FHRP protocols are my least favourite topic. Knowing VRRP and HSRP and little of GLBP from configuration and operating side, i have been curious about the EXOS ESRP (FHRP) protocol. Never seen it in action or had the chance to configure it. The FHRP protocol family are most vendor specific and use vendor proprietary protocols. VRRP is the only FHRP protocol that is available on every other networking vendors hardware and software. But VRRP is not the topic here.
This is the simplest EXOS ESRP setup scenario taken from of the Extreme Networks official documentation
This is a rookie netlab, I have never configured ESRP before. So if you spot obvious errors, please write me an email, I will try to correct these.
Network topology
The ESRP configuration example shows a network topology is like following:
+-------+ +-------+
| | | |
| RS1 |-----------------------------------| RS2 |
| | | |
+-------+ +-------+
| |
| (OSPF or RIP) |
| |
routerid routerid
5.5.5.5 5.5.5.5
+-------+ +-------+
| | | |
| RS3 +-----------------------------------+ RS4 |
| | | |
+---+---+ +---+---+
| |
| ESRP VR1 |
| 10.1.2.3 |
| |
| +-------+ |
| | | |
+-----------------+ RS5 +-----------------+
| |
+-+---+-+
| |
+-------------+ +-------------+
| eth0 eth0 |
+---+---+ +---+---+
| | | |
| node1 | | node2 |
| | | |
+-------+ +-------+
The network topology is named Single ESRP Domain Using Layer 2 and Layer 3 Redundancy. OSPF or RIP configuration on RS1/RS2 are not part of the example configuration. This is a ESRP only setup example only.
The network topology above is the simpler version of the one shown on the official vendors website.
EXOS version
This is the EXOS version used in this netlab:
Card Partition Installation Date Version Name Branch ------------------------------------------------------------------------------ Switch primary Thu Jan 16 13:06:22 UTC 2025 32.7.2.19 rescue.xos 32.7.2.19 Switch secondary Thu Jan 16 13:06:22 UTC 2025 32.7.2.19 rescue.xos 32.7.2.19
The most recent image that is available from the official Extreme Networks github repository.
Configuration
Commands used to setup ESRP for both switches RS3 and RS4:
create vlan sales
configure vlan sales add ports 1:1-1:4
configure vlan sales ipaddress 10.1.2.3/24
enable ipforwarding
create esrp esrp1
configure esrp esrp1 domain-id 4096
configure esrp esrp1 add master sales
enable esrp esrp1
configure ospf add vlan sales area 0.0.0.0 passive
configure ospf routerid 5.5.5.5
enable ospf
These are commands to configure and operate ESRP in its simplest setup form. But now to the failed configuration errors.
Config error 1
Using the vendor setup hitting the first configure issue:
^ %% Invalid slot-port-channel separator detected at '^' marker.
EXOS spits out there should be a port-channel. The question now is, between which components and using which ports is the port-channel setup, not sure about this. The document has no hints, the network topology neither. It is not evident from looking at the network topology. Not knowing what to do, since I am a complete EXOS rookie, decided to convert this command above to following:
configure vlan sales add ports 1,2,3,4
Which succedded. Command applied instead on the RS3 and RS4 instead:
Config error 2
Nothing need to change on the commands but adding the created vlan to passive:
configure ospf add vlan sales area 0.0.0.0 passive
RS3 spits out, configure routerID first
Error: Cannot enable OSPF when ESRP is enabled and OSPF is using an automatically generated router ID. Please configure a router ID.
Now reverting the sequence of commands fixed that configuration issue
...
configure ospf routerid 5.5.5.5
configure ospf add vlan sales area 0.0.0.0 passive
...
This command sequence works.
Fixed configartion for RS3/RS4
This is the full, my own corrected and used in this netlab EXOS configuration:
#
# RS3/RS4
#
create vlan sales
configure vlan sales add ports 1,2,3,4
configure vlan sales ipaddress 10.1.2.3/24
enable ipforwarding
create esrp esrp1
configure esrp esrp1 domain-id 4096
configure esrp esrp1 add master sales
enable esrp esrp1
configure ospf routerid 5.5.5.5
configure ospf add vlan sales area 0.0.0.0 passive
enable ospf
#
save
y
Full router configurations
RS5
The switch RS5 has no configuration at all, it is a simple EXOS switch using identical software version as the other router and switches.
Verify ESRP
Verify the ESPR configuration using following commands
Show the ESRP state:
show esrp
Show the ESRP counters on participating networking components, here RS3 and RS4.
show esrp counters
Show the state of the configured ESRP named esrp1, this gives detailed information on the counters and state.
show esrp1
Using this 3 commands, ESRP can be verified, the configuration and the ESPR state can be shown after it has converged.
RS3
Router3 is the ESRP Master in current state:
Configured Mode: Extended # ESRP domain configuration : --------------------------------------------------------------------------------- Domain Grp Ver VLAN VID DId IP/IPX State Master MAC Address Nbr -------------------------------------------------------------------------------- esrp1 0 E sales 4094 4096 10.1.2.3 Slave 0c:35:3e:63:00:00 1 -------------------------------------------------------------------------------- # ESRP Port configuration: -------------------------------------------------------------------------------- Port Weight Host Restart --------------------------------------------------------------------------------
Show ESRP counters
show esrp1 counters
Output of that command:
Domain: esrp1 Current-time: (null) Rx-Esrp-Pkts = 72 Tx-Esrp-Pkts = 18 Rx-Aware-Esrp-Pkts = 0 Tx-Aware-Esrp-Pkts = 0 Rx-Err-Pkts = 0 Tx-Err-Pkts = 0
- RX/TX counters
- No Aware ESRP packets
- No error Packets found.
The ESRP state looks good, neighbour has been found and transmitting and receiving ESPR packets. No errors.
RS4
Displaying extensive output about ESRP configuruation and state. RS4 is the in the Slave state currently.
Domain: esrp1 Group: 0 Operational Version: extended Vlan Interface: sales Vlan Tag: 4094 Domain Id: 4096 IP Address: 10.1.2.3 10.1.2.3 Domain Type Standard Election Policy: standby > sticky > ports > weight > track > priority > mac -------------------------------------------------------------------------------- This System Neighbor system -------------------------------------------------------------------------------- State: Master Slave Sticky Flag: 1 0 Active Ports: 2 2 Active Ports Weight: 200 200 Priority: 0 [0 ] 0 MAC: 0c:35:3e:63:00:00 0c:b1:ac:bd:00:00 Tracked Active Vlan Ports: 0 0 Tracked IP Routes & Pings: 0 0 Hello Timeout: 2 2 Sequence Number: 567 10 Hand Shake Flag: 0 0 Restart Flag: 0 0 Shutdown Flag: 0 0 Timer Configuration: Hello 2s(2) Neighbor 8s(0) PreMaster 6s(0) Neutral 4s(0) NbrRestart 2s(0) State Transition Counters: To Master 1 To Neutral 1 To PreMaster 1 To Aware 1 To Slave 0 Last State Change: Mon Jun 2 13:13:44 2025 ELRP in Premaster: Disabled ELRP in Master: Disabled ELRP enabled ports: All Port Weight: 1:1(100), 1:3(100), Aware Selective Forward Ports: None Tracked VLANs: None Tracked Pings: None Tracked Ip Routes: None Tracked Environment: None ---------------------------------------------------------------------- # Domain Member VLANs: (total = 1) VLAN Name VID Virtual IP/IPX State ----------------------------------------------------------------------
State ESRP is ready and functional. The ESRP neigbors have 2 physical ports where ESRP PDU's are received and trasmitted:
..
Port Weight: 1:1(100), 1:3(100),
...
That are following physical ports on each router:
- port1
- port3
port1 is the directly connected port
ESRP packet capture
This is wireshark capture shows the events between RS3 and RS4 when ESRP starts up and initialises self.
1 0.000000 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
2 0.005601 Extreme-EEP → Extreme-EDP EDP 350 EDP: Info Display
3 1.015465 0c:35:3e:63:00:00 → LLDP_Multicast LLDP 142 MA/0c:35:3e:63:00:00 IN/3 120 SysN=RS4 SysD=ExtremeXOS (EXOS-VM) version 32.7.2.19 32.7.2.19 by release-manager on Thu Jan 16 07:54:39 AM EST 2025
4 1.179035 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
5 1.185348 Extreme-EEP → Extreme-EDP EDP 350 EDP: Info Display
6 1.339945 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
7 2.199679 0c:b1:ac:bd:00:00 → LLDP_Multicast LLDP 142 MA/0c:b1:ac:bd:00:00 IN/3 120 SysN=RS3 SysD=ExtremeXOS (EXOS-VM) version 32.7.2.19 32.7.2.19 by release-manager on Thu Jan 16 07:54:39 AM EST 2025
8 2.369508 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
9 3.339956 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
10 4.369567 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
11 5.340201 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
12 6.369744 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
13 7.340214 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
14 8.371089 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
15 9.340607 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
16 10.370136 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
17 11.340897 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
18 11.341364 0c:35:3e:63:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
19 11.342033 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
20 11.343021 ExtremeNetwo_00:00:80 → Broadcast ARP 60 ARP Announcement for 10.1.2.3
21 11.347270 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
22 12.370509 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
23 12.371106 0c:b1:ac:bd:00:00 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
24 13.340933 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
25 15.042552 10.1.2.3 → 224.0.0.2 IGMPv2 60 Membership Report group 224.0.0.2
26 15.341178 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
27 17.341372 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
28 18.722562 10.1.2.3 → 224.0.0.22 IGMPv2 60 Membership Report group 224.0.0.22
29 19.341470 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
30 21.341670 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
31 23.341630 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
32 25.341973 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
33 27.342097 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
34 29.342436 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
35 31.004289 0c:35:3e:63:00:00 → LLDP_Multicast LLDP 142 MA/0c:35:3e:63:00:00 IN/3 120 SysN=RS4 SysD=ExtremeXOS (EXOS-VM) version 32.7.2.19 32.7.2.19 by release-manager on Thu Jan 16 07:54:39 AM EST 2025
36 31.342463 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
37 32.206844 0c:b1:ac:bd:00:00 → LLDP_Multicast LLDP 142 MA/0c:b1:ac:bd:00:00 IN/3 120 SysN=RS3 SysD=ExtremeXOS (EXOS-VM) version 32.7.2.19 32.7.2.19 by release-manager on Thu Jan 16 07:54:39 AM EST 2025
38 33.342512 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
39 33.972179 10.1.2.3 → 224.0.0.1 IGMPv2 60 Membership Query, general
40 35.342711 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
41 35.922737 10.1.2.3 → 224.0.0.22 IGMPv2 60 Membership Report group 224.0.0.22
42 37.342910 ExtremeNetwo_00:00:80 → Extreme-ESRP-Client ESRP 90 EDP: ESRP
....
The full neighborship negotiation process between RS3 and RS4 routers is in the pcap file is appended to the article, see References.
Result
Random tests from linux clients:
- node1
- node2
to default-gateways IP address. Sending 100 ICMP packets each, while the ESRP active router is shut down, simulating a power outage here.
test01
[...] --- 10.1.2.3 ping statistics --- 100 packets transmitted, 93 packets received, 7% packet loss round-trip min/avg/max = 0.727/2.133/5.611 ms
test02
[...] --- 10.1.2.3 ping statistics --- 100 packets transmitted, 91 received, 9% packet loss, time 99376ms rtt min/avg/max/mdev = 0.746/2.286/2.951/0.397 ms
test03
[...] --- 10.1.2.3 ping statistics --- 100 packets transmitted, 90 packets received, 10% packet loss round-trip min/avg/max = 0.798/2.436/4.305 ms
The convergence times cover with the default timer settings for ESRP. Default ESRP timers:
State: Master Hello Timeout: 2 Timer Configuration: Hello 2s(2) Neighbor 8s(0) PreMaster 6s(0) Neutral 4s(0) NbrRestart 2s(0) State Transition Counters: To Master 1 To Neutral 1 To PreMaster 1 To Aware 1 ELRP in Master: Disabled
More or less, the difference is not big so everything seems to be in order. The longest time would be 10 seconds or in extreme cases 10 IP packets would get lost until ESRP converges fully, in this setup.
Summary
ESRP is the first FHRP protocol that has a direct link between both ESRP routers. In the topology the port3 is using it. While reading the documentation it is called sometimes ISL - Inter Switch Link. Direct link between both FHRP partners.
ESRP is not preemptive in the default setup, if preemption is needed it has to be configured, much like in all other FHRP protocols.
In the simplest setup, taken out of the dynamical routed network, ESRP works good, when testing from the client side pinging the default gateway in this case 10.1.2.3. This is the only option at time measuring convergence and if the gateway is reachable. I am curious about the specific setting, OSPF router-id 5.5.5.5 is identical on both* ESRP routers RS3 and RS4. This does not look valid or correct at all, but I have no proof that it will not work, not using this setup above.
Setting up simplest ESRP example and using only 2 ESRP routers and a additional switch, the configuration looks it would be working good.
Without having additional OSPF routers in the network topology it is not clear how the configured OSPF router-id will influence the convergence times. This setting can not be analysed without having OSPF setup in the network topology. Additionally, even more basic, the whole ESRP convergence time needs to be tested in a full network topology setup, using all used and configured protocols. Without OSPF or RIP in place it makes little sense to make any kind of convergence tests or to time the convergence of FHRP protocols. Such tests are nonsense because they are put out of a working network topology.
Now, using this particular ESRP setup example, I will look forward to setup another netlab, that is build on top of that particular example topology here, where RS1 and RS2 are added and OSPF backbone configuration is added, and RS3 and RS4 will also be added to the OSPF routing domain. Finally then I verify how the convergence times are.
See also
The follow up blog entry, adds OSPF on top of the network topology to all routers: