CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3.
2. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 Platforms > Nokia And IPSO
VRRP Rx Bad Addr List increase!!!! VRRP Rx Bad Addr List increase!!!!
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2008-08-15
Member
  
Join Date: 2008-04-12
Posts: 53
Rep Power: 1
doccocaubai has an average reputation (10+)
Default VRRP Rx Bad Addr List increase!!!!
Hi, all
Please help me fix this problem. I configured the VRRP with Monitored-Circuit VRRP simplified method. I have 7 interface, but only 1 interface meet this problem. The number of Rx Bad Addr List always increase.
Here is the information when I show vrrp stats:

Interface External
Rx IP Truncated: 0 Rx Checksum Error: 0
Rx Unknown Version: 0 Rx Unknown VRID: 0
Tx IP Truncated: 0
VRID 1
Rx Bad TTL: 0 Rx VRRP Truncated: 0
Rx Auth Mismatch: 0 Rx Auth Failure: 0
Rx Unknown Auth: 0 Rx Unknown Type: 0
Rx Bad Advert Intvl: 88019 Rx Bad Addr List: 4994
Rx Loopback: 0 Rx Bad Master: 1
Rx Advertisement: 10 Tx Advertisement 20174

Please help me to fix it.
Thanks
Reply With Quote
  #2 (permalink)  
Old 2008-08-16
Senior Member
  
Join Date: 2006-07-28
Location: New Zealand
Posts: 857
Rep Power: 3
northlandboy has an average reputation (10+)
Default Re: VRRP Rx Bad Addr List increase!!!!
Check that the config that you have for the problematic interface is correct. Check it again. Maybe post your VRRP configs for those interfaces here.

Run tcpdump, look at the traffic on the wire, look for the VRRP traffic, and check it looks right. View it in Wireshark if necessary.

Do you have any other VRRP devices (other than this cluster) on the VLAN that is causing problems?
Reply With Quote
  #3 (permalink)  
Old 2008-08-17
Member
  
Join Date: 2008-04-12
Posts: 53
Rep Power: 1
doccocaubai has an average reputation (10+)
Default Re: VRRP Rx Bad Addr List increase!!!!
Quote:
Originally Posted by northlandboy View Post
Check that the config that you have for the problematic interface is correct. Check it again. Maybe post your VRRP configs for those interfaces here.

Run tcpdump, look at the traffic on the wire, look for the VRRP traffic, and check it looks right. View it in Wireshark if necessary.

Do you have any other VRRP devices (other than this cluster) on the VLAN that is causing problems?
This is my VRRP config on device 1:
NokiaIP390:22> show vrrp interfaces

VRRP Interfaces
Interface ADSL
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Master Time since transition: 268831
BasePriority: 254 Effective Priority: 254
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:59:5b:01
Primary address: 10.1.18.251
Next advertisement:
Number of Addresses: 1
10.1.18.253
Monitored circuits
DMZ3 (priority 10)
HoSE (priority 10)
Internal (priority 10)

Interface DMZ3
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Master Time since transition: 268832
BasePriority: 254 Effective Priority: 254
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:1f:5b:01
Primary address: 10.1.17.252
Next advertisement:
Number of Addresses: 1
10.1.17.254
Monitored circuits
ADSL (priority 10)
HoSE (priority 10)
Internal (priority 10)

Interface External
Number of virtual routers: 1
Flags:
Authentication: NoAuthentication
VRID 22
State: Master Time since transition: 183594
BasePriority: 254 Effective Priority: 254
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:ee:a8:16
Primary address: 125.234.253.3
Next advertisement:
Number of Addresses: 1
125.234.253.5

Interface HoSE
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Master Time since transition: 268835
BasePriority: 254 Effective Priority: 254
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:25:38:01
Primary address: 172.17.190.121
Next advertisement:
Number of Addresses: 1
172.17.190.123
Monitored circuits
ADSL (priority 10)
DMZ3 (priority 10)
Internal (priority 10)

Interface Internal
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Master Time since transition: 268835
BasePriority: 254 Effective Priority: 254
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:a0:81:01
Primary address: 10.1.16.252
Next advertisement:
Number of Addresses: 1
10.1.16.254
Monitored circuits
ADSL (priority 10)
DMZ3 (priority 10)
HoSE (priority 10)

This is the vrrp config on my device 2:
NokiaIP390:7> show vrrp interfaces

VRRP Interfaces
Interface ADSL
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Backup Time since transition: 189077
Master: 10.1.18.251
BasePriority: 245 Effective Priority: 245
Master transitions: 2 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:59:5b:01
Primary address: 10.1.18.252
Master expire: 2
Number of Addresses: 1
10.1.18.253
Monitored circuits
DMZ3 (priority 10)
HoSE (priority 10)
Internal (priority 10)

Interface DMZ3
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Backup Time since transition: 189077
Master: 10.1.17.252
BasePriority: 245 Effective Priority: 245
Master transitions: 2 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:1f:5b:01
Primary address: 10.1.17.253
Master expire: 2
Number of Addresses: 1
10.1.17.254
Monitored circuits
ADSL (priority 10)
HoSE (priority 10)
Internal (priority 10)

Interface External
Number of virtual routers: 1
Flags:
Authentication: NoAuthentication
VRID 22
State: Backup Time since transition: 183585
Master: 125.234.253.3
BasePriority: 245 Effective Priority: 245
Master transitions: 0 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:ee:a8:16
Primary address: 125.234.253.4
Master expire: 3
Number of Addresses: 1
125.234.253.5

Interface HoSE
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Backup Time since transition: 189078
Master: 172.17.190.121
BasePriority: 245 Effective Priority: 245
Master transitions: 2 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:25:38:01
Primary address: 172.17.190.122
Master expire: 2
Number of Addresses: 1
172.17.190.123
Monitored circuits
ADSL (priority 10)
DMZ3 (priority 10)
Internal (priority 10)

Interface Internal
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 1
State: Backup Time since transition: 189078
Master: 10.1.16.252
BasePriority: 245 Effective Priority: 245
Master transitions: 2 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: Extended VMAC: 02:00:5e:a0:81:01
Primary address: 10.1.16.253
Master expire: 2
Number of Addresses: 1
10.1.16.254
Monitored circuits
ADSL (priority 10)
DMZ3 (priority 10)
HoSE (priority 10)

And this is the tcpdump show on interface External of device 1:
IP390-1[admin]# tcpdump -i eth1c0
tcpdump: listening on eth1c0
07:41:19.573681 O 125.234.253.3.22 > 117.6.189.125.8973: P 2271025612:2271025680(68) ack 1204887526 win 17680 [tos 0x10]
07:41:19.581848 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 68 win 16936 (DF)
07:41:19.666545 I 125.234.253.4 > 224.0.0.5: OSPFv2-ls_ack 44:
RID 10.1.2.1 area 0.0.0.10 [tos 0xc0] [ttl 1]
07:41:19.816464 I 125.234.253.4 > 224.0.0.5: OSPFv2-hello 48:
RID 10.1.2.1 area 0.0.0.10 [|ospf] [tos 0xc0] [ttl 1]
07:41:19.844550 O 125.234.253.5.18551 > 208.67.222.222.53: 33636+ (44)
07:41:20.070173 I 203.162.13.2 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 30 [tos 0xc0]
07:41:20.200034 O 125.234.253.3 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 254 [tos 0xc0]
07:41:20.343380 0:21:56:23:ff:94 0:21:56:23:ff:94 9000 60:
0000 0100 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000
07:41:20.366742 I 125.234.253.1 > 224.0.0.5: OSPFv2-ls_ack 44:
RID 125.234.253.1 area 0.0.0.10 [tos 0xc0] [ttl 1]
07:41:20.460683 I 0:21:56:23:ff:94 > 1:80:c2:0:0:0 sap 42 ui/C len=43
0000 0000 0080 0200 2156 13f0 0000 0000
0380 0200 2156 23ff 8080 1401 0014 0002
000f 0000 0000 0000 0000 00
07:41:20.570305 O 125.234.253.3.22 > 117.6.189.125.8973: P 68:232(164) ack 1 win 17680 [tos 0x10]
07:41:20.570389 O 125.234.253.3.22 > 117.6.189.125.8973: P 232:364(132) ack 1 win 17680 [tos 0x10]
07:41:20.570450 O 125.234.253.3.22 > 117.6.189.125.8973: P 364:480(116) ack 1 win 17680 [tos 0x10]
07:41:20.570514 O 125.234.253.3.22 > 117.6.189.125.8973: P 480:580(100) ack 1 win 17680 [tos 0x10]
07:41:20.570564 O 125.234.253.3.22 > 117.6.189.125.8973: P 580:696(116) ack 1 win 17680 [tos 0x10]
07:41:20.570622 O 125.234.253.3.22 > 117.6.189.125.8973: P 696:796(100) ack 1 win 17680 [tos 0x10]
07:41:20.570697 O 125.234.253.3.22 > 117.6.189.125.8973: P 796:912(116) ack 1 win 17680 [tos 0x10]
07:41:20.570767 O 125.234.253.3.22 > 117.6.189.125.8973: P 912:1044(132) ack 1 win 17680 [tos 0x10]
07:41:20.570819 O 125.234.253.3.22 > 117.6.189.125.8973: P 1044:1176(132) ack 1 win 17680 [tos 0x10]
07:41:20.570891 O 125.234.253.3.22 > 117.6.189.125.8973: P 1176:1276(100) ack 1 win 17680 [tos 0x10]
07:41:20.570941 O 125.234.253.3.22 > 117.6.189.125.8973: P 1276:1392(116) ack 1 win 17680 [tos 0x10]
07:41:20.570998 O 125.234.253.3.22 > 117.6.189.125.8973: P 1392:1508(116) ack 1 win 17680 [tos 0x10]
07:41:20.571044 O 125.234.253.3.22 > 117.6.189.125.8973: P 1508:1608(100) ack 1 win 17680 [tos 0x10]
07:41:20.571094 O 125.234.253.3.22 > 117.6.189.125.8973: P 1608:1724(116) ack 1 win 17680 [tos 0x10]
07:41:20.571149 O 125.234.253.3.22 > 117.6.189.125.8973: P 1724:1824(100) ack 1 win 17680 [tos 0x10]
07:41:20.571219 O 125.234.253.3.22 > 117.6.189.125.8973: P 1824:1940(116) ack 1 win 17680 [tos 0x10]
07:41:20.571279 O 125.234.253.3.22 > 117.6.189.125.8973: P 1940:2056(116) ack 1 win 17680 [tos 0x10]
07:41:20.571345 O 125.234.253.3.22 > 117.6.189.125.8973: P 2056:2172(116) ack 1 win 17680 [tos 0x10]
07:41:20.571402 O 125.234.253.3.22 > 117.6.189.125.8973: P 2172:2272(100) ack 1 win 17680 [tos 0x10]
07:41:20.587358 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 364 win 16640 (DF)
07:41:20.588981 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 580 win 16424 (DF)
07:41:20.590729 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 796 win 17680 (DF)
07:41:20.592479 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 1044 win 17432 (DF)
07:41:20.594228 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 1276 win 17200 (DF)
07:41:20.595852 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 1508 win 16968 (DF)
07:41:20.597601 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 1724 win 16752 (DF)
07:41:20.599351 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 1940 win 16536 (DF)
07:41:20.600848 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 2172 win 17680 (DF)
07:41:20.615090 I 208.67.222.222.53 > 125.234.253.5.18551: 33636 1/0/0 (60) (DF)
07:41:20.624553 O 125.234.253.5.13910 > 67.159.42.23.80: F 3644490614:3644490614(0) ack 2122393485 win 256 (DF)
07:41:20.625657 O 125.234.253.5.13911 > 208.53.158.75.80: S 417839150:417839150(0) win 8192 <mss 1380,nop,wscale 8,nop,nop,nop,nop> (DF)
07:41:20.634080 I 203.162.13.2 > 224.0.0.5: OSPFv2-hello 56:
[len 44] [tos 0xc0] [ttl 1]
07:41:20.777992 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 2272 win 17580 (DF)
07:41:20.926027 I 203.162.13.2 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 30 [tos 0xc0]
07:41:20.978620 I 208.53.158.75.80 > 125.234.253.5.13911: S 43568668:43568668(0) ack 417839151 win 1460 <mss 1460,nop,wscale 0> (DF)
07:41:20.978959 O 125.234.253.5.13911 > 208.53.158.75.80: . ack 1 win 258 (DF)
07:41:20.979744 I 67.159.42.23.80 > 125.234.253.5.13910: . ack 1 win 8280 (DF)
07:41:20.979833 O 125.234.253.5.13911 > 208.53.158.75.80: P 1:191(190) ack 1 win 258 (DF)
07:41:20.981241 I 67.159.42.23.80 > 125.234.253.5.13910: F 1:1(0) ack 1 win 8280 (DF)
07:41:20.981468 O 125.234.253.5.13910 > 67.159.42.23.80: . ack 2 win 256 (DF)
07:41:21.190064 O 125.234.253.3 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 254 [tos 0xc0]
07:41:21.309044 I 208.53.158.75.80 > 125.234.253.5.13911: P 1:456(455) ack 191 win 8280 (DF)
07:41:21.318127 O 125.234.253.5.13911 > 208.53.158.75.80: P 191:381(190) ack 456 win 256 (DF)
07:41:21.570161 O 125.234.253.3.22 > 117.6.189.125.8973: P 2272:2420(148) ack 1 win 17680 [tos 0x10]
07:41:21.570220 O 125.234.253.3.22 > 117.6.189.125.8973: P 2420:2568(148) ack 1 win 17680 [tos 0x10]
07:41:21.570284 O 125.234.253.3.22 > 117.6.189.125.8973: P 2568:2716(148) ack 1 win 17680 [tos 0x10]
07:41:21.570353 O 125.234.253.3.22 > 117.6.189.125.8973: P 2716:2864(148) ack 1 win 17680 [tos 0x10]
07:41:21.570416 O 125.234.253.3.22 > 117.6.189.125.8973: P 2864:3012(148) ack 1 win 17680 [tos 0x10]
07:41:21.570470 O 125.234.253.3.22 > 117.6.189.125.8973: P 3012:3160(148) ack 1 win 17680 [tos 0x10]
07:41:21.570533 O 125.234.253.3.22 > 117.6.189.125.8973: P 3160:3308(148) ack 1 win 17680 [tos 0x10]
07:41:21.570586 O 125.234.253.3.22 > 117.6.189.125.8973: P 3308:3456(148) ack 1 win 17680 [tos 0x10]
07:41:21.570650 O 125.234.253.3.22 > 117.6.189.125.8973: P 3456:3604(148) ack 1 win 17680 [tos 0x10]
07:41:21.570704 O 125.234.253.3.22 > 117.6.189.125.8973: P 3604:3752(148) ack 1 win 17680 [tos 0x10]
07:41:21.570767 O 125.234.253.3.22 > 117.6.189.125.8973: P 3752:3900(148) ack 1 win 17680 [tos 0x10]
07:41:21.570821 O 125.234.253.3.22 > 117.6.189.125.8973: P 3900:4048(148) ack 1 win 17680 [tos 0x10]
07:41:21.570874 O 125.234.253.3.22 > 117.6.189.125.8973: P 4048:4196(148) ack 1 win 17680 [tos 0x10]
07:41:21.570938 O 125.234.253.3.22 > 117.6.189.125.8973: P 4196:4344(148) ack 1 win 17680 [tos 0x10]
07:41:21.570992 O 125.234.253.3.22 > 117.6.189.125.8973: P 4344:4492(148) ack 1 win 17680 [tos 0x10]
07:41:21.571093 O 125.234.253.3.22 > 117.6.189.125.8973: P 4492:4640(148) ack 1 win 17680 [tos 0x10]
07:41:21.571156 O 125.234.253.3.22 > 117.6.189.125.8973: P 4640:4788(148) ack 1 win 17680 [tos 0x10]
07:41:21.571209 O 125.234.253.3.22 > 117.6.189.125.8973: P 4788:4936(148) ack 1 win 17680 [tos 0x10]
07:41:21.571287 O 125.234.253.3.22 > 117.6.189.125.8973: P 4936:5084(148) ack 1 win 17680 [tos 0x10]
07:41:21.571337 O 125.234.253.3.22 > 117.6.189.125.8973: P 5084:5216(132) ack 1 win 17680 [tos 0x10]
07:41:21.571397 O 125.234.253.3.22 > 117.6.189.125.8973: P 5216:5348(132) ack 1 win 17680 [tos 0x10]
07:41:21.571447 O 125.234.253.3.22 > 117.6.189.125.8973: P 5348:5480(132) ack 1 win 17680 [tos 0x10]
07:41:21.571497 O 125.234.253.3.22 > 117.6.189.125.8973: P 5480:5612(132) ack 1 win 17680 [tos 0x10]
07:41:21.571557 O 125.234.253.3.22 > 117.6.189.125.8973: P 5612:5744(132) ack 1 win 17680 [tos 0x10]
07:41:21.571606 O 125.234.253.3.22 > 117.6.189.125.8973: P 5744:5876(132) ack 1 win 17680 [tos 0x10]
07:41:21.571666 O 125.234.253.3.22 > 117.6.189.125.8973: P 5876:6008(132) ack 1 win 17680 [tos 0x10]
07:41:21.571716 O 125.234.253.3.22 > 117.6.189.125.8973: P 6008:6140(132) ack 1 win 17680 [tos 0x10]
07:41:21.571775 O 125.234.253.3.22 > 117.6.189.125.8973: P 6140:6272(132) ack 1 win 17680 [tos 0x10]
07:41:21.571831 O 125.234.253.3.22 > 117.6.189.125.8973: P 6272:6404(132) ack 1 win 17680 [tos 0x10]
07:41:21.571933 O 125.234.253.3.22 > 117.6.189.125.8973: P 6404:6568(164) ack 1 win 17680 [tos 0x10]
07:41:21.571994 O 125.234.253.3.22 > 117.6.189.125.8973: P 6568:6748(180) ack 1 win 17680 [tos 0x10]
07:41:21.572054 O 125.234.253.3.22 > 117.6.189.125.8973: P 6748:6848(100) ack 1 win 17680 [tos 0x10]
07:41:21.572096 O 125.234.253.3.22 > 117.6.189.125.8973: P 6848:6916(68) ack 1 win 17680 [tos 0x10]
07:41:21.572147 O 125.234.253.3.22 > 117.6.189.125.8973: P 6916:7048(132) ack 1 win 17680 [tos 0x10]
07:41:21.572199 O 125.234.253.3.22 > 117.6.189.125.8973: P 7048:7180(132) ack 1 win 17680 [tos 0x10]
07:41:21.572281 O 125.234.253.3.22 > 117.6.189.125.8973: P 7180:7360(180) ack 1 win 17680 [tos 0x10]
07:41:21.572333 O 125.234.253.3.22 > 117.6.189.125.8973: P 7360:7492(132) ack 1 win 17680 [tos 0x10]
07:41:21.572393 O 125.234.253.3.22 > 117.6.189.125.8973: P 7492:7624(132) ack 1 win 17680 [tos 0x10]
07:41:21.572446 O 125.234.253.3.22 > 117.6.189.125.8973: P 7624:7756(132) ack 1 win 17680 [tos 0x10]
07:41:21.572498 O 125.234.253.3.22 > 117.6.189.125.8973: P 7756:7888(132) ack 1 win 17680 [tos 0x10]
07:41:21.572558 O 125.234.253.3.22 > 117.6.189.125.8973: P 7888:8020(132) ack 1 win 17680 [tos 0x10]
07:41:21.572610 O 125.234.253.3.22 > 117.6.189.125.8973: P 8020:8152(132) ack 1 win 17680 [tos 0x10]
07:41:21.572672 O 125.234.253.3.22 > 117.6.189.125.8973: P 8152:8284(132) ack 1 win 17680 [tos 0x10]
07:41:21.572725 O 125.234.253.3.22 > 117.6.189.125.8973: P 8284:8432(148) ack 1 win 17680 [tos 0x10]
07:41:21.587375 I 117.6.189.125.8973 > 125.234.253.3.22: P 1:53(52) ack 2420 win 17432 (DF)
07:41:21.588998 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 2716 win 17136 (DF)
07:41:21.590745 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 3012 win 16840 (DF)
07:41:21.592744 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 3308 win 16544 (DF)
07:41:21.594494 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 3604 win 17680 (DF)
07:41:21.595993 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 3900 win 17384 (DF)
07:41:21.599367 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 4196 win 17088 (DF)
07:41:21.601114 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 4492 win 16792 (DF)
07:41:21.602863 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 4788 win 16496 (DF)
07:41:21.604613 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 5084 win 17680 (DF)
07:41:21.606237 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 5348 win 17416 (DF)
07:41:21.607736 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 5612 win 17152 (DF)
07:41:21.609736 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 5876 win 16888 (DF)
07:41:21.611483 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 6140 win 16624 (DF)
07:41:21.613107 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 6404 win 16360 (DF)
07:41:21.614981 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 6748 win 17680 (DF)
07:41:21.616606 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 6916 win 17512 (DF)
07:41:21.618230 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 7180 win 17248 (DF)
07:41:21.619854 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 7492 win 16936 (DF)
07:41:21.621602 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 7492 win 16936 (DF)
07:41:21.646837 I 208.53.158.75.80 > 125.234.253.5.13911: P 456:682(226) ack 381 win 8280 (DF)
07:41:21.655832 I 208.53.158.75.80 > 125.234.253.5.13911: . 682:2062(1380) ack 381 win 8280 (DF)
07:41:21.656420 O 125.234.253.5.13911 > 208.53.158.75.80: . ack 2062 win 258 (DF)
07:41:21.670023 O 125.234.253.3.22 > 117.6.189.125.8973: . ack 53 win 17680 [tos 0x10]
07:41:21.701803 I 208.53.158.75.80 > 125.234.253.5.13911: . 2062:3442(1380) ack 381 win 8280 (DF)
07:41:21.806116 I 203.162.13.2 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 30 [tos 0xc0]
07:41:21.903270 O 125.234.253.5.13911 > 208.53.158.75.80: . ack 3442 win 258 (DF)
07:41:22.002245 I 208.53.158.75.80 > 125.234.253.5.13911: . 3442:4822(1380) ack 381 win 8280 (DF)
07:41:22.048218 I 208.53.158.75.80 > 125.234.253.5.13911: . 4822:6202(1380) ack 381 win 8280 (DF)
07:41:22.048818 O 125.234.253.5.13911 > 208.53.158.75.80: . ack 6202 win 258 (DF)
07:41:22.094065 I 208.53.158.75.80 > 125.234.253.5.13911: . 6202:7582(1380) ack 381 win 8280 (DF)
07:41:22.190040 O 125.234.253.3 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 254 [tos 0xc0]
07:41:22.202183 O 125.234.253.3 > 224.0.0.5: OSPFv2-ls_upd 76:
RID 10.1.2.1 area 0.0.0.10 [tos 0xc0] [ttl 1]
07:41:22.202749 I 125.234.253.1 > 224.0.0.5: OSPFv2-ls_upd 76:
RID 125.234.253.1 area 0.0.0.10 [tos 0xc0] [ttl 1]
07:41:22.202999 I 125.234.253.4 > 224.0.0.5: OSPFv2-ls_upd 76:
Reply With Quote
  #4 (permalink)  
Old 2008-08-18
Senior Member
  
Join Date: 2006-07-28
Location: New Zealand
Posts: 857
Rep Power: 3
northlandboy has an average reputation (10+)
Default Re: VRRP Rx Bad Addr List increase!!!!
Quote:
Originally Posted by doccocaubai View Post
P390-1[admin]# tcpdump -i eth1c0
tcpdump: listening on eth1c0
07:41:19.573681 O 125.234.253.3.22 > 117.6.189.125.8973: P 2271025612:2271025680(68) ack 1204887526 win 17680 [tos 0x10]
07:41:19.581848 I 117.6.189.125.8973 > 125.234.253.3.22: . ack 68 win 16936 (DF)
07:41:19.666545 I 125.234.253.4 > 224.0.0.5: OSPFv2-ls_ack 44:
RID 10.1.2.1 area 0.0.0.10 [tos 0xc0] [ttl 1]
07:41:19.816464 I 125.234.253.4 > 224.0.0.5: OSPFv2-hello 48:
RID 10.1.2.1 area 0.0.0.10 [|ospf] [tos 0xc0] [ttl 1]
07:41:19.844550 O 125.234.253.5.18551 > 208.67.222.222.53: 33636+ (44)
07:41:20.070173 I 203.162.13.2 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 30 [tos 0xc0]
07:41:20.200034 O 125.234.253.3 > 224.0.0.18: VRRPv2-adver 20: vrid 1 pri 254 [tos 0xc0]
Looks like we've found the problem. Check out those last two lines. The last one is good - that's your master firewall sending out VRRP advertisements for VRID 1. If you were to capture the whole packets, and look at them in Wireshark, you'd see they contain the 125.234.253.3 IP address. That is working as expected.

The problem is the second to last line - the traffic coming in (I) from 203.162.13.2. It's also sending out VRRP advertisements, for the same VRID (1), but it's a completely different network range.

You need to find out what that device is, and get it sorted out. It looks like maybe something is in a VLAN it shouldn't be.

Your firewall is seeing those packets coming in, seeing the VRID matches what is configured on the firewall, so it processes it, then sees it's for a completely different IP, so increases the Rx Bad Addr List.

This will also help resolve the network issues you've been having. By default, VRRP uses a virtual MAC address that is based on a standard component and the VRID. So what may be happening on that VLAN is that both devices are master, with the same MAC address. As a result, the switch will be confused about which port that MAC address is on, and will keep switching back and forth.

Let us know how things go after you get that other device put on the right VLAN.
Reply With Quote
  #5 (permalink)  
Old 2008-09-01
Member
  
Join Date: 2007-02-27
Posts: 80
Rep Power: 2
th0i3 has an average reputation (10+)
Default Re: VRRP Rx Bad Addr List increase!!!!
To capture only vrrp multicast traffic. The command is

tcpdump -i <interfacename> proto vrrp
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 14:00.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0