hsrp on switch

Unanswered Question
Sep 28th, 2007

Hi,

We tried to configure HSRP on 2 3750.

hsrp works, when 1 cable is disconnected, pc continues to reach its gateway.

Our problem is that intervlan routing doesn't work.

ping to all vlan ip address form a pc on one of the vlan responds but it can't ping pc on other vlan.

SW1

interface Vlan1

ip address 192.168.2.1 255.255.255.0

standby 1 ip 192.168.2.254

standby 1 priority 102

standby 1 preempt

!

interface Vlan3

ip address 192.168.3.1 255.255.255.0

standby 1 ip 192.168.3.254

standby 1 priority 103

standby 1 preempt

SW2

interface Vlan2

ip address 192.168.2.2 255.255.255.0

standby 1 ip 192.168.2.254

standby 1 priority 202

standby 1 preempt

!

interface Vlan3

ip address 192.168.3.2 255.255.255.0

standby 1 ip 192.168.3.254

standby 1 priority 203

standby 1 preempt

Another question, about the link between the 2 switch 3750, should it be a trunk or can we let the port as it is, without switchport mode ?

What about the vtp mode on the 2 switch? one server and one client or both server?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
glen.grant Fri, 09/28/2007 - 03:09

Did you create the layer2 vlan ??? Do a show vlan and the vlans 2 and 3 should show active with ports assigned to it, if not then you did not create the layer 2 vlan. Also obviously make sure ip routing is turned on .

harinirina Fri, 09/28/2007 - 03:33

Here's the show vlan output :

2 VLAN0002 active

3 VLAN0003 active

about ip routing, it's on.

harinirina Mon, 10/01/2007 - 07:57

Hi all,

On switch, it's really vlan 2 but not vlan 1.I changed ip address when posting and didn't notice i also changed vlan 2 to 1.

Sorry Glen, i was sure i've turned on ip routing on all switches.

After verification, i noticed that i forgot turned it on on one of the switch.

About interswitch link, what switchport mode should it be ? a trunk or i don't need put any config on it ?

paul.matthews Fri, 09/28/2007 - 03:48

First off, if your post is accurate you have a mismatch in addressing and VLAN on switch 1 vlan 1 has 192.168.2.0/24, but that address is on VLAN2 in switch 2. That alone could be the cause of your problem.

The HSRP bit is a little moot with my answer to the second bit.

When joining two 3750s use the stackwise cable and stack them. You get MUCH better bandwidth, the failover seems quicker than I see HSRP failover, spanning tree is simpler...

Back to HSRP and routing.

In the first instance, forget the second switch, use just one.

From a PC on VLAN1 ping 192.168.2.1, 2.254 and 3.2 and see what happens.

Kevin Dorrell Fri, 09/28/2007 - 03:49

Which Vlan is 192.168.2.0/24? You have it on Vlan2 on one switch, and Vlan1 on the other.

Kevin Dorrell

Luxembourg

[Edit] Paul: I'll have to be quicker off the mark, won't I. ;-)

tpacjer Fri, 09/28/2007 - 10:51

SW1

interface Vlan2

ip address 192.168.2.1 255.255.255.0

no ip redirects

standby 2 ip 192.168.2.254

standby 2 priority 105 preempt

!

interface Vlan3

ip address 192.168.3.1 255.255.255.0

no ip redirects

standby 3 ip 192.168.3.254

standby 3 priority 105 preempt

SW2

interface Vlan2

ip address 192.168.2.2 255.255.255.0

no ip redirects

standby 2 ip 192.168.2.254

standby 2 priority 110 preempt

!

interface Vlan3

ip address 192.168.3.2 255.255.255.0

no ip redirects

standby 3 ip 192.168.3.254

standby 3 priority 110 preempt

also not sure if you noticed but you had vlan1 withe the 192.268.2.x

this config will get hsrp to start working on vlan 2 and 3

harinirina Tue, 10/02/2007 - 06:59

Hi,

When an interface configured with "no switchport" try to ping a pc in one vlan, there's no reply.

I also try to create new vlan without standby, got same result.

it can ping the real ip address of other vlans but not the virtual ip address, which is the gateway of pcs in vlan.

How to do if i need to reach pcs in vlans from a "no switchport" interface ?

paul.matthews Tue, 10/02/2007 - 08:02

A no switchport is a layer 3 interface, to ping through it you need to allocate another IP network to the port

int vlan2

ip address

no sh

int vlan3

ip address

no sh

int range fas 0/1 - 10

switchport

switch mode acce

switch acce vlan 2

int range fas 0/11 - 20

switchport

switch mode acce

switch acce vlan 3

will mean plug a PC in one of 1-10 with an address in that VLAN, and a PC in one of 11-20 and they should ping each other

int fas 0/21

switch acce vlan 2

no switch

and plug a PC into there, with an address in VLAN 2 and it won't work. to make it work you would need to

int fas 0/21

ip add

to set that up as an L3 interface with an address. The PC would need an address in that same subnet, and it should work.

Please note at all points, the PC must have an appropriate default gateway.

Paul.

harinirina Fri, 10/05/2007 - 01:11

Hi Paul,

Thanks for your reply.

I know all what you said but my problem is that i use hsrp on switch.

When there's no config on interfaces between 2 3750 (no "switchport mode" , no "no switchport" ), i can have :

Sw_A#sh standby

Vlan2 - Group 2

State is Active

Sw_B#sh standby

Vlan2 - Group 2

State is Init (interface down)

but i can't ping pc beyond the router ( the structure's PC1 --- Router --- 3750 --- LAN ).

And when interfaces between 2 3750 are on a trunk mode , i can ping PC1 but switchB is always active as long as there's cable connected to it.

I tried to disconnect all cables to switchB except the cable between the 2 3750, SwitchB remains active but there's no route to the outside.

Is there a way to avoid that situation ?

paul.matthews Fri, 10/05/2007 - 02:16

I think we perhaps need to go back to the start!

Can you please upload the configs of the switches, a "sh int (interface) switch" of the trunk from each end, a sh stand from each switch (and the router if you are using that in HSRP as well) and a sh ip ro from both switches and the router.

Please also add a resonable diagram (including addresses) showing what you are trying to ping from where - it does not have to be anything fancy.

Thanks,

Paul.

harinirina Fri, 10/05/2007 - 07:59

Hi Paul,

Here attached the diagram of our lab (hsrp_lab.jpg) , the config on routers and switches (conf_hsrp.txt).

We ping from a PC in vlan2 to a pc on internet. On the diagram , it's from PC VLAN 2 to PC NET.

we've tested the following case of cable failure :

- cable between 2950 and SwitchA is disconnected

- cable between 2950 and SwitchB is disconnected

- cable marked with X in the attached diagram are disconneted

we have the same show output in the 2 first cases and also when all cables are connected.

In all cases, SwitchB is active and SwitchA standby.

I attached here the detail of show output (sh_output_hsrp.txt) when there's no cable failure and when there's.

Attachment: 
Anonymous (not verified) Fri, 01/25/2008 - 14:58

Anonymous (not verified) Fri, 01/25/2008 - 14:58

Actions

This Discussion