How to identify VRID Conflicts.
Article ID: CTX574380
Updated On:
Description
Explain VRID conflicts and how to identify them.
Instructions
What is a VRID (Virtual Router ID) Conflict?Conflicts in VRID are messages logged when a packet has same source MAC Address as our vmac (virtual MAC) which indicates a network loop in topology.
When facing an issue with VRID conflicts, you will receive something along the lines of this is the log:
- Conflict in vrid x on interface LA/x vlan x bridge_group -x from MAC xx:xx:xx:xx:xx:xx IP x.x.x.x
You can retrieve the logs from the nslog directory at /var/nslog/, by running the following command in shell mode:
- nsconmsg -K newnslog -s disptime=1 -d consmsg | more
- Retrieve the following Data - This will allow you to identify all the configuration related to your VRID(s):
- ADC interfaces configuration - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/interface.html
- ARP table of the ADC - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/arp.html
- VRID configuration - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/vrID.html#show-vrid
- You may check for increments in the following counters, by executing the boldened commands in shell mode on CLI, :
- VRID counters - /var/nslog/ - nsconmsg -K newnslog -g arp_err_vrid_conflicts -s disptime=1 -d current | more
- Duplicate ARP - /var/nslog/ - nsconmsg -K newnslog -d current -g arp_err_dup_pkts -s disptime=1 | more
The above counters will show if there is an uptick in VRID conflict errors and arp duplicate packet errors, sequentially.
Issue/Introduction
Explain how to identify VRID conflicts
With the data gathered using the steps provided, you can validate when there is a VRID conflict.
What happens is that the ADC sends VRID packets (ARPs) advertising its own VRID configuration, these are broadcast packets with Source MAC = VMAC that the VRID has configured and source IP of the ADC, these packets are the ones that the ADC receives due a network error, caused by any device in the network that is routing this Broadcast packet back to the ADC.
When the ADC receives this packet with a source MAC and IP owned by itself it generate the conflict log. In short is not a problem in the ADC is the network path causing this log error.
Additional Information
NetScaler Appliances in Active-Active Mode Using VRRP
- https://docs.netscaler.com/en-us/citrix-adc/current-release/networking/interfaces/active-active-mode-using-vrrp.html
ADC interfaces configuration - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/interface.html
ARP table of the ADC - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/arp.html
VRID configuration - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/vrID.html#show-vrid
- https://docs.netscaler.com/en-us/citrix-adc/current-release/networking/interfaces/active-active-mode-using-vrrp.html
ADC interfaces configuration - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/interface.html
ARP table of the ADC - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/arp.html
VRID configuration - https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/network/vrID.html#show-vrid
Was this article helpful?
Yes
No
Powered by
