Configuring Dedicated Trunks for the CSM

Did you catch the article on setting up fault tolerance on the CSM?  In that article, I mentioned that Cisco recommends a dedicated trunk for the FT VLAN if you have two HA CSMs in two chassis.  Discuss amongst yourselves while I drone on.

Why should you set up a dedicated trunk for this stuff?  The most obvious reason is to be sure that normal traffic doesn’t step on the syncing traffic.  Since we’re syncing state information as well as configuration, the frames need to arrive in a timely manner.  Any errors could potentially disrupt the FT process, which is bad.  You surely don’t want the primary to fail only to find out that the standby doesn’t have the complete or current config.

Another reason is to keep the syncing traffic from stepping on normal traffic.  The CSM is a pretty robust box and can handle a pretty good chunk of data.  If you had a 100Mbps trunk between your chassis, there is the potential for the link to get flooded if the CSM ever starts sending some real data.  All things being equal, though, your trunks are probably sized properly for your network, and the addition of the syncing traffic probably won’t affect much.

Let’s review our configuration from the other article.

This snippet creates VLAN 83 and tells the CSM to use it for syncing, but how do we dedicate a trunk for that VLAN?  We use the switchport trunk allowed vlan directive.  We’ll assume that G1/1 on your primary switch is connected to G1/1 on your standby.

This sets G1/1 up to only allow VLAN 83 across it.  If you do a show int G1/1 trunk, you’ll see that this VLAN is the only one allowed, the only one active, and the only one one forwarding on that link.  Of course, you’ll need to do the same on the other side to keep traffic flow sane, but it’s fairly easy.

What if G1/1 goes down, though?  You’d lose sync, so you probably want to look at a solution for that little problem.  You could put in multiple links and let Spanning Tree do the work.  You could even turn those links into an EtherChannel for redundancy and throughput.  If you have more than two chassis, you could full mesh them with trunks dedicated to VLAN 83.  There are a number of ways around the problem.  Be creative.

Be sure to send turkey questions my way.

Aaron Conaway

I shake my head around sometimes and see what falls out. That's what lands on these pages.

More Posts

Follow Me:
Twitter

12 comments for “Configuring Dedicated Trunks for the CSM

  1. Mohammed Malik
    January 7, 2009 at 6:32 am

    Hello. Thank you for this article, its brill.

    My Question is, do you need to configure ip addresses for the active and standby CSM’s on the fault-tolerant vlan? Theres no reference to this in the article, or on the Cisco PDF’s….? If not, how do they communicate with each other on that Vlan please?

  2. January 7, 2009 at 9:12 am

    Hi, Mohammed. Thanks for the comment and compliment.

    Actually, you don’t need an IP address on the FT VLAN. It uses multicasting to announce itself…just as HSRP, VRRP, and GLBP do. You can find more information on that at:

    http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/csm/3.2/configuration/guide/redun.html#wp1037240

    Hope that helps. Let me know if you have any more questions.

  3. Steve
    August 25, 2009 at 12:16 am

    Hi Aaron,
    Excellent description. I have one question. You mention setting the priority above. If the priority is manually changed on the standby CSM to be higher, Will it become the active CSM immediately ?

    Many thanks

  4. August 25, 2009 at 10:52 am

    Thanks for the comment, Steve.

    If you have the preempt command configured and change the priority of the secondary unit higher than the primary, then the secondary should become active immediately. The same should hold true if you take the primary unit’s priority down.

    Here’s where to look.

    I hope that helps.

  5. Steve
    August 27, 2009 at 1:44 am

    Hi Aaron,

    Perfect answer. Thanks very much.

  6. nicola pasquali
    November 18, 2009 at 4:42 pm

    Hi Aaron ,good job with CSM.
    I have a strange behavior with sync of 3 pair of csm :
    2 of them works fine in two different chassis in same site
    2 of them remain out-of-sync in the same chassis
    2 of them remain out-sync in two different site ( DWDM 10G connection )
    All of theme have the same supervisor and csm microcode
    the failing CSM message are:
    Nov 5 16:17:37.086: %CSM_SLB-6-REDUNDANCY_INFO: Module 5 FT info: Active: Bulk sync started
    Nov 5 16:17:37.094: %CSM_SLB-6-REDUNDANCY_INFO: Module 5 FT info: Active: Sending configurations to Standby CSM, this may take several minutes!
    Nov 5 16:17:37.098: %CSM_SLB-6-REDUNDANCY_INFO: Module 5 FT info: Active: Sending configuration to Standby CSM
    Nov 5 16:18:37.142: %CSM_SLB-3-REDUNDANCY: Module 5 FT error: Active: Manual bulk sync timed out

    Nov 5 16:18:37.142: %CSM_SLB-3-REDUNDANCY: Module 5 FT error:
    FT CONFIG SYNC: Failed config sync entity send
    but not timeout appear on local link and on DWDM link
    Thanks for coop

  7. November 19, 2009 at 9:46 am

    Hey, Nicola. Thanks for stopping by the site.

    Do both out-of-sync CSM pairs throw the same error? Are you using the same FT VLAN? Errors on interfaces?

  8. nicola pasquali
    November 20, 2009 at 7:57 am

    Thanks for your coop…both out-of-sync with the same error..
    if i add manually on standby CSM the CFG after 1 minute the config goes in synch !!!
    if i add a new linee on active CSM cfg ..the CSM in stadby “sense” the action ..then i start the sync with command “HW…and soon” the routing immediatly start on secondary CSM but fail after 2-3 minute with the log you saw on previos comments.
    The csm in active state works fine the show run on backup CSM was erased…
    I tried to resync manualy the scenario ( copy and past on backup CSM the cfg lines ) and after 1 minute the CSM’s back in SYNC !!
    I tied to swap the role ( by priority) and even the CSM backup (become active with new priority) fails with the same behavior !!
    3 FT VL different for the 3 pair of CMS !! no eror on Phical Interface..seems to be a problem of late but CSM HW routine..What do you think about ??
    Ciao from Italy

  9. November 20, 2009 at 9:43 am

    Nicola: Can you email me your configs? I’ll look over them and see what I can find. Make sure you remove any sensitive data. Send them to csmproblems at aconaway dot com.

  10. nicola pasquali
    November 24, 2009 at 2:17 pm

    i’m sending you the doc you ask me..please to be sure..repeat your mail
    thank for big help

  11. December 1, 2009 at 6:22 pm

    For posterity, Nicola found bug CSCtd09117 that seems to be causing his problem.

Leave a Reply

Your email address will not be published. Required fields are marked *