Downloads |
 Feedback
|
Table Of Contents
Prerequisites for Stateful Switchover
Restrictions for Stateful Switchover
Route Processor Redundancy Plus
Route Processor Synchronization
Bulk Synchronization During Initialization
Online Removal of the Active RP
SSO-Aware Protocols and Applications
Routing Protocols and Nonstop Forwarding
Setting the Configuration Register and Boot Variable
Configuring Frame Relay and Multilink Frame Relay Autosynchronization LMI Sequence Numbers
Performing a Fast Software Upgrade
Copying an Image onto an RP Examples
Copying an Image onto the Active and Standby RPs on the Cisco 7500: Example
Copying an Image onto the Active and Standby RPs on the Cisco 7304 and Cisco 10000: Example
Copying an Image onto Active and Standby RPs on the Cisco 12000: Example
Setting the Configuration Register Boot Variable Examples
Setting the Configuration Register Boot Variable on the Cisco 7304: Example
Setting the Configuration Register Boot Variable on the Cisco 7500: Example
Setting the Configuration Register Boot Variable on the Cisco 10000: Example
Setting the Configuration Register Boot Variable on the Cisco 12000: Example
Configuring SSO on the Cisco 7500 Series Router: Example
Configuring SSO on the Cisco 12000 Series Internet Router: Example
Configuring Autosync LMI Sequence Numbers: Example
Verifying SSO Configuration: Examples
Feature Information for Stateful Switchover
Stateful Switchover
First Published: July 22, 2002Last Updated: August 21, 2007Development of the Stateful Switchover (SSO) feature is an incremental step within an overall program to improve the availability of networks constructed with Cisco IOS routers.
is particularly useful at the network edgeSSO provides protection for network edge devices with dual Route Processors (RPs) that represent a single point of failure in the network design, and where an outage might result in loss of service for customers.
SSO has many benefits. Because the SSO feature maintains stateful protocol and application information, user session information is maintained during a switchover, and line cards continue to forward network traffic with no loss of sessions, providing improved network availability. SSO provides a faster switchover relative to HSA, RPR, and RPR+ by fully initializing and fully configuring the standby RP, and by synchronizing state information, which can reduce the time required for routing protocols to converge. Network stability may be improved with the reduction in the number of route flaps had been created when routers in the network failed and lost their routing tables.
This document describes the Stateful Switchover (SSO) feature in Cisco IOS software.
Note
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for Stateful Switchover" section.
Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
•
•
Prerequisites for Stateful Switchover
•
•
•
Restrictions for Stateful Switchover
General Restrictions for SSO
•
•
•
•
•
•
•
Configuration Mode Restrictions
•
•
%HA-5-MODE:Operating mode is sso, configured mode is sso.On the Cisco 7304 router, a message similar to the following appears:
%HA-6-STANDBY_READY: Standby RP in slot n is operational in SSO modeThe actual slot number depends on which slot has the active processor.
Switchover Process Restrictions
•
•
•
•
•
•
ATM Restrictions
•
–
–
–
–
–
–
–
–
–
–
Frame Relay and Multilink Frame Relay Restrictions
•
Note
•
–
–
–
–
•
•
LMI keepalive messages contain sequence numbers so that each side (network and peer) of a PVC can detect errors. An incorrect sequence number counts as one error. By default, the switch declares the line protocol and all PVCs down after three consecutive errors. Although it seems that synchronizing LMI sequence numbers might prevent dropped PVCs, the use of resources required to synchronize LMI sequence numbers for potentially thousands of interfaces (channelized) on larger networking devices might be a problem in itself. The networking device can be configured to synchronize LMI sequence numbers using a CLI command. Synchronization of sequence numbers is not necessary for DCE interfaces.
•
•
•
•
•
•
•
PPP Restrictions
•
•
Cisco 12000 Series Internet Router Platform Restrictions
•
•
•
–
–
–
–
–
•
–
–
–
–
–
–
–
–
–
–
–
–
–
•
–
•
–
–
–
–
–
–
•
–
–
•
–
–
–
–
–
–
–
–
Cisco 10000 Series Internet Router Platform Restrictions
•
•
–
–
–
–
–
–
–
–
–
–
Cisco 7500 Series Internet Router Platform Restrictions
•
•
•
•
•
•
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
•
•
Cisco 7304 Router Platform Restrictions
•
•
•
•
•
•
Development of the SSO feature is an incremental step within an overall program to improve the availability of networks constructed with Cisco IOS routers.
is particularly useful at the network edgeSSO provides protection for network edge devices with dual Route Processors (RPs) that represent a single point of failure in the network design, and where an outage might result in loss of service for customers.
In specific Cisco networking devices that support dual RPs, SSO takes advantage of RP redundancy to increase network availability. The SSO feature takes advantage of RP redundancy by establishing one of the RPs as the active processor while the other RP is designated as the standby processor, and then synchronizing critical state information between them. Following an initial synchronization between the two processors, SSO dynamically maintains RP state information between them.
A switchover from the active to the standby processor occurs when the active RP fails, is removed from the networking device, or is manually taken down for maintenance.
SSO is used with the Cisco Nonstop Forwarding (NSF) feature. Cisco NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover. With Cisco NSF, peer networking devices do not experience routing flaps, thereby reducing loss of service outages for customers.
Figure 1 illustrates how SSO is typically deployed in service provider networks. In this example, Cisco NSF with SSO is primarily at the access layer (edge) of the service provider network. A fault at this point could result in loss of service for enterprise customers requiring access to the service provider network.
For Cisco NSF protocols that require neighboring devices to participate in Cisco NSF, Cisco NSF-aware software images must be installed on those neighboring distribution layer devices. Additional network availability benefits might be achieved by applying Cisco NSF and SSO features at the core layer of your network; however, consult your network design engineers to evaluate your specific site requirements.
Figure 1 Cisco NSF with SSO Network Deployment: Service Provider Networks
Additional levels of availability may be gained by deploying Cisco NSF with SSO at other points in the network where a single point of failure exists. Figure 2 illustrates an optional deployment strategy that applies Cisco NSF with SSO at the enterprise network access layer. In this example, each access point in the enterprise network represents another single point of failure in the network design. In the event of a switchover or a planned software upgrade, enterprise customer sessions would continue uninterrupted through the network.
Figure 2 Cisco NSF with SSO Network Deployment: Enterprise Networks
SSO Redundancy Modes
SSO is one link in a chain of Cisco IOS redundancy features designed to provide progressively higher system and network availability. The specific configuration running on the networking device identifies Cisco IOS redundancy modes, which are described in the following sections:
•
Understanding the various modes is helpful in configuring and verifying SSO. Table 2 indicates which redundancy modes are supported on various platforms and releases.
High System Availability
High system availability (HSA) mode allows you to install two RPs in a single router to improve system availability. This mode is available only on Cisco 7500 series routers. Supporting two RPs in a router provides the most basic level of increased system availability through a "cold restart" feature. A cold restart means that when one RP fails, the other RP reboots the router. Thus, the router is never in a failed state for very long, thereby increasing system availability.
Route Processor Redundancy
Router Processor Redundancy (RPR) is an alternative mode to HSA and allows Cisco IOS software to be booted on the standby processor prior to switchover (a "cold boot"). In RPR, the standby RP loads a Cisco IOS image at boot time and initializes itself in standby mode; however, although the startup configuration is synchronized to the standby RP, system changes are not. In the event of a fatal error on the active RP, the system switches to the standby processor, which reinitializes itself as the active processor, reads and parses the startup configuration, reloads all of the line cards, and restarts the system.
Route Processor Redundancy Plus
In RPR+ mode, the standby RP is fully initialized. For RPR+ both the active RP and the standby RP must be running the same software image. The active RP dynamically synchronizes startup and the running configuration changes to the standby RP, meaning that the standby RP need not be reloaded and reinitialized (a "hot boot"). Additionally, on the Cisco 10000 and 12000 series Internet routers, the line cards are not reset in RPR+ mode. This functionality provides a much faster switchover between the processors. Information synchronized to the standby RP includes running configuration information, startup information (Cisco 7304, Cisco 7500, Cisco 10000, and Cisco 12000 series networking devices), and changes to the chassis state such as online insertion and removal (OIR) of hardware. Line card, protocol, and application state information is not synchronized to the standby RP.
Note
Stateful Switchover Mode
SSO mode provides all the functionality of RPR+ in that Cisco IOS software is fully initialized on the standby RP. In addition, SSO supports synchronization of line card, protocol, and application state information between RPs for supported features and protocols (a "hot standby").
Note
Route Processor Synchronization
In networking devices running SSO, both RPs must be running the same configuration so that the standby RP is always ready to assume control if the active RP fails.
To achieve the benefits of SSO, synchronize the configuration information from the active RP to the standby RP at startup and whenever changes to the active RP configuration occur. This synchronization occurs in two separate phases:
•
•
Bulk Synchronization During Initialization
When a system with SSO is initialized, the active RP performs a chassis discovery (discovery of the number and type of line cards and fabric cards, if available, in the system) and parses the startup configuration file.
The active RP then synchronizes this data to the standby RP and instructs the standby RP to complete its initialization. This method ensures that both RPs contain the same configuration information.
Even though the standby RP is fully initialized, it interacts only with the active RP to receive incremental changes to the configuration files as they occur. Executing CLI commands on the standby RP is not supported.
On Cisco 12000 series devices with three or more RPs in a chassis, after negotiation of active and standby RP, the non-active (remaining) RPs do not participate in router operation.
Synchronization of Startup Configuration
Note
The startup configuration is a text file stored in the NVRAM of the RP. It is synchronized whenever you perform the following operations:
•
•
•
•
•
•
•
Incremental Synchronization
After both RPs are fully initialized, any further changes to the running configuration or active RP states are synchronized to the standby RP as they occur. Active RP states are updated as a result of processing protocol information, external events (such as the interface becoming up or down), or user configuration commands (using CLI commands or Simple Network Management Protocol [SNMP]) or other internal events.
CLI Commands
CLI changes to the running configuration are synchronized from the active RP to the standby RP. In effect, the CLI command is run on both the active and the standby RP.
SNMP SET Commands
Configuration changes caused by an SNMP set operation are synchronized on a case-by-case basis. Currently only two SNMP configuration set operations are supported:
•
•
Routing and Forwarding Information
Routing and forwarding information is synchronized to the standby RP:
•
•
Chassis State
Chassis state changes are synchronized to the standby RP:
•
•
Line Card State
Changes to the line card states are synchronized to the standby RP. Line card state information is initially obtained during bulk synchronization of the standby RP. Following bulk synchronization, line card events, such as whether the interface is up or down, received at the active processor are synchronized to the standby RP.
Counters and Statistics
The various counters and statistics maintained in the active RP are not synchronized because they may change often and because the degree of synchronization they require is substantial. The volume of information associated with statistics makes synchronizing them impractical.
Note
Switchover Operation
During switchover, system control and routing protocol execution are transferred from the active to the standby RP. Switchover may be due to a manual operation (CLI-invoked) or to a software- or hardware-initiated operation (hardware or software fault induced).
The following sections describe switchover operation considerations:
•
Switchover Conditions
An automatic or manual switchover may occur under the following conditions:
•
•
•
The user can force the switchover from the active RP to the standby RP by using a CLI command. This manual procedure allows for a "graceful" or controlled shutdown of the active RP and switchover to the standby RP. This graceful shutdown allows critical cleanup to occur.
Note
Caution
Switchover Time
The time required by the device to switch over from the active RP to the standby RP varies by platform:
•
•
•
Although the newly active processor takes over almost immediately following a switchover, the time required for the device to begin operating again in full redundancy (SSO) mode can be several minutes, depending on the platform. The length of time can be due to a number of factors including the time needed for the previously active processor to obtain crash information, load code and microcode, and synchronize configurations between processors and line protocols and Cisco NSF-supported protocols.
The impact of the switchover time on packet forwarding depends on the networking device:
•
•
•
Online Removal of the Active RP
For Cisco 7500 series routers, online removal of the active RSP will automatically switch the redundancy mode to RPR. Online removal of the active RSP causes all line cards to reset and reload, which is equivalent to an RPR switchover, and results in a longer switchover time. When it is necessary to remove the active RP from the system, first issue a switchover command to switch from the active RSP to the standby RSP. When a switchover is forced to the standby RSP before the previously active RSP is removed, the network operation benefits from the continuous forwarding capability of SSO.
For Cisco 7304, Cisco 10000, and Cisco 12000 series Internet routers that are configured to use SSO, online removal of the active RP automatically forces a stateful switchover to the standby RP.
Single Line Card Reload
In Cisco 7500 series routers, a line card might fail to reach the quiescent state as a result of a hardware or software fault. In such cases, the failing line card must be reset. We recommend using the Single Line Card Reload (SLCR) feature to provide maximum assurance that SSO will continue forwarding packets on unaffected interfaces during switchover.
Note
The SLCR feature allows users to correct a line card fault on a Cisco 7500 series router by automatically reloading the microcode on a failed line card. During the SLCR process, all physical lines and routing protocols on the other line cards of the network backplane remain active.
The SLCR feature is not enabled by default. When you enable SSO, RPR+, or RPR, it is important that you enable SLCR also. For information on how to load and configure SLCR, refer to the Cisco 7500 Single Line Card Reload feature module.
Fast Software Upgrade
You can use Fast Software Upgrade (FSU) to reduce planned downtime. With FSU, you can configure the system to switch over to a standby RP that is preloaded with an upgraded Cisco IOS software image. FSU reduces outage time during a software upgrade by transferring functions to the standby RP that has the upgraded Cisco IOS software preinstalled. You can also use FSU to downgrade a system to an older version of Cisco OS or have a backup system loaded for downgrading to a previous image immediately after an upgrade.
SSO must be configured on the networking device before performing FSU.
Note
Core Dump Operation
In networking devices that support SSO, the newly active primary processor runs the core dump operation after the switchover has taken place. Not having to wait for dump operations effectively decreases the switchover time between processors.
Following the switchover, the newly active RP will wait for a period of time for the core dump to complete before attempting to reload the formerly active RP. The time period is configurable. For example, on some platforms an hour or more may be required for the formerly active RP to perform a coredump, and it might not be site policy to wait that much time before resetting and reloading the formerly active RP. In the event that the core dump does not complete within the time period provided, the standby is reset and reloaded regardless of whether it is still performing a core dump.
The core dump process adds the slot number to the core dump file to identify which processor generated the file content. For more information on how to complete a core dump, refer to the Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.2.
Note
SSO-Aware Protocols and Applications
SSO-supported line protocols and applications must be SSO-aware. A feature or protocol is SSO-aware if it maintains, either partially or completely, undisturbed operation through an RP switchover. State information for SSO-aware protocols and applications (such as PPP, Frame Relay, Multilink Frame Relay, ATM, and SNMP) is synchronized from active to standby to achieve stateful switchover for those protocols and applications.
The dynamically created state of SSO-unaware protocols and applications is lost on switchover and must be reinitialized and restarted on switchover.
SSO-aware applications are either platform-independent, such as in the case of line protocols (Frame Relay, Multilink Frame Relay, ATM, and PPP) or platform-dependent (such as line card drivers). Enhancements to the routing protocols (CEF, Open Shortest Path First, and Border Gateway Protocol [BGP]) have been made in the SSO feature to prevent loss of peer adjacency through a switchover; these enhancements are platform-independent.
Line Protocols
SSO-aware line protocols synchronize session state information between the active and standby RPs to keep session information current for a particular interface. In the event of a switchover, session information need not be renegotiated with the peer. During a switchover, SSO-aware protocols also check the line card state to learn if it matches the session state information. SSO-aware protocols use the line card interface to exchange messages with network peers in an effort to maintain network connectivity.
This sections describes SSO supports for each of the line protocols described in the following sections:
•
•
Table 3 indicates which protocols are supported on various platforms and releases.
ATM Stateful Switchover
With stateful switchover, ATM dynamic state information is synchronized between the active RP and standby RP. Thus when the active RP fails, the standby RP can take over without spending excessive time relearning the dynamic state information, and forwarding devices can continue to forward packets with only a few seconds of interruption (less on some platforms).
Note
Permanent Virtual Circuits
For ATM to support forwarding during and after switchover, ATM permanent virtual circuits (PVCs) must remain up not only within the networking device, but also within the ATM network.
In an ATM network, all traffic to or from an ATM interface is prefaced with a virtual path identifier (VPI) and virtual channel identifier (VCI). A VPI-VCI pair is considered a single virtual circuit. Each virtual circuit is a private connection to another node on the ATM network. In ATM SSO, the VPI-VCI pair is associated with a virtual circuit descriptor (VCD). ATM SSO uses VCD information in synchronizing VPI-VCI information to the standby RP.
Each virtual circuit is treated as a point-to-point or point-to-multipoint mechanism to another networking device or host and can support bidirectional traffic. On point-to-point subinterfaces, or when static mappings are configured, Inverse Address Resolution Protocol (ARP) need not run. In cases where dynamic address mapping is used, an Inverse ARP protocol exchange determines the protocol address to VPI-VCI mapping for the PVC. This process occurs as soon as the PVC on a multipoint subinterface makes the transition to active. If that process fails for some reason, the remote networking device may drop the Inverse ARP request if it has not yet seen the PVC transition to active. Inverse ARP runs every 60 seconds to relearn the dynamic address mapping information for the active RP.
ATM OAM Managed PVC or SVC Timeout
Operation, Administration, and Maintenance (OAM) F5 loopback cells must be echoed back on receipt by the remote host, thus demonstrating connectivity on the PVC between the router and the remote host. With ATM SSO, OAM loopback cells received on an interface must be echoed within 15 seconds before a PVC or switched virtual circuit (SVC) is declared down. By default, the OAM timeout is set to 10 seconds, followed by at most five retries sent at 1-second intervals. In the worst case, a switchover will begin just before expiration of the 10-second period, meaning that the PVC will go down within 5 seconds on the remote networking device if switchover has not completed within 5 seconds.
Note
Frame Relay and Multilink Frame Relay Stateful Switchover
With stateful switchover, Frame Relay and Multilink Frame Relay dynamic state information is synchronized between the active RP and standby RP. Thus when the active RP fails, the standby RP can take over without spending excessive time relearning the dynamic state information, and forwarding devices can continue to forward packets with only a few seconds of interruption (less on some platforms).
Permanent Virtual Circuits
For Frame Relay and Multilink Frame Relay to support forwarding during and after switchover, Frame Relay PVCs must remain up not only within the networking device, but also within the Frame Relay network.
In many cases the networking devices are connected to a switch, rather than back-to-back to another networking device, and that switch is not running Cisco IOS software. The virtual circuit state is dependent on line state. PVCs are down when the line protocol is down. PVCs are up when the line protocol is up and the PVC status reported by the adjacent switch is active.
On point-to-point subinterfaces, or when static mappings are configured, Inverse ARP need not run. In cases where dynamic address mapping is used, an Inverse ARP protocol exchange determines the protocol address to data-link connection identifier (DLCI) mapping for the PVC. This exchange occurs as soon as the multipoint PVC makes the transition to active. If the exchange fails for some reason, for example, the remote networking device may drop the Inverse ARP request if it has not yet seen the PVC transition to active—any outstanding requests are run off a timer, with a default of 60 seconds.
Keepalive Messages
A crucial factor in maintaining PVCs is the delivery of Local Management Interface (LMI) protocol messages (keepalives) during switchover. This keepalive mechanism provides an exchange of information between the network server and the switch to verify that data is flowing.
If a number of consecutive LMI keepalives messages are lost or in error, the adjacent Frame Relay device declares the line protocol down and all PVCs on that interface are declared down within the Frame Relay network and reported as such to the remote networking device. The speed with which a switchover occurs is crucial to avoid the loss of keepalive messages.
The line protocol state depends on the Frame Relay keepalive configuration. With keepalives disabled, the line protocol is always up as long as the hardware interface is up. With keepalives enabled, LMI protocol messages are exchanged between the networking device and the adjacent Frame Relay switch. The line protocol is declared up after a number of consecutive successful LMI message exchanges.
The line protocol must be up according to both the networking device and the switch. The default number of exchanges to bring up the line protocol is implementation-dependent: Three is suggested by the standards; four is used on a Cisco Frame Relay switch, taking 40 seconds at the default interval of 10 seconds; and two is used on a Cisco IOS networking device acting as a switch or when connected back-to-back. This default number could be extended if the LMI "autosense" feature is being used while the LMI type expected on the switch is determined. The number of exchanges is configurable, although the switch and router may not have the same owner.
The default number of lost messages or errors needed to bring down the line is three (two on a Cisco IOS router). By default, if a loss of two messages is detected in 15 to 30 seconds, then a sequence number or LMI type error in the first message from the newly active RP takes the line down.
If a line goes down, consecutive successful LMI protocol exchanges (default of four over 40 seconds on a Cisco Frame Relay switch; default of two over 20 seconds on a Cisco IOS device) will bring the line back up again.
PPP and Multilink PPP Stateful Switchover
With stateful switchover, specific PPP state information is synchronized between the active RP and standby RP. Thus when the active RP fails, the standby RP can take over without spending excessive time renegotiating the setup of a given link. As long as the physical link remains up, forwarding devices can continue to forward packets with only a few seconds of interruption (less on some platforms). Single-link PPP and Multilink PPP (MLP) sessions are maintained during RP switchover for IP connections only.
PPP and MLP support many Layer 3 protocols such as IPX and IP. Only IP links are supported in SSO. Links supporting non IP traffic will momentarily renegotiate and resume forwarding following a switchover. IP links will forward IP traffic without renegotiation.
A key factor in maintaining PPP session integrity during a switchover is the use of keepalive messages. This keepalive mechanism provides an exchange of information between peer interfaces to verify data and link integrity. Depending on the platform and configuration, the time required for switchover to the standby RP might exceed the keepalive timeout period. PPP keepalive messages are started when the physical link is first brought up. By default, keepalive messages are sent at 10-second intervals from one PPP interface to the other PPP peer.
If five consecutive keepalive replies are not received, the PPP link would be taken down on the newly active RP. Caution should be used when changing the keepalive interval duration to any value less than the default setting.
Only in extremely rare circumstances could the RP switchover time exceed the default 50-second keepalive duration. In the unlikely event this time is exceeded, the PPP links would renegotiate with the peers and resume IP traffic forwarding.
Note
HDLC Stateful Switchover
With stateful switchover, High-Level Data Link Control (HDLC) synchronizes the line protocol state information. Additionally, the periodic timer is restarted for interfaces that use keepalive messages to verify link integrity. Link state information is synchronized between the active RP and standby RP. The line protocols that were up before the switchover remain up afterward as long as the physical interface remains up. Line protocols that were down remain down.
A key factor in maintaining HDLC link integrity during a switchover is the use of keepalive messages. This keepalive mechanism provides an exchange of information between peer interfaces to verify data is flowing. HDLC keepalive messages are started when the physical link is first brought up. By default, keepalive messages are sent at 10-second intervals from one HDLC interface to the other.
HDLC waits at least three keepalive intervals without receiving keepalive messages, sequence number errors, or a combination of both before it declares a line protocol down. If the line protocol is down, SSO cannot support continuous forwarding of user session information in the event of a switchover.
Note
Quality of Service
The modular QoS CLI (MQS)-based QoS feature maintains a database of various objects created by the user, such as those used to specify traffic classes, actions for those classes in traffic policies, and attachments of those policies to different traffic points such as interfaces. With SSO, QoS synchronizes that database between the primary and secondary RP.
Line Card Drivers
Platform-specific line card device drivers are bundled with the Cisco IOS software image for SSO and are correct for a specific image, meaning they are designed to be SSO-aware.
Line cards used with the SSO feature periodically generate status events that are forwarded to the active RP. Information includes the line up or down status, and the alarm status. This information helps SSO support bulk synchronization after standby RP initialization and support state reconciliation and verification after a switchover.
Line cards used with the SSO feature also have the following requirements:
•
•
•
Note
For a list of supported line cards, see the "Restrictions" section of this document.
APS
RPR+ and SSO support allow the automatic protection switching (APS) state to be preserved in the event of failover.
Routing Protocols and Nonstop Forwarding
Cisco nonstop forwarding (NSF) works with SSO to minimize the amount of time a network is unavailable to its users following a switchover. When a networking device restarts, all routing peers of that device usually detect that the device went down and then came back up. This down-to-up transition results in what is called a "routing flap," which could spread across multiple routing domains. Routing flaps caused by routing restarts create routing instabilities, which are detrimental to the overall network performance. Cisco NSF helps to suppress routing flaps, thus improving network stability.
Cisco NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover. With Cisco NSF, peer networking devices do not experience routing flaps. Data traffic is forwarded through intelligent line cards (dual forwarding processors (FPs) on Cisco 10000 series Internet routers) while the standby RP assumes control from the failed active RP during a switchover. The ability of line cards (and FPs on Cisco 10000 series devices) to remain up through a switchover and to be kept current with the FIB on the active RP is key to Cisco NSF operation.
A key element of Cisco NSF is packet forwarding. In Cisco networking devices, packet forwarding is provided by CEF. CEF maintains the FIB, and uses the FIB information that was current at the time of the switchover to continue forwarding packets during a switchover. This feature eliminates downtime during the switchover.
Cisco NSF supports the BGP, IS-IS, and OSPF routing protocols. In general, these routing protocols must be SSO-aware to detect a switchover and recover state information (converge) from peer devices. Each protocol depends on CEF to continue forwarding packets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables.
Note
For more information on Cisco NSF, see the "Related Documents" section of this document.
Network Management
Network management support for SSO is provided through the synchronization of specific SNMP data between the active and standby RPs. From a network management perspective, this functionality helps to provide an uninterrupted management interface to the network administrator.
Note
For more information on SNMP support for SSO, see the "Related Documents" section.
Configuration Tasks
See the following sections for configuration tasks for the SSO feature. Each task in the list is identified as either required or optional.
•
•
•
•
•
•
Copying an Image onto an RP
Before you copy a file to Flash memory, be sure that ample space is available in Flash memory. Compare the size of the file you are copying to the amount of available Flash memory shown. If the space available is less than the space required by the file you will copy, the copy process will not continue and an error message similar to the following will be displayed:
%Error copying tftp://image@server/tftpboot/filelocation/imagename (Not enough space on device).This task explains how to copy a Cisco IOS image onto the active and standby RP devices using TFTP.
SUMMARY STEPS
1.
2.
3.
or
copy tftp diskdisk-number:image
4.
copy tftp slaveslotslot-number:image
or
copy tftp slavediskdisk-number:image
For other Cisco devices:
copy tftp stby-slotslot-number:image
or
copy tftp stby-diskdisk-number:image
DETAILED STEPS
Setting the Configuration Register and Boot Variable
Note
This task describes how to set the boot image file and to modify the software configuration register boot field so that the system boots the proper image.
SUMMARY STEPS
1.
2.
3.
4.
or
no boot system tftp filename [ip-address]
5.
or
boot system tftp filename [ip-address]
6.
7.
8.
9.
DETAILED STEPS
Following the reload, each RP is in its default mode:
•
•
•
•
Configuring SSO
Note
The following task describes how to configure SSO.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
DETAILED STEPS
Configuring Frame Relay and Multilink Frame Relay Autosynchronization LMI Sequence Numbers
This task describes configure Frame Relay SSO to synchronize LMI sequence numbers between the active and standby RPs. This procedure is only for devices supporting Frame Relay and is optional.
SUMMARY STEPS
1.
2.
3.
DETAILED STEPS
Verifying SSO Configuration
This task shows how to verify that SSO is configured on the networking device.
Note
SUMMARY STEPS
1.
2.
states | inter-device]3.
states | inter-device]DETAILED STEPS
Performing a Fast Software Upgrade
The FSU procedure allows you to upgrade (or downgrade) the Cisco IOS image on the RPs. Cisco IOS software is upgraded on the standby RP, and a manual switchover is performed. The new Cisco IOS image can then be upgraded on the other RPs.
Note
This task describes how to perform an FSU.
SUMMARY STEPS
1.
2.
or
copy tftp diskdisk-number:image
3.
copy tftp slaveslotslot-number:image
or
copy tftp slavediskdisk-number:image
For other Cisco routers:
copy tftp stby-slotslot-number:image
or
copy tftp stby-diskdisk-number:image
4.
5.
no hw-module slot slot-number image file-spec
6.
no hw-module slot slot-number image file-spec
7.
hw-module slot slot-number image file-spec
8.
hw-module slot slot-number image file-spec
9.
10.
11.
12.
13.
14.
reload standby-cpu
For other Cisco routers:
hw-module standby-cpu reset
15.
redundancy force-switchover main-cpu
For other Cisco routers:
redundancy force-switchover
DETAILED STEPS
Troubleshooting Tips
The following tips can help troubleshoot SSO operation.
The standby RP was reset, but there are no messages describing what happened.
To display a log of SSO events and clues as to why a switchover or other event occurred, enter the show redundancy history command on the newly active RP:
Router# show redundancy historyThe show redundancy states command shows an operating mode that is different than what is configured on the networking device.
On certain platforms the output of the show redundancy states command displays the actual operating redundancy mode running on the device, and not the configured mode as set by the platform. The operating mode of the system can change depending on system events. For example, SSO requires that both RPs on the networking device be running the same software image; if the images are different, the device will not operate in SSO mode, regardless of its configuration.
For example, during the upgrade process different images will be loaded on the RPs for a short period of time. If a switchover occurs during this time, the device will recover in RPR or RPR+ mode, depending on the networking device.
Note
Reloading the device disrupts SSO operation.
The SSO feature introduces a number of commands, including commands to manually cause a switchover. The reload command is not an SSO command. This command causes a full reload of the box, removing all table entries, resetting all line cards, and thereby interrupting network traffic forwarding. To avoid reloading the box unintentionally, use the redundancy force-switchover command.
During a software upgrade, the networking device appears to be in a mode other than SSO.
During the software upgrade process, the show redundancy command indicates that the device is running in a mode other than SSO.
This is normal behavior. Until the FSU procedure is complete, each RP will be running a different software version. While the RPs are running different software versions, the mode will change to either RPR or RPR+, depending on the device. The device will change to SSO mode once the upgrade has completed.
On the Cisco 7500 series router, the previously active processor is being reset and reloaded before the core dump completes.
Use the crashdump-timeout command to set the maximum time that the newly active processor waits before resetting and reloading the previously active processor.
On the Cisco 7500 series router, issuing a "send break" does not cause a system switchover.
This is normal operation on the Cisco 7500 series router. Using "send break" to break or pause the system is not recommended and may cause unpredictable results. To initiate a manual switchover, use the redundancy force-switchover command.
In Cisco IOS software, you can enter ROM monitor mode by restarting the router and then pressing the Break key or issuing a "send break" command from a telnet session during the first 60 seconds of startup.The send break function can be useful for experienced users or for users under the direction of a Cisco Technical Assistance Center (TAC) representative to recover from certain system problems or to evaluate the cause of system problems.
On Cisco 10000 and 12000 series Internet routers, if a standby RP is present, the system will detect the break and complete a switchover; however, this is not the recommended procedure for initiating a switchover. To initiate a manual switchover, use the redundancy force-switchover command.
The following commands also may be used as needed to troubleshoot the SSO feature. These commands do not have to be entered in any particular order.
SUMMARY STEPS
•
•
•
•
•
•
•
•
•
states | inter-device]•
DETAILED STEPS
Configuration Examples
This section provides the following configuration examples:
•
•
•
Copying an Image onto an RP Examples
The examples in this section copy an SSO-aware software image to Flash memory on each of the RPs:
•
•
•
Copying an Image onto the Active and Standby RPs on the Cisco 7500: Example
This example copies an image to Flash memory on each of the RSPs of a Cisco 7500 series router.
Router# copy tftp slot0:rsp-pv-mzRouter# copy tftp slaveslot0:rsp-pv-mzThe system will prompt you for additional server and filename information for each copy command.
Copying an Image onto the Active and Standby RPs on the Cisco 7304 and Cisco 10000: Example
This example copies an image to Flash memory on each of the PREs of a Cisco 7304 or Cisco 10000 series Internet router.
Cisco 7304 Example:
Router# copy tftp disk0:c7300-p-mzRouter# copy tftp stbydisk0:c7300-p-mzCisco 10000 Example
Router# copy tftp disk0:c10k-p10-mzRouter# copy tftp stby-disk0:c10k-p10-mzThe system will prompt you for additional server and filename information for each copy command.
Copying an Image onto Active and Standby RPs on the Cisco 12000: Example
This example copies an SSO-aware software image to Flash memory on each GRP of a Cisco 12000 series Internet router.
Router# copy tftp slot0:gsr-p-mzRouter# copy tftp stby-slot0:gsr-p-mzThe system will prompt you for additional server and filename information for each copy command.
Setting the Configuration Register Boot Variable Examples
The examples in this section configure the configuration register boot variable to boot from Flash and then reload each of the RPs with the new image:
•
•
•
•
Setting the Configuration Register Boot Variable on the Cisco 7304: Example
This example sets the configuration register boot variable to boot from Flash and then reload each of the RSPs with the new image.
Router# show versionRouter# configure terminalRouter(config)# no boot system flash disk0:Router(config)# boot system flash disk0:c7300-js-mzRouter(config)# config-register 0x2101Router(config)# exitRouter# copy running-config startup-configRouter# reloadSetting the Configuration Register Boot Variable on the Cisco 7500: Example
This example sets the configuration register boot variable to boot from Flash and then reload each of the RSPs with the new image.
Router# show versionRouter# configure terminalRouter(config)# no boot system flash slot0:Router(config)# boot system flash slot0:rsp-pv-mzRouter(config)# config-register 0x2101Router(config)# exitRouter# copy running-config startup-configRouter# reloadSetting the Configuration Register Boot Variable on the Cisco 10000: Example
This example sets the configuration register boot variable to boot from Flash and then reload each of the PREs with the new image.
Router# show versionRouter# configure terminalRouter(config)# no boot system flash slot0:Router(config)# boot system flash disk0:c10k-p6-mzRouter(config)# config-register 0x2101Router(config)# exitRouter# copy running-config startup-configRouter# reloadSetting the Configuration Register Boot Variable on the Cisco 12000: Example
This example sets the configuration register boot variable to boot from Flash and then reload each GRP with the new image.
Router# show versionRouter# configure terminalRouter(config)# no boot system flash slot0:Router(config)# boot system flash slot0:gsr-p-mzRouter(config)# config-register 0x2101Router(config)# exitRouter# copy running-config startup-configRouter# reloadConfiguring SSO Examples
Note
This section includes the following examples:
•
•
•
Configuring SSO on the Cisco 7500 Series Router: Example
In the following example, the active RSP is installed in slot 6 and the standby RSP is installed in slot 7 of a Cisco 7513 router:
Router# configure terminalRouter(config)# hw-module slot 6 image slot0:rsp-pv-mzRouter(config)# hw-module slot 7 image slot0:rsp-pv-mzRouter(config)# redundancyRouter(config-red)# mode ssoRouter(config-red)# endRouter# copy running-config startup-configConfiguring SSO on the Cisco 12000 Series Internet Router: Example
In the following example configures SSO mode on the active RP; the standby RP is automatically reset and synchronized with the active RP.
Router# configure terminalRouter(config)# redundancyRouter(config-red)# mode ssoRouter(config-red)# endRouter# copy running-config startup-configConfiguring Autosync LMI Sequence Numbers: Example
In the following example, Frame Relay SSO is configured to support autosynchronization of LMI sequence numbers between the active RP and standby RP:
Router (config)# frame-relay redundancy auto-sync lmi-sequence-numbersVerifying SSO Configuration: Examples
This section provides the following configuration examples:
•
•
•
Verifying that SSO Is Configured on Various Platforms: Examples
In the following several examples, the show redundancy command is used to verify that SSO is configured on the device. Sample output is provided for several platforms.
Cisco 7304 Router: Example
Router# show redundancyRedundant System Information :Available system uptime = 2 minutesSwitchovers system experienced = 0Standby failures = 0Last switchover reason = noneHardware Mode = DuplexConfigured Redundancy Mode = SSOOperating Redundancy Mode = SSOMaintenance Mode = DisabledCommunications = UpCurrent Processor Information :Active Location = slot 0Current Software state = ACTIVEUptime in current state = 2 minutesImage Version = Cisco Internetwork Operating System SoftwareIOS (tm) 7300 Software (C7300-P-M), Version 12.2(20)S6, RELEASE SOFTWARE (fc4)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2004 by cisco Systems, Inc.Compiled Fri 29-Oct-04 14:39BOOT =CONFIG_FILE =BOOTLDR = bootdisk:c7300-boot-mz.121-13.EX1Configuration register = 0x0Peer Processor Information :Standby Location = slot 2Current Software state = STANDBY HOTUptime in current state = 1 minuteImage Version = Cisco Internetwork Operating System SoftwareIOS (tm) 7300 Software (C7300-P-M), Version 12.2(20)S6, RELEASE SOFTWARE (fc4)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2004 by cisco Systems, Inc.Compiled Fri 29-Oct-04 14:39BOOT =CONFIG_FILE =BOOTLDR = bootdisk:c7300-boot-mz.121-13.EX1Configuration register = 0x0Cisco 7500 Series Router: Example
Router# show redundancyOperating mode is ssoredundancy mode ssohw-module slot 6 image disk0:rsp-pv-mzhw-module slot 7 image disk0:rsp-pv-mzActive in slot 6Standby in slot 7The system total uptime since last reboot is 2 weeks, 23 hours 41 minutes.The system has experienced 4 switchovers.The system has been active (become master) for 21 hours 1 minute.Reason for last switchover: User forced.Cisco 10000 Series Internet Router: Example
Router# show redundancyPRE A (This PRE) : ActivePRE B : StandbyOperating mode : SSOUptime since this PRE switched to active : 13 hours, 51 minutesTotal system uptime from reload : 15 hours, 8 minutesSwitchovers this system has experienced : 2Standby failures since this PRE active : 0The standby PRE has been up for : 13 hours, 47 minutesStandby PRE information....Standby is up.Standby has 524288K bytes of memory.Standby BOOT variable = disk0:c10k-p10-mzStandby CONFIG_FILE variable =Standby BOOTLDR variable =Standby Configuration register is 0x2102Standby version:Cisco Internetwork Operating System SoftwareIOS (tm) 10000 Software (C10K-P10-M), Version 12.0(20020221:082811)[REL-bowmore.ios-weekly 100]Copyright (c) 1986-2002 by cisco Systems, Inc.Compiled Thu 21-Feb-02 03:28Active version:Cisco Internetwork Operating System SoftwareIOS (am) 10000 Software (C10K-P10-M), Version 12.0(20020221:082811)[REL-bowmore.ios-weekly 100]Copyright (c) 1986-2002 by cisco Systems, Inc.Compiled Thu 21-Feb-02 03:28Cisco 12000 Series Internet Router: Example
Router# show redundancyActive GRP in slot 4:Standby GRP in slot 5:Preferred GRP: noneOperating Redundancy Mode: SSOAuto synch: startup-config running-configswitchover timer 3 seconds [default]Verifying that SSO Is Operating on the Device: Examples
In the following several examples, the show redundancy command with the states keyword is used to verify that SSO is configured on the device. Sample output is provided for several platforms.
Cisco 7304 Router: Example
Router# show redundancy statesmy state = 13 -ACTIVEpeer state = 8 -STANDBY HOTMode = DuplexUnit ID = 0Redundancy Mode (Operational) = SSORedundancy Mode (Configured) = SSOSplit Mode = DisabledManual Swact = EnabledCommunications = Upclient count = 18client_notification_TMR = 30000 millisecondsRF debug mask = 0x0Cisco 7500 Series Router: Example
Router# show redundancy statesmy state = 13 -ACTIVEpeer state = 8 -STANDBY HOTMode = DuplexUnit ID = 7Redundancy Mode = ssoMaintenance Mode = DisabledManual Swact = EnabledCommunications = Upclient count = 12client_notification_TMR = 30000 millisecondsRF debug mask = 0x0Cisco 10000 Series Internet Router: Example
Router# show redundancy statesmy state = 13 -ACTIVEpeer state = 8 -STANDBY HOTMode = DuplexUnit = Preferred PrimaryUnit ID = 0Redundancy Mode = SSOMaintenance Mode = DisabledManual Swact = EnabledCommunications = Upclient count =14client_notification_TMR = 30000 millisecondsRF debug mask = 0x0Cisco 12000 Series Internet Router: Example
Router# show redundancy statesmy state = 13 -ACTIVEpeer state = 8 -STANDBY HOTMode = DuplexUnit ID = 4Redundancy Mode = SSOMaintenance Mode = DisabledManual Swact = EnabledCommunications = Upclient count = 14client_notification_TMR = 30000 millisecondsRF debug mask = 0xIn the following several examples, the show redundancy command with the states keyword is used to verify that SSO is configured on the device. Sample output is provided for several platforms.
Verifying SSO Protocols and Applications: Examples
Enter the show redundancy command with the client keyword to display the list of applications and protocols that have registered as SSO protocols or applications. You can also verify the list of supported line protocols.
Cisco 7304 Router: Example
Router# show redundancy clientsclientID = 0 clientSeq = 0 RF_INTERNAL_MSGclientID = 29 clientSeq = 60 Redundancy Mode RFclientID = 25 clientSeq = 130 CHKPT RFclientID = 1314 clientSeq = 137 7300 Platform RFclientID = 22 clientSeq = 140 Network RF ClientclientID = 24 clientSeq = 150 CEF RRP RF ClientclientID = 5 clientSeq = 170 RFS clientclientID = 23 clientSeq = 220 Frame RelayclientID = 49 clientSeq = 225 HDLCclientID = 20 clientSeq = 310 IPROUTING NSF RF cliclientID = 21 clientSeq = 320 PPP RFclientID = 34 clientSeq = 350 SNMP RF ClientclientID = 52 clientSeq = 355 ATMclientID = 35 clientSeq = 360 History RF ClientclientID = 54 clientSeq = 530 SNMP HA RF ClientclientID = 75 clientSeq = 534 VRF commonclientID = 57 clientSeq = 540 ARPclientID = 65000 clientSeq = 65000 RF_LAST_CLIENTCisco 7500 Series Router: Example
Router# show redundancy clientsclientID = 0 clientSeq = 0 RF_INTERNAL_MSGclientID = 25 clientSeq = 130 CHKPT RFclientID = 22 clientSeq = 140 Network RF ClientclientID = 24 clientSeq = 150 CEF RRP RF ClientclientID = 37 clientSeq = 151 MDFS RRP RF ClientclientID = 23 clientSeq = 220 FRAME RELAYclientID = 49 clientSeq = 225 HDLCclientID = 20 clientSeq = 310 IPROUTING NSF RF cliclientID = 21 clientSeq = 320 PPP RFclientID = 34 clientSeq = 330 SNMP RF ClientclientID = 29 clientSeq = 340 ATMclientID = 35 clientSeq = 350 History RF ClientclientID = 50 clientSeq = 530 SNMP HA RF ClientclientID = 65000 clientSeq = 65000 RF_LAST_CLIENTCisco 10000 Series Internet Router: Example
Router# show redundancy clientsclientID = 0 clientSeq = 0 RF_INTERNAL_MSGclientID = 25 clientSeq = 130 CHKPT RFclientID = 22 clientSeq = 140 Network RF ClientclientID = 24 clientSeq = 150 CEF RRP RF ClientclientID = 26 clientSeq = 160 C10K RF ClientclientID = 5 clientSeq = 170 RFS clientclientID = 23 clientSeq = 220 Frame RelayclientID = 49 clientSeq = 225 HDLCclientID = 20 clientSeq = 310 IPROUTING NSF RF cliclientID = 21 clientSeq = 320 PPP RFclientID = 34 clientSeq = 330 SNMP RF ClientclientID = 29 clientSeq = 340 ATMclientID = 35 clientSeq = 350 History RF ClientclientID = 65000 clientSeq = 65000 RF_LAST_CLIENTCisco 12000 Series Internet Router: Example
Router# show redundancy clientsclientID = 0 clientSeq = 0 RF_INTERNAL_MSGclientID = 25 clientSeq = 130 CHKPT RFclientID = 27 clientSeq = 132 C12K RF COMMON ClienclientID = 30 clientSeq = 135 Redundancy Mode RFclientID = 22 clientSeq = 140 Network RF ClientclientID = 24 clientSeq = 150 CEF RRP RF ClientclientID = 37 clientSeq = 151 MDFS RRP RF ClientclientID = 5 clientSeq = 170 RFS clientclientID = 23 clientSeq = 220 Frame RelayclientID = 49 clientSeq = 225 HDLCclientID = 20 clientSeq = 310 IPROUTING NSF RF cliclientID = 21 clientSeq = 320 PPP RFclientID = 34 clientSeq = 330 SNMP RF ClientclientID = 29 clientSeq = 340 ATMclientID = 35 clientSeq = 350 History RF ClientclientID = 50 clientSeq = 530 SNMP HA RF ClientclientID = 65000 clientSeq = 65000 RF_LAST_CLIENTAdditional References
The following sections provide references related to the Stateful Switchover feature.
Related Documents
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
http://www.cisco.com/go/mibs
RFCs
Technical Assistance
Feature Information for Stateful Switchover
Table 4 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS Release 12.0(22)S or a later release appear in the table.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 4 Stateful Switchover Feature History
