Published On: November 18ᵗʰ, 2021 12:51

High Availability Configuration Guide, Cisco IOS XE Amsterdam 17.3.x (Catalyst 9500 Switches)

Contents

Graceful Insertion and Removal (GIR) provides an alternative method to minimize network service impact caused by device maintenance. GIR leverages redundant paths in the network to smoothly remove a device under maintenance, out of service, and insert it back to service when the maintenance is complete. This module describes the how to configure GIR.

Restrictions for Graceful Insertion and Removal

This feature is not supported on the C9500-32C, C9500-32QC, C9500-48Y4C, and C9500-24Y4C models of the Cisco Catalyst 9500 Series Switches.

GIR is supported for layer two interface shutdown, ISIS routing protocol, HSRP, VRRPv3 and BGP. This is configured either by creating customized templates or without a template.

Information About Graceful Insertion and Removal

Overview

Graceful Insertion and Removal (GIR) isolates a switch from the network in order to perform debugging or an upgrade. The switch can be put into maintenance mode using the start maintenance command. When switch maintenance is complete, the switch will return to normal mode on either reaching the configured maintenance timeout, or by enabling the stop maintenance command.

Creating a maintenance mode template before you put the switch in maintenance mode is optional. The objective of maintenance mode for a device is to minimize traffic disruption at the time of removal from the network, as well as during the time of insertion. There are mainly three stages:

  • Graceful removal of the node from network.

  • Performing maintenance on the device.

  • Graceful insertion into the network.

A switch can be put into maintenance mode using default template or a custom template. The default template contains all the ISIS instances, along with shut down l2 . In the custom template, you can configure the required ISIS instances and shutdown l2 option. On entering maintenance mode, all participating protocols are isolated, and L2 ports are shut down. When normal mode is restored, all the protocols and L2 ports are brought back up.

Snapshots are taken automatically while entering and exiting the maintenance mode. You can use the snapshot create snapshot-name snapshot-description command to capture and store snapshots for pre-selected features. Snapshots are useful to compare the state of a switch before it went into maintenance mode and after it came back to normal mode. The snapshot process consists of three parts:

  • Creating a snapshot of the states of a few preselected features on the switch and storing them onthe persistent storage media.

  • Listing the snapshots taken at various time intervals and managing them.

  • Comparing snapshots and showing the summary and details of each feature.

The maximum number of snapshots that may be stored on the switch is 10. You can use the snapshot delete snapshot-name command, to delete a specific snapshot from the device.

You can create multiple templates for the maintenance template or the snapshot template. But only one maintenance template and one snapshot template can be applied to the device at one time.

Snapshot templates can be created to generate specific snapshots. A new snapshot template can be created using the snapshot-templatetemplate-name command. The command snapshot-templatedefault-snapshot-template can be used to specify the default snapshot template in the maintenance mode. The snapshot create[ templatetemplate-name] snapshot-namesnapshot-description command can be used to apply a specific template to the snapshot create feature.

Layer 2 Interface Shutdown

Layer 2 interfaces, such as ports on a switch, are shut down when the system is transitioning into maintenance mode. Layer 2 interfaces are shut down by using the shutdown l2 (maintenance template configuration mode) command in the custom template.

Custom Template

As a network administrator, you can create a template that is applied when the system goes into maintenance mode. This allows you to isolate specific protocols. All instances that need to be isolated must be explicitly specified.

You can create multiple templates with different configurations. However, only a single template is applied to the maintenance mode CLI. Once applied, the template cannot be updated. If the template has to be updated, then you must remove it, make the changes, and then re-apply.

Within a template, protocols belonging to one class are serviced in parallel. The order of priority of the protocols is the same as that of the default template.

To configure this feature, enter the maintenance mode using the system mode maintenance command and enable the feature using the templatetemplate-namecalss command.

For example if the custom template has the following protocols:

Maintenance-template foo
  router isis 100
  hsrp Et0/1 1
  hsrp Et0/1 2
  router isis 200

Maintenance-template foo class
  router isis 100
  hsrp Et0/1 1
  hsrp Et0/1 2
  router isis 200

In the above example, since isis belongs to CLASS_IGP, router isis 100 & router isis 200 will be serviced in parallel. Once acknowledgements are received for both these protocols belonging to IGP class, FHRP_CLASS clients, hsrp Et0/1 and hsrp Et0/1 2 will be serviced in parallel.

When the template-class feature is configured, the protocols follow an order based on the class they belong to when entering maintenance mode. The protocols follow the opposite order when returning to normal mode.

System Mode Maintenance Counters

GIR has counters to track the following events:

  • Number of times the switch went into maintenance.

  • Ack statistics per client.

  • Nack statistics per client

  • Number of times a particular client did not acknowledge.

  • Number of times switch over happened during GIR. GIR infra will rsync this counter to track multiple switchovers.

  • Number of times the failsafe timer expired.

  • Number of times system got out of maintenance on a timeout expiry.

Enter the show system mode maintenance counters command in privileged EXEC mode, to display the counters that are being tracked by the feature.

Enter the clear system mode maintenance counters command in privileged EXEC mode, to clear the counters supported by the feature.

The client-ack timeout value can be configured using the failsafefailsafe-timeout-value command. Failsafe time is the time that the GIR engine allows a client to transition. Each client sends a notification to the GIR engine about its transition. If it takes more than the failsafe time to transition, it is assumed to have transitioned. The failsafe timer can be configured between 5 - 180 minutes, with a default of 30 minutes.

How to Configure Graceful Insertion and Removal

Creating a Maintenance Template

Procedure

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode. Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters the global configuration mode.

Step 3

maintenance-template template_name

Example:

Device(config)# maintenance-template gir1

Creates a template with the specified name. For example, see Examples: Creating customer profile.

Step 4

router routing_protocol instance_id | shutdown l2

Example:

Device(config-maintenance-templ)# router isis 1
Device(config-maintenance-templ)# shutdown l2
Device(config-maintenance-templ)# router bgp AS-number

Creates instances that should be isolated under this template.

  • router: Configures routing protocols and associated instance id.

  • shutdown l2: Shuts down layer 2 interfaces.

Configuring System Mode Maintenance

Procedure

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode. Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters the global configuration mode.

Step 3

system mode maintenance

Example:

Device(config)# system mode maintenance

Enters system mode maintenance configuration mode.

Different sub commands to create maintenance mode parameters are configured in this mode.

Step 4

timeout timeout-value | template template-name | failsafe failsafe-timeout-value | on-reload reset-reason maintenance

Configures maintenance mode parameters.

  • timeout: Configures maintenance mode timeout period in minutes, after which the system automatically returns to normal mode. The default timeout value is never.

  • template: Configures maintenance mode using the specified template.

  • failsafe: Configures client-ack timeout value.

    If the system is going into maintenance mode, it will continue to reach maintenance.If the system is exiting from maintenance mode, then it will reach normal mode.

  • on-reload reset-reason maintenance: Configures the system such that when the system is reloaded it enters the maintenance mode. If it is not configured the system enters the normal mode when it is reloaded.

Starting and Stopping Maintenance Mode

Procedure

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode. Enter your password if prompted.

Step 2

start maintenance

Example:

Device# start maintenance

Puts the system into maintenance mode.

Step 3

stop maintenance

Example:

Device# stop maintenance

Puts the system back into normal mode.

Monitoring Graceful Insertion and Removal

Use the following commands to check the status of or display statistics generated by the GIR feature:
Table 1. Privileged EXEC Commands

Command

Purpose

show system mode [maintenance [clients | template template-name]]

Displays information about system mode.

show system snapshots [dump <snapshot-file-name>]

Displays all the snapshots present on the device.

show system snapshots [dump <snapshot-file-name>]xml

Displays all the snapshots present on the device in XML format.

show system snapshots compare snapshot-name1 snapshot-name2

Displays differences between snapshots taken before entering maintenance mode and after exiting from the maintenance mode.

Table 2. Global Configuration Commands for Troubleshooting

Command

Purpose

debug system mode maintenance

Displays information to help troubleshoot the GIR feature.

Configuration Examples for Graceful Removal and Insertion

The following examples show the sequence followed to enable GIR during a maintanence window.

Example: Configuring Maintenance Templates

Any protocol that is supported by GIR can be configured in the maintenance template.This example shows how to configure a maintenance template t1 with an ISIS routing protocol instance.

Device# configure terminal
Device(config)# maintenance-template t1
Device(config-maintenance-templ)# router isis 1


This example shows how to configure a maintenance template t1 with shutdown l2.

Device# configure terminal
Device(config)# maintenance-template t1
Device(config-maintenance-templ)# shutdown l2


This example shows how to configure a maintenance template t1 with a BGP routing protocol instance.

Device# configure terminal
Device(config)# maintenance-template t1
Device(config-maintenance-templ)# router BGP 1

Example: Configuring System Mode Maintenance

This example shows how to create a maintenance template and configure the maintenance mode parameters.

Device# configure terminal
Device(config)# system mode maintenance
Device(config-maintenance)# timeout 20
Device(config-maintenance)# failsafe 30
Device(config-maintenance)# on-reload reset-reason maintenance
Device(config-maintenance)# template t1
Device(config-maintenance)# exit


Example: Starting and Stopping the Maintenance Mode

This example shows how to put the system into maintenance mode.

Device# start maintenance


After the activity is completed, the system can be put out of maintenance mode.

This example shows how to put the system out of maintenance mode.

Device# stop maintenance


Example: Displaying System Mode Settings

This example shows how to display system mode settings using different options.

Device# show system mode
     System Mode: Normal


Device# show system mode maintenance
     System Mode: Normal
     Current Maintenance Parameters:
     Maintenance Duration: 15(mins)
     Failsafe Timeout: 30(mins)
     Maintenance Template: t1
     Reload in Maintenance: False


Device# show system mode maintenance clients
     System Mode: Normal
     Maintenance Clients:
     CLASS-EGP
     CLASS-IGP
     router isis 1: Transition None
     CLASS-MCAST
     CLASS-L2


Device# show system mode maintenance template default
     System Mode: Normal
     default maintenance-template details:
     router isis 1
     router isis 2


Device# show system mode maintenance template t1
     System Mode: Normal
     Maintenance Template t1 details:
     router isis 1


Additional References for Graceful Insertion and Removal

Related Documents

Related Topic Document Title

For complete syntax and usage information for the commands used in this chapter.

See the High Availability section of the Command Reference (Catalyst 9500 Series Switches)

Feature History for Graceful Insertion and Removal

This table provides release and related information for features explained in this module.

These features are available on all releases subsequent to the one they were introduced in, unless noted otherwise.

Release

Feature

Feature Information

Cisco IOS XE Everest 16.6.1

Graceful Insertion and Removal

Provides an alternative method to minimize network service impact caused by device maintenance. GIR leverages redundant paths in the network to smoothly remove a device under maintenance, out of service, and insert it back to service when the maintenance is complete.

Cisco IOS XE Fuji 16.9.1

Graceful Insertion and Removal (GIR) enhancements: snapshot templates

The following enhancements were introduced only on the C9500-12Q, C9500-16X, C9500-24Q, C9500-40X models of the Cisco Catalyst 9500 Series Switches:

  • Snapshot templates can be used to generate specific snapshots.

  • Protocols belonging to one class within the same custom template will be serviced in parallel.

  • System mode maintenance counters have been added to track several events such as the number of times the switch went into maintenance.

GIR Layer 2 protocol support for GIR Hot Standby Router Protocol (HSRP)

GIR is now supported for the HSRP protocol.

This is only on the C9500-12Q, C9500-16X, C9500-24Q, C9500-40X models of the Cisco Catalyst 9500 Series Switches.

GIR Layer 2 protocol support for GIR Virtual Router Redundancy Protocol (VRRP)

GIR is now supported for VRRPv3 protocol.

This is only on the C9500-12Q, C9500-16X, C9500-24Q, C9500-40X models of the Cisco Catalyst 9500 Series Switches.

Cisco IOS XE Gibraltar 16.10.1

Graceful Insertion and Removal (GIR) Support for BGP

GIR is now supported for the BGP protocol.

This is only on the C9500-12Q, C9500-16X, C9500-24Q, C9500-40X models of the Cisco Catalyst 9500 Series Switches.

Use Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to https://cfnng.cisco.com.