12-29-2008 06:19 PM - edited 03-06-2019 03:10 AM
can someone with extensive HSRP experience tell me what this message means?
R1 F1/0 ip address 192.168.1.2/24
R2 E0/1 ip address is 192.168.1.3/24
HSRP ip address is 192.168.1.1
Linux host ip address is 192.168.1.13
Everything is connected to the same switch with VLAN 10.
config on R1 F1/0:
interface FastEthernet1/0
ip address 192.168.1.2 255.255.255.0
load-interval 30
duplex auto
speed auto
standby 10 ip 192.168.1.1
standby 10 priority 110
standby 10 preempt
standby 10 authentication cisco123
standby 10 name group1
Config on R2 E0/1:
interface Ethernet0/1
ip address 192.168.1.3 255.255.255.0
half-duplex
standby 10 ip 192.168.1.1
standby 10 priority 105
standby 10 preempt
standby 10 authentication cisco123
standby 10 name group1
R1#sh stand b
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa1/0 10 110 P Active local 192.168.1.3 192.168.1.1
R1#
R2#sh stand b
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Et0/1 10 105 P Standby 192.168.1.2 local 192.168.1.1
R2#
Everything appears to be fine. However, tcpdump on the Linux host reveals the following:
[root@LinuxES-lab2 root]# tcpdump -nnn -i eth0 net 224.0.0.2 | grep unknown
tcpdump: listening on eth0
21:52:05.800864 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
21:52:33.909982 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
21:53:00.741247 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
21:53:28.682443 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
21:53:57.985459 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
21:54:26.639632 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
21:54:54.208061 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-unknown (3) 16: state=initial group=2 [|hsrp] [tos 0xc0] [ttl 1]
22:02:32.895394 192.168.1.2.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=active group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
22:02:32.995694 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=standby group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
22:02:35.895322 192.168.1.2.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=active group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
22:02:35.996345 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=standby group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
As you can see R2 is sending out HSRP0-unknown. What does this mean? I see this
in both my lab and production environment. Is this something I should be concerned
with? Can someone explain this?
12-29-2008 09:04 PM
David
While I do not have a good explanation about what would cause this I believe that it is not something to worry about. The messages (and the show standby output) indicate that the configured HSRP is working as expected. I am not clear why R2 would generate these messages. But I notice that they are the initiation messages for group 2. I do not see anything that would cause the router to do anything about group 2, or why R2 would do it and not R1.
I am also puzzled about your output. If your command included this:
net 224.0.0.2 | grep unknown
then how do you get this;
22:02:32.895394 192.168.1.2.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=active group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
22:02:32.995694 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=standby group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
22:02:35.895322 192.168.1.2.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=active group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
22:02:35.996345 192.168.1.3.1985 > 224.0.0.2.1985: HSRPv0-hello 20: state=standby group=10 addr=192.168.1.1 [tos 0xc0] [ttl 1]
since it does not include the string unknown?
HTH
Rick
12-30-2008 03:57 AM
"The messages (and the show standby output) indicate that the configured HSRP is working as expected."
How can you be sure? Just because it shows
that everything looks correct does not mean
that there are not issues. I see random
packetloss on my network which may or may not
berelated to this but I need to rule this out
as a potential cause.
To anwer your 2nd question, I have two
different tcpdump "tcpdump -nnn -i eth0 net 224.0.0.2" and "tcpdump -nnn -i eth0 net 224.0.0.2 | grep unknown" and combine the
output.
12-30-2008 05:42 AM
Hi
As Rick already stated, it seems that there is a config like "standby 2
Please share the output of "show running interface Ethernet0/1", taken from R2.
/Mikael
12-30-2008 06:55 AM
R2#sh run int e0/1
Building configuration...
Current configuration : 212 bytes
!
interface Ethernet0/1
ip address 192.168.1.3 255.255.255.0
half-duplex
standby 10 ip 192.168.1.3
standby 10 priority 105
standby 10 preempt
standby 10 authentication cisco123
standby 10 name group1
end
R2#
12-30-2008 07:26 AM
I agree with everyone else. It seems as though it's still looking for an old group 2. Maybe you should delete the HSRP config from R2 and recreate. Do you have any other HSRP configs on any of the other interfaces on this router?
HTH,
John
12-30-2008 07:44 AM
"Do you have any other HSRP configs on any of the other interfaces on this router?"
NO
I performed the following on R2:
interface E0/1
no stand 10
no ip address
shut
(wait for 60 seconds)
ip address 192.168.1.3 255.255.255.0
standby 10 ip 192.168.1.3
standby 10 priority 105
standby 10 preempt
standby 10 authentication cisco123
standby 10 name group1
no shut
still has the same issue. Reboot ther router
several times with the same result.
12-30-2008 07:48 AM
Are you connected to a layer 3 switch that has hsrp enabled on it? Tcpdump is getting it from somewhere. What happens if you debug hsrp on the router? Do you see the same error messages?
John
12-30-2008 07:53 AM
everything is connected to a lay-2 3750 switch.
The switch is operating only in L2 mode. No L3.
tcpdump on the linux is getting it from the
router because this is multicast address.
Therefore, the linux server is definitely
seeing it from R2.
"debug stand events" and "debug stand packets"
shows me exactly what I am seeing on the Linux
box, minus the "HSRPv0-unknown"
12-31-2008 06:12 AM
more tips anyone? Thanks.
12-31-2008 06:23 AM
Can you post your debugs from the router?
John
12-31-2008 07:06 AM
R2#sh debug
HSRP:
HSRP Events debugging is on
HSRP Packets debugging is on
R2#term mon
R2#
Dec 31 15:04:28.514: HSRP: Et0/1 Grp 10 Hello in 192.168.1.2 Active pri 110 vIP 192.168.1.1
R2#
Dec 31 15:04:29.532: HSRP: Et0/1 Grp 10 Hello out 192.168.1.3 Standby pri 105 vIP 192.168.1.1
R2#
Dec 31 15:04:31.511: HSRP: Et0/1 Grp 10 Hello in 192.168.1.2 Active pri 110 vIP 192.168.1.1
R2#
Dec 31 15:04:32.533: HSRP: Et0/1 Grp 10 Hello out 192.168.1.3 Standby pri 105 vIP 192.168.1.1
R2#
Dec 31 15:04:34.512: HSRP: Et0/1 Grp 10 Hello in 192.168.1.2 Active pri 110 vIP 192.168.1.1
R2#
Dec 31 15:04:35.534: HSRP: Et0/1 Grp 10 Hello out 192.168.1.3 Standby pri 105 vIP 192.168.1.1
Dec 31 15:04:35.878: HSRP: Et0/1 Redirect adv out, Passive, active 0 passive 1
R2#
Dec 31 15:04:37.513: HSRP: Et0/1 Grp 10 Hello in 192.168.1.2 Active pri 110 vIP 192.168.1.1
R2#
Dec 31 15:04:38.535: HSRP: Et0/1 Grp 10 Hello out 192.168.1.3 Standby pri 105 vIP 192.168.1.1
R2#
Dec 31 15:04:40.510: HSRP: Et0/1 Grp 10 Hello in 192.168.1.2 Active pri 110 vIP 192.168.1.1
R2#
Dec 31 15:04:41.536: HSRP: Et0/1 Grp 10 Hello out 192.168.1.3 Standby pri 105 vIP 192.168.1.1
R2#
Dec 31 15:04:43.511: HSRP: Et0/1 Grp 10 Hello in 192.168.1.2 Active pri 110 vIP 192.168.1.1
R2#
12-31-2008 07:20 AM
Hello David,
what if you add a PC with ethereal or wireshark on another port in the same VLan to compare the results of packet capture ?
Because there is no trace of standby 2 on R2 a third party could help to understand who's right here.
Hope to help
Giuseppe
12-31-2008 07:39 AM
Giuseppe,
There are only three devices connected to a
stand-alone L2 switch, R1, R2 and the Linux
server. The switch is a 3550 switch and a
single VLAN 1.
I do not understand of adding another PC with
ethereal. I can accomplish the same on a linux
server using ethereal as well. I can
connect another Linux server and run capture multiple capture/tcpdump
12-31-2008 09:23 AM
Hello David,
the suggestion is that adding a third point of view.
you can add a linux box as well I would use a different software just to have some differences
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: