Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Contivity VRRP

Status
Not open for further replies.
pigsback

pigsback

Technical User
Nov 1, 2005
8
IE
Hi,

Has anyone out there been able to configure VRRP successfully on Nortel Secure IP services gateway (Contivity Firewall)?

I'm having terrible trouble getting it to work.

Firstly I have two units, primary and secondary. Regardless of the "serve as master" option being set on the secondary the primary still acts as the master for the secondarys address.

Secondly even if I bring down an interface on the primary therfore causing a flip, it does sort of work but in response to ARP requests to the primary the secondary responds as expected, with the data in the ARP reply correct (i.e. with the MAC address of the primarys virtual MAC address) however and here is where I think the problem is.... this ARP response from the secondary is from the virtual MAC address of the secondary and not the primary so the intermediate switch can never update its own MAC address table.

Is this a bug?

Thanks in advance.
 
Sort by date Sort by votes
What version of code are you running on the boxes?

I don't have it here in front of me, but something to check is the Virtual IP address. The Virtual IP address *must* be the same as the interface IP address on contivity that you want to be the master. This is spelled out in the help section for VRRP.
 
Upvote 0 Downvote
Thanks for the reply, I have documentation from Nortel which says that VRRP can be configured so that with two Contivitys that one can back up the interface of the other. For example B will take As address in the event of an interface failure and vise versa but the question still remains..... why does the serve as master option not work? And why does the secondary respond to ARPs when failed over with the wrong MAC address? The version I am running is 6_00.131.

Thanks again.
 
Upvote 0 Downvote
Are you using dynamic routing? If you have static routes VRRP will not fail over - from Nortel docs.

If you are using static routes there must be a backup route added through each tunnel



peace
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DocRobotnik
  • Locked
  • Question
Nortel Contivity 1750 password unknow and maybe ip static unknow 1
Replies
1
Views
122
andy88
andy88
Elderusr07
  • Locked
  • Question
Nortel Contivity - Random End User Disconnects
Replies
0
Views
92
Elderusr07
Elderusr07
damage750
  • Locked
  • Question
Contivity 1100 factory default
Replies
3
Views
117
damage750
damage750
biglebowski
  • Locked
  • Question
Contivity client for iPAD
Replies
3
Views
104
VinceWhirlwind
VinceWhirlwind
Dargrotek
  • Locked
  • Question
Contivity Branch Office Tunnel Connection Issues
Replies
1
Views
90
Dargrotek
Dargrotek

Part and Inventory Search

Sponsor

Back
Top