, eth3 no errors, Cluster B s1p1, eth2, eth3 no errors

Cluster A
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
eth-s1p1 1518 <Link> 0:a0:8e:b1:67:60 171547807 0 108963222 0 0 - Data - cisco 3750
eth-s1p2 1518 <Link> 0:a0:8e:b1:67:61 151845179 393227 74751042 0 0 - Data - D-Link DES-1016R
eth-s1p3 1518 <Link> 0:a0:8e:b1:67:62 603 0 576 0 0 - Data, not used
eth-s1p4 1518 <Link> 0:a0:8e:b1:67:63 188931588 2323606 84229291 0 0 - Data - D-Link DES-1016R
eth-s2p1 1518 <Link> 0:a0:8e:b1:67:64 180993958 548445 82997302 0 0 - Data - D-Link DES-1016R
et
eth1 16018 <Link> 0:a0:8e:b1:67:68 17386013 10340 17461582 0 0 - Pri Cluster Sync - Linksys SR224
eth2 16018 <Link> 0:a0:8e:b1:67:69 68354196 9523 69531332 0 0 - FW1 Sync - Linksys SR224
eth3 16018 <Link> 0:a0:8e:b1:67:6a 14218123 0 14228535 0 0 - 2nd Cluster Sync - Linksys SR224


Cluster B
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
eth-s1p1 1518 <Link> 0:a0:8e:b2:89:58 142942897 0 95795135 0 0 - Data - cisco 3750
eth-s1p2 1518 <Link> 0:a0:8e:b2:89:59 125274618 458340 61426744 0 0 - Data - D-Link DES-1016R
eth-s1p3 1518 <Link> 0:a0:8e:b2:89:5a 427 0 472 0 0 - Data, not used
eth-s1p4 1518 <Link> 0:a0:8e:b2:89:5b 163224518 2446556 63038619 0 0 - Data - D-Link DES-1016R
eth-s2p1 1518 <Link> 0:a0:8e:b2:89:5c 149740308 554986 54566878 0 0 - Data - D-Link DES-1016R

eth1 16018 <Link> 0:a0:8e:b2:89:60 14160314 9165 14224232 0 0 - PriCluster Sync - Linksys SR224
eth2 16018 <Link> 0:a0:8e:b2:89:61 57601088 0 56365243 0 0 - FW1 Sync - Linksys SR224
eth3 16018 <Link> 0:a0:8e:b2:89:62 11792484 0 11798639 0 0 - 2nd Cluster Sync - Linksys SR224



Issuing command ipsctl -a |grep errors results in only the follwing displaying errors on all i/f's with Ierrs above.
errors:in
errors:rx_relc
errors:in_checksum

I suspect it has somthing to do with the umanaged D-Link and Linksys switchs.
Any assistace would be appreated as i suspect this is the cause of slow performance all round...Read my other post "R65, IPSO Cluster, slow web browsing " for topology details...

Regards
kellym

[kwm30]

Replaced D-Link unmanaged switch on one of the DMZ interfaces with a cisco 2924XL managed switch and the Ierrs and In_checksum errors are no longer incrementing...suspect the unmanaged switches have issues with the way the cluster mode(currently unicast) is configured with their ability (or lack of) to receive arp replies for the clustered mac addresses.
I could change the clustering mode to forwarding which might resolve my issues...suggestions???

Regards
kellym

[kwm30]

Sorted by replacing the D-Link switches with cisco. Now all data networks, 2nd and fw1-sync are running clean, primary still running with errors on both modules (primary, 2nd, fw1 sync are all linksys switchs)

Tac support confirms that there are issues with some switches, that's all the detail he gave.
He also stated that the only way to reset the counters from the output of "netstat -ni" was to bounce the cluster, anyone know of a least drastic method??

Regards
Kellym

[abusharif]

d-link, gotta love their products :-)

[dinesh_ymca]

If you are running nokia clusters on active/active mode it should not be a problem to bounce the cluster. Remember to do it in low traffic time.
Best Regards
Dinesh
The world of technology
(good technical articles)