cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2596
Views
0
Helpful
10
Replies

Issue in HSRP- Both routers are becoming Active for few Subinterface

mirzaakberali
Level 1
Level 1

Hello Experts,

Currently I am facing issue in my HSRP as it shows Active for few interface on both Routers.

RouterA -  2800 series - MPLS link- BGP protocol

Router B- 2600 series- ATM Link- Eigrp Protocol

As per my knowledge I have configured all the setting in HSRP properly on both routers.

But i see the following out put on both routers.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Router 1 is having MPLS link with BGP running
Router_A_IPConnect_router#sh standby brie
                     P indicates configured to preempt.
                     |
Interface   Grp  Pri P State   Active          Standby         Virtual IP
Gi0/0.1     1    105 P Active  local           10.114.254.253  10.114.254.1
Gi0/0.3     3    105 P Active  local           10.114.3.253    10.114.3.1
Gi0/0.50    50   105 P Active  local           10.114.50.253   10.114.50.1
Gi0/0.101   101  105 P Active  local           10.114.101.253  10.114.101.1
Gi0/0.102   102  105 P Active  local           10.114.10.253   10.114.10.1
Gi0/0.103   103  105 P Active  local           10.114.12.253   10.114.12.1
Gi0/0.202   202  105 P Active  local           10.114.202.253  10.114.202.1
Gi0/0.230   230  105 P Active  local           unknown         10.230.25.1
Gi0/0.252   252  105 P Active  local           10.114.252.253  10.114.252.1
Gi0/0.253   253  105 P Active  local           unknown         10.114.253.1


Router_A_IPConnect_Router #sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(15)XY1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Tue 12-Feb-08 00:37 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

LocA_IPConnect_Router uptime is 4 weeks, 4 days, 22 hours, 19 minutes
System returned to ROM by reload at 14:44:41 UAE Sun Oct 18 2009
System restarted at 13:32:00 UAE Sun Oct 18 2009
System image file is "flash:c2800nm-advsecurityk9-mz.124-15.XY1.bin"

SUB Interface config

sh run int gi 0/0.230
Building configuration...

Current configuration : 270 bytes
!
interface GigabitEthernet0/0.230
description Old VLAN gateway
encapsulation dot1Q 230
ip address 10.230.25.252 255.255.255.0
standby 230 ip 10.230.25.1
standby 230 priority 105
standby 230 preempt
standby 230 name OLDVLAN
standby 230 track 1 decrement 10
end

Router_AIPConnect#sh run int gi 0/0.253
Building configuration...

Current configuration : 270 bytes
!
interface GigabitEthernet0/0.253
description Wireless-AP-Mngmnt
encapsulation dot1Q 253
ip address 10.114.253.252 255.255.255.0
standby 253 ip 10.114.253.1
standby 253 priority 105
standby 253 preempt
standby 253 name WAP
standby 253 track 1 decrement 10
end


NSC-H1-D1-C2950C24#sh flash:

Directory of flash:/

    2  -rwx     2980731   Mar 01 1993 00:03:40  c2950-i6q4l2-mz.121-19.EA1c.bin
    3  -rwx         270   Jan 01 1970 00:01:36  env_vars
    4  -rwx        4936   Nov 14 2009 06:21:56  vlan.dat
    5  -rwx        5521   Oct 18 2009 10:02:55  config.text
    6  -rwx          47   Oct 18 2009 10:02:55  private-config.text
    7  -rwx         110   Mar 01 1993 00:01:57  info
    8  drwx        2432   Mar 01 1993 00:05:19  html
   85  -rwx         110   Mar 01 1993 00:05:23  info.ver

7741440 bytes total (1749504 bytes free)

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Router 2 is having ATM link with Eigrp protocol


Router_B_ATM-Router#sh standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active addr     Standby addr    Group addr    
Et0/0.1     1   100  P Standby  10.114.254.252  local           10.114.254.1  
Et0/0.3     3   100  P Standby  10.114.3.252    local           10.114.3.1    
Et0/0.50    50  100  P Standby  10.114.50.252   local           10.114.50.1   
Et0/0.101   101 100  P Standby  10.114.101.252  local           10.114.101.1  
Et0/0.102   102 100  P Standby  10.114.10.252   local           10.114.10.1   
Et0/0.103   103 100  P Standby  10.114.12.252   local           10.114.12.1   
Et0/0.202   202 100  P Standby  10.114.202.252  local           10.114.202.1  
Et0/0.230   230 100  P Active   local           unknown         10.230.25.1   
Et0/0.252   252 100  P Standby  10.114.252.252  local           10.114.252.1  
Et0/0.253   253 100  P Active   local           unknown         10.114.253.1

interface Ethernet0/0.230
description Old VLAN gateway
encapsulation dot1Q 230
ip address 10.230.25.253 255.255.255.0
no ip redirects
standby 230 ip 10.230.25.1
standby 230 priority 100
standby 230 preempt
standby 230 name OLDVLAN

interface Ethernet0/0.253
description Wireless-AP-Mngmnt
encapsulation dot1Q 253
ip address 10.114.253.253 255.255.255.0
no ip redirects
standby 253 ip 10.114.253.1
standby 253 priority 100
standby 253 preempt
standby 253 name WAP

NSC-H1-D2-C2950G-12#sh run int fastEthernet 0/10
Building configuration...

Current configuration : 120 bytes
!
interface FastEthernet0/10
description ** ATM ROUTER **
switchport trunk native vlan 10
switchport mode trunk
end

NSC-H1-D2-C2950G-12#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 12-May-06 17:19 by myl
Image text-base: 0x80010000, data-base: 0x8056A000

ROM: Bootstrap program is C2950 boot loader

NSC-H1-D2-C2950G-12 uptime is 4 weeks, 4 days, 23 hours, 44 minutes
System returned to ROM by power-on
System restarted at 13:51:00 UAE Sun Oct 18 2009
System image file is "flash:/c2950-i6q4l2-mz.121-22.EA8.bin"

IMP NOTE:-

I have seen today this SPT logs on the Switch ---  connected to the RouterB


NSC-H1-D2-C2950G-1

.Nov 20 20:16:13.340 UAE: %SPANTREE_VLAN_SW-2-MAX_INSTANCE: Platform limit of 64
STP instances exceeded. No instance created for VLAN306 (port Fa0/10).

Please help me to resolve this issue.

Regards,

Mirza.

.

10 Replies 10

Jon Marshall
Hall of Fame
Hall of Fame

Mirza

Can you post a "sh interface trunk fa0/10" and a "sh interface trunk " for the other interface on the switch that connects to the other router.


Also can you post a "sh vlan brief" from the same switch.

Jon

mirzaakberali
Level 1
Level 1

Hello Jon,

Switch STP error:

Nov 20 20:16:13.340 UAE: %SPANTREE_VLAN_SW-2-MAX_INSTANCE: Platform limit of 64
STP instances exceeded. No instance created for VLAN306 (port Fa0/10).

Please look at the Output below:-

" IS this  SPT error occuring due to switch not able to handle STP instances more than 64 vlans and is it affecting my HSRP abnomality on both Routers?

NSC-H1-D2-C2950G-12#sh interface trunk     

Port        Mode         Encapsulation  Status        Native vlan
Fa0/10      on           802.1q         trunking      10
Fa0/12      on           802.1q         trunking      1

Port      Vlans allowed on trunk
Fa0/10      1-4094
Fa0/12      1-4094

Port        Vlans allowed and active in management domain
Fa0/10      1,3,50,101-103,201-202,230,252-254
Fa0/12      1,3,50,101-103,201-202,230,252-254

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/10      1,3,50,101-103,201-202,230,252-254
Fa0/12      1,3,50,101-103,201-202,230,252-254
NSC-H1-D2-C2950G-12#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
Router_B_ATM_Router
                 Fas 0/10           166           R       2610      Eth 0/0.1
NSC-H1-D1-C2950C24
                 Fas 0/12           124          S I      WS-C2950C-Fas 0/24

NSC-H1-D1-C2950C24#sh interfaces trunk

Port        Mode         Encapsulation  Status        Native vlan
Fa0/19      on           802.1q         trunking      1
Fa0/23      on           802.1q         trunking      1
Fa0/24      on           802.1q         trunking      1

Port      Vlans allowed on trunk
Fa0/19      1-4094
Fa0/23      1-4094
Fa0/24      1-4094

Port        Vlans allowed and active in management domain
Fa0/19      1,3,50,101-103,201-202,230,252-254
Fa0/23      1,3,50,101-103,201-202,230,252-254
Fa0/24      1,3,50,101-103,201-202,230,252-254

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/19      1,3,50,101-103,201-202,230,252-254
Fa0/23      1,3,50,101-103,201-202,230,252-254
Fa0/24      1,3,50,101-103,201-202,230,252-254
NSC-H1-D1-C2950C24#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
Router_A_IPConnect
_router   Fas 0/23           156         R S I     Cisco 2851Gig 0/0.1
NSC-H1-D2-C2950G-Fas 0/24           173          S I      WS-C2950G-Fas 0/12


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
NSC-H1-D2-C2950G-12#sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/1, Gi0/2
2    HQ-servers                       active   
3    HQ_Users1                        active    Fa0/1
4    RH_Users1                        active   
5    RH_Users2                        active   
6    RH_Printers                      active   

7    HQ_Users2                        active   
8    HQ_Printers                      active   
9    RH_Users3                        active   
10   Test_Lab                         active   
11   HQ_Static                        active   
12   HQ_USERS3                        active   
13   RH_USERS4                        active   
14   RH_Wireless1                     active   
15   HQ_Monitoring                    active   
16   HQ_Wireless1                     active   
17   PACS                             active   
18   IPT_HQ_Phone                     active   
19   IPT_HQW_Wireless                 active   
20   RH_Wireless_GF_Mgmt              active   
         
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
21   RH_Wireless_FF_Mgmt              active   
26   IPT_HQ_Server                    active   
50   RH_PACS                          active   
101  RH_CAB01_OPD_VLAN101             active    Fa0/2, Fa0/3, Fa0/5, Fa0/6
                                                Fa0/7, Fa0/8, Fa0/9
102  RH_CAB02_ITSRVR_VLAN102          active   
103  RH_CAB03_DCROOM_VLAN103          active   
104  RH_CAB04_WRD4_VLAN104            active   
105  RH_CAB05_XRAY_VLAN105            active   
106  RH_CAB06_PHYSIO_VLAN106          active   
107  RH_CAB07_MAINOT_VLAN107          active   
108  RH_CAB08_WRD10_VLAN108           active   
109  RH_CAB09_OAC_VLAN109             active   
110  RH_CAB10_DGFC_VLAN110            active   
111  RH_CAB11_HEALTHC_VLAN111         active   
112  RH_CAB12_VLILLAN8_VLAN112        active   
113  RH_CAB13_ENGG_VLAN113            active   
114  RH_CAB14_MRI_VLAN114             active   
115  RH_CAB15_AMBLNC_VLAN115          active   
116  RH_CAB16_MRL_VLAN116             active   
117  RH_CAB17_MRL_VLAN117             active   
118  RH_CAB18_HCOPLEX_VLAN118         active   
119  RH_CAB19_AWMGZIN_VLAN119         active   
         
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
120  RH_CAB20_ENGCOMPX_VLAN120        active   
121  RH_CAB21_LABH_VLAN121            active   
122  RH_CAB22_LABB_VLAN122            active   
123  RH_CAB23_VILLAN16_VLAN123        active   
124  RH_CAB24_VILLAN5_VLAN124         active   
125  RH_CAB25_ICDL_VLAN125            active   
126  RH_CAB26_VILLASE15_VLAN126       active   
200  PIX_IN                           active   
201  test1                            active   
202  Peribit                          active   
203  VPN                              active   
205  IZone                            active   
206  IZoneDHA                         active   
222  HQ-SERVERS-NEW-VLAN              active   
250  Wan_Routers                      active   
252  RHstatic&lab                     active    Fa0/11
254  Management_RH                    active   
301  HQ_CAB01_oldITSRVR_VLAN301       active   
302  HQ_CAB02_PRSNLDPT_VLAN302        active   
303  HQ_CAB03_MNRECP_VLAN303          active   
304  HQ_CAB04_DG_VLAN304              active   
305  HQ_CAB05_ITLADYPR_VLAN305        active   
306  HQ_CAB06_ITSRVR_VLAN306          active   
         
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
307  HQ_CAB07_NEWHQ1ST_VLAN307        active   
308  HQ_CAB08_NEWHQ1ST_VLAN308        active   
309  HQ_CAB09_NEWHQ1ST_VLAN309        active   
310  HQ_CAB10_ITTESTLAB_VLAN310       active   
311  HQ_CAB11_ITTESTop_VLAN311        active   
312  HQ_user1_Backup1_VLAN312         active   
313  HQ_user2_Backup2_VLAN313         active   
314  HQ_user3_Backup3_VLAN314         active   
315  HQ_user4_Backup4_VLAN315         active   
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

NSC-H1-D1-C2950C24#sh vtp status   ( Connected to RouterA)
VTP Version                     : 2
Configuration Revision          : 322
Maximum VLANs supported locally : 250
Number of existing VLANs        : 16
VTP Operating Mode              : Server
VTP Domain Name                 : DOHMS
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xF7 0x82 0x5E 0x16 0x9F 0x51 0x6C 0x50
Configuration last modified by 10.114.254.2 at 11-22-09 07:30:15
Local updater ID is 10.114.254.2 on interface Vl1 (lowest numbered VLAN interface found)


NSC-H1-D2-C2950G-12#sh vtp status  ( Connected to Router B)
VTP Version                     : 2
Configuration Revision          : 322
Maximum VLANs supported locally : 250
Number of existing VLANs        : 16
VTP Operating Mode              : Client
VTP Domain Name                 : DOHMS
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xF7 0x82 0x5E 0x16 0x9F 0x51 0x6C 0x50
Configuration last modified by 10.114.254.2 at 11-22-09 07:30:15

Hello Mirza,

it is likely related.

bridiging loops can form on vlans where STP is not running on two switches.

As Jon has already suggested the key point is controlling what vlans are permitted on trunk ports.

VTP pruning doesn't help in lowering the number of running STP instances.

On a C2950 with 24 or 48 ports you don't need 64 vlans for sure

I see in your show interface trunk that all possible vlans are permitted on trunk ports.

you need to carefully use the command

switchport trunk allowed vlan

changes can be done using

switchport trunk allowed vlan add xx

and with

switchport trunk allowed vlan remove yyy

all this in interface config mode on IOS based switches.

all this to minimize number of STP instances running on device.

And this should be done on both sides or each uplink trunk

Hope to help

Giuseppe

Hello Giuseppe,

Thank you for your Post.

I wanted to undrstand from you that after allowing only required vlans and block other vlans in the trunk port will RESOLVE my HSRP issue.

Did you find any problem in HSRP config or in other details.

Please let me know incase if u need any more info to help me on this issue.

Thanks,

Mirza.

Hello Mirza,

you can see HSRP in your client vlans as an example of user traffic. if STP is not working well, HSRP suffers problems like yours.

There is no guarantee but experience says your HSRP groups should improve after change.

When using manually configured vlan lists you need to take care of allowing the required vlans.

By the way if you look at the list of vlans in your C2950 you can see that only a few vlans have ports on it.

Be aware that trunk ports are not listed in sh vlan output.

Hope to help

Giuseppe

glen.grant
VIP Alumni
VIP Alumni

  I think Guiseppe is on the right track here .  Also I would find out why the 2950 has so many vlans even defined on it .  I see that it is in client mode . Is this 2950 attached to any other devices else besides those 2 routers ?  If not you should think about  rebuilding and deleting all the vlans that are not needed .  Is there a reason to have it in client mode ?  If not change it to transparent mode  and delete all vlans except the ones you need .  The 2950 can only support  64 vlans using pvst  and will turn off spanning tree for anything above that .   Was this switch moved here from somewhere else where you were running client -server  ?   If so then you should delete any vlans that are not needed as the switch will allocate a spanning tree instance for configured vlan .    I see no issue with the hsrp setup itself.

Hello Glen & Guissepe,

The current switch which you are seeing is connected from a switch using a up link connection and this switch is running in Server mode.

CDP nei status of the switch is which is server mode.

SC-H1-D1-C2950C24#            sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
NadAl_Shiba_IPConFas 0/23           173         R S I     Cisco 2851Gig 0/0.1

NSC-H1-D2-C2950G-Fas 0/24           122          S I      WS-C2950G-Fas 0/12

As u r suggesting to rmove all the  un necessary vlans, shall i create all the required vlan and put them in Transaparent mode.

I have tried using other hardware like 2960 , 2950G to eliminate the hardware isssue but still its not resolved.

But just to let u know that i am using the same setup for about rest 10 locaions and there is no issue with HSRP!

Some abonormaility happening some where which i am still unable to locate.

Thanks,

Mirza.

Hello Experts,

Can you please look into my Below Query .

Thanks,

Mirza.

Hello Mirza,

to remove unnecessary STP instances is enough to configure the list of used vlans on uplinks with

switchport mode trunk allowed vlan

the issue is not with VTP but on the number of STP instances

example:

this is taken from an access layer switch in one of our campus networks

sh vtp status | inc VLANs
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 31
SW-RM-SXR000-F-C4-2>sh spanning-tree sum | inc vlans
17 vlans                    16         0        0        113        129

despite the fact that 31 vlans are defined in VTP database only 17 STP instances are running as a result of appropriate configuration of uplinks

sh int te1/1 trunk

Port        Mode             Encapsulation  Status        Native vlan
Te1/1       on               802.1q         trunking      1

Port        Vlans allowed on trunk
Te1/1       1-9,20-23,100,200,225,615

Port        Vlans allowed and active in management domain
Te1/1       1-9,20-23,100,200,225,615

Port        Vlans in spanning tree forwarding state and not pruned
Te1/1       1-3,5-6,8,20-21,200,615

Hope to help

Giuseppe

mirzaakberali wrote:

Hello Glen & Guissepe,

The current switch which you are seeing is connected from a switch using a up link connection and this switch is running in Server mode.

CDP nei status of the switch is which is server mode.

SC-H1-D1-C2950C24#            sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
NadAl_Shiba_IPConFas 0/23           173         R S I     Cisco 2851Gig 0/0.1

NSC-H1-D2-C2950G-Fas 0/24           122          S I      WS-C2950G-Fas 0/12

As u r suggesting to rmove all the  un necessary vlans, shall i create all the required vlan and put them in Transaparent mode.

I have tried using other hardware like 2960 , 2950G to eliminate the hardware isssue but still its not resolved.

But just to let u know that i am using the same setup for about rest 10 locaions and there is no issue with HSRP!

Some abonormaility happening some where which i am still unable to locate.

Thanks,

Mirza.

Mirza

You don't need to create the vlans again, you can just change to VTP transparent mode and the existing vlan will be saved in the config and then simply remove the ones from the config you are not using.

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: