11-22-2009 12:22 PM - edited 03-06-2019 08:41 AM
Hello Experts,
Currently I am facing issue in my HSRP as it shows Active for few interface on both Routers.
RouterA - 2800 series - MPLS link- BGP protocol
Router B- 2600 series- ATM Link- Eigrp Protocol
As per my knowledge I have configured all the setting in HSRP properly on both routers.
But i see the following out put on both routers.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Router 1 is having MPLS link with BGP running
Router_A_IPConnect_router#sh standby brie
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Gi0/0.1 1 105 P Active local 10.114.254.253 10.114.254.1
Gi0/0.3 3 105 P Active local 10.114.3.253 10.114.3.1
Gi0/0.50 50 105 P Active local 10.114.50.253 10.114.50.1
Gi0/0.101 101 105 P Active local 10.114.101.253 10.114.101.1
Gi0/0.102 102 105 P Active local 10.114.10.253 10.114.10.1
Gi0/0.103 103 105 P Active local 10.114.12.253 10.114.12.1
Gi0/0.202 202 105 P Active local 10.114.202.253 10.114.202.1
Gi0/0.230 230 105 P Active local unknown 10.230.25.1
Gi0/0.252 252 105 P Active local 10.114.252.253 10.114.252.1
Gi0/0.253 253 105 P Active local unknown 10.114.253.1
Router_A_IPConnect_Router #sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(15)XY1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Tue 12-Feb-08 00:37 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
LocA_IPConnect_Router uptime is 4 weeks, 4 days, 22 hours, 19 minutes
System returned to ROM by reload at 14:44:41 UAE Sun Oct 18 2009
System restarted at 13:32:00 UAE Sun Oct 18 2009
System image file is "flash:c2800nm-advsecurityk9-mz.124-15.XY1.bin"
SUB Interface config
sh run int gi 0/0.230
Building configuration...
Current configuration : 270 bytes
!
interface GigabitEthernet0/0.230
description Old VLAN gateway
encapsulation dot1Q 230
ip address 10.230.25.252 255.255.255.0
standby 230 ip 10.230.25.1
standby 230 priority 105
standby 230 preempt
standby 230 name OLDVLAN
standby 230 track 1 decrement 10
end
Router_AIPConnect#sh run int gi 0/0.253
Building configuration...
Current configuration : 270 bytes
!
interface GigabitEthernet0/0.253
description Wireless-AP-Mngmnt
encapsulation dot1Q 253
ip address 10.114.253.252 255.255.255.0
standby 253 ip 10.114.253.1
standby 253 priority 105
standby 253 preempt
standby 253 name WAP
standby 253 track 1 decrement 10
end
NSC-H1-D1-C2950C24#sh flash:
Directory of flash:/
2 -rwx 2980731 Mar 01 1993 00:03:40 c2950-i6q4l2-mz.121-19.EA1c.bin
3 -rwx 270 Jan 01 1970 00:01:36 env_vars
4 -rwx 4936 Nov 14 2009 06:21:56 vlan.dat
5 -rwx 5521 Oct 18 2009 10:02:55 config.text
6 -rwx 47 Oct 18 2009 10:02:55 private-config.text
7 -rwx 110 Mar 01 1993 00:01:57 info
8 drwx 2432 Mar 01 1993 00:05:19 html
85 -rwx 110 Mar 01 1993 00:05:23 info.ver
7741440 bytes total (1749504 bytes free)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Router 2 is having ATM link with Eigrp protocol
Router_B_ATM-Router#sh standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active addr Standby addr Group addr
Et0/0.1 1 100 P Standby 10.114.254.252 local 10.114.254.1
Et0/0.3 3 100 P Standby 10.114.3.252 local 10.114.3.1
Et0/0.50 50 100 P Standby 10.114.50.252 local 10.114.50.1
Et0/0.101 101 100 P Standby 10.114.101.252 local 10.114.101.1
Et0/0.102 102 100 P Standby 10.114.10.252 local 10.114.10.1
Et0/0.103 103 100 P Standby 10.114.12.252 local 10.114.12.1
Et0/0.202 202 100 P Standby 10.114.202.252 local 10.114.202.1
Et0/0.230 230 100 P Active local unknown 10.230.25.1
Et0/0.252 252 100 P Standby 10.114.252.252 local 10.114.252.1
Et0/0.253 253 100 P Active local unknown 10.114.253.1
interface Ethernet0/0.230
description Old VLAN gateway
encapsulation dot1Q 230
ip address 10.230.25.253 255.255.255.0
no ip redirects
standby 230 ip 10.230.25.1
standby 230 priority 100
standby 230 preempt
standby 230 name OLDVLAN
interface Ethernet0/0.253
description Wireless-AP-Mngmnt
encapsulation dot1Q 253
ip address 10.114.253.253 255.255.255.0
no ip redirects
standby 253 ip 10.114.253.1
standby 253 priority 100
standby 253 preempt
standby 253 name WAP
NSC-H1-D2-C2950G-12#sh run int fastEthernet 0/10
Building configuration...
Current configuration : 120 bytes
!
interface FastEthernet0/10
description ** ATM ROUTER **
switchport trunk native vlan 10
switchport mode trunk
end
NSC-H1-D2-C2950G-12#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 12-May-06 17:19 by myl
Image text-base: 0x80010000, data-base: 0x8056A000
ROM: Bootstrap program is C2950 boot loader
NSC-H1-D2-C2950G-12 uptime is 4 weeks, 4 days, 23 hours, 44 minutes
System returned to ROM by power-on
System restarted at 13:51:00 UAE Sun Oct 18 2009
System image file is "flash:/c2950-i6q4l2-mz.121-22.EA8.bin"
IMP NOTE:-
I have seen today this SPT logs on the Switch --- connected to the RouterB
NSC-H1-D2-C2950G-1
.Nov 20 20:16:13.340 UAE: %SPANTREE_VLAN_SW-2-MAX_INSTANCE: Platform limit of 64
STP instances exceeded. No instance created for VLAN306 (port Fa0/10).
Please help me to resolve this issue.
Regards,
Mirza.
.
11-22-2009 01:32 PM
Mirza
Can you post a "sh interface trunk fa0/10" and a "sh interface trunk
Also can you post a "sh vlan brief" from the same switch.
Jon
11-22-2009 09:12 PM
Hello Jon,
Switch STP error:
Nov 20 20:16:13.340 UAE: %SPANTREE_VLAN_SW-2-MAX_INSTANCE: Platform limit of 64
STP instances exceeded. No instance created for VLAN306 (port Fa0/10).
Please look at the Output below:-
" IS this SPT error occuring due to switch not able to handle STP instances more than 64 vlans and is it affecting my HSRP abnomality on both Routers?
NSC-H1-D2-C2950G-12#sh interface trunk
Port Mode Encapsulation Status Native vlan
Fa0/10 on 802.1q trunking 10
Fa0/12 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/10 1-4094
Fa0/12 1-4094
Port Vlans allowed and active in management domain
Fa0/10 1,3,50,101-103,201-202,230,252-254
Fa0/12 1,3,50,101-103,201-202,230,252-254
Port Vlans in spanning tree forwarding state and not pruned
Fa0/10 1,3,50,101-103,201-202,230,252-254
Fa0/12 1,3,50,101-103,201-202,230,252-254
NSC-H1-D2-C2950G-12#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Router_B_ATM_Router
Fas 0/10 166 R 2610 Eth 0/0.1
NSC-H1-D1-C2950C24
Fas 0/12 124 S I WS-C2950C-Fas 0/24
NSC-H1-D1-C2950C24#sh interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/19 on 802.1q trunking 1
Fa0/23 on 802.1q trunking 1
Fa0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/19 1-4094
Fa0/23 1-4094
Fa0/24 1-4094
Port Vlans allowed and active in management domain
Fa0/19 1,3,50,101-103,201-202,230,252-254
Fa0/23 1,3,50,101-103,201-202,230,252-254
Fa0/24 1,3,50,101-103,201-202,230,252-254
Port Vlans in spanning tree forwarding state and not pruned
Fa0/19 1,3,50,101-103,201-202,230,252-254
Fa0/23 1,3,50,101-103,201-202,230,252-254
Fa0/24 1,3,50,101-103,201-202,230,252-254
NSC-H1-D1-C2950C24#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Router_A_IPConnect
_router Fas 0/23 156 R S I Cisco 2851Gig 0/0.1
NSC-H1-D2-C2950G-Fas 0/24 173 S I WS-C2950G-Fas 0/12
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
NSC-H1-D2-C2950G-12#sh vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/1, Gi0/2
2 HQ-servers active
3 HQ_Users1 active Fa0/1
4 RH_Users1 active
5 RH_Users2 active
6 RH_Printers active
7 HQ_Users2 active
8 HQ_Printers active
9 RH_Users3 active
10 Test_Lab active
11 HQ_Static active
12 HQ_USERS3 active
13 RH_USERS4 active
14 RH_Wireless1 active
15 HQ_Monitoring active
16 HQ_Wireless1 active
17 PACS active
18 IPT_HQ_Phone active
19 IPT_HQW_Wireless active
20 RH_Wireless_GF_Mgmt active
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
21 RH_Wireless_FF_Mgmt active
26 IPT_HQ_Server active
50 RH_PACS active
101 RH_CAB01_OPD_VLAN101 active Fa0/2, Fa0/3, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9
102 RH_CAB02_ITSRVR_VLAN102 active
103 RH_CAB03_DCROOM_VLAN103 active
104 RH_CAB04_WRD4_VLAN104 active
105 RH_CAB05_XRAY_VLAN105 active
106 RH_CAB06_PHYSIO_VLAN106 active
107 RH_CAB07_MAINOT_VLAN107 active
108 RH_CAB08_WRD10_VLAN108 active
109 RH_CAB09_OAC_VLAN109 active
110 RH_CAB10_DGFC_VLAN110 active
111 RH_CAB11_HEALTHC_VLAN111 active
112 RH_CAB12_VLILLAN8_VLAN112 active
113 RH_CAB13_ENGG_VLAN113 active
114 RH_CAB14_MRI_VLAN114 active
115 RH_CAB15_AMBLNC_VLAN115 active
116 RH_CAB16_MRL_VLAN116 active
117 RH_CAB17_MRL_VLAN117 active
118 RH_CAB18_HCOPLEX_VLAN118 active
119 RH_CAB19_AWMGZIN_VLAN119 active
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
120 RH_CAB20_ENGCOMPX_VLAN120 active
121 RH_CAB21_LABH_VLAN121 active
122 RH_CAB22_LABB_VLAN122 active
123 RH_CAB23_VILLAN16_VLAN123 active
124 RH_CAB24_VILLAN5_VLAN124 active
125 RH_CAB25_ICDL_VLAN125 active
126 RH_CAB26_VILLASE15_VLAN126 active
200 PIX_IN active
201 test1 active
202 Peribit active
203 VPN active
205 IZone active
206 IZoneDHA active
222 HQ-SERVERS-NEW-VLAN active
250 Wan_Routers active
252 RHstatic&lab active Fa0/11
254 Management_RH active
301 HQ_CAB01_oldITSRVR_VLAN301 active
302 HQ_CAB02_PRSNLDPT_VLAN302 active
303 HQ_CAB03_MNRECP_VLAN303 active
304 HQ_CAB04_DG_VLAN304 active
305 HQ_CAB05_ITLADYPR_VLAN305 active
306 HQ_CAB06_ITSRVR_VLAN306 active
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
307 HQ_CAB07_NEWHQ1ST_VLAN307 active
308 HQ_CAB08_NEWHQ1ST_VLAN308 active
309 HQ_CAB09_NEWHQ1ST_VLAN309 active
310 HQ_CAB10_ITTESTLAB_VLAN310 active
311 HQ_CAB11_ITTESTop_VLAN311 active
312 HQ_user1_Backup1_VLAN312 active
313 HQ_user2_Backup2_VLAN313 active
314 HQ_user3_Backup3_VLAN314 active
315 HQ_user4_Backup4_VLAN315 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
NSC-H1-D1-C2950C24#sh vtp status ( Connected to RouterA)
VTP Version : 2
Configuration Revision : 322
Maximum VLANs supported locally : 250
Number of existing VLANs : 16
VTP Operating Mode : Server
VTP Domain Name : DOHMS
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xF7 0x82 0x5E 0x16 0x9F 0x51 0x6C 0x50
Configuration last modified by 10.114.254.2 at 11-22-09 07:30:15
Local updater ID is 10.114.254.2 on interface Vl1 (lowest numbered VLAN interface found)
NSC-H1-D2-C2950G-12#sh vtp status ( Connected to Router B)
VTP Version : 2
Configuration Revision : 322
Maximum VLANs supported locally : 250
Number of existing VLANs : 16
VTP Operating Mode : Client
VTP Domain Name : DOHMS
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xF7 0x82 0x5E 0x16 0x9F 0x51 0x6C 0x50
Configuration last modified by 10.114.254.2 at 11-22-09 07:30:15
11-22-2009 11:34 PM
Hello Mirza,
it is likely related.
bridiging loops can form on vlans where STP is not running on two switches.
As Jon has already suggested the key point is controlling what vlans are permitted on trunk ports.
VTP pruning doesn't help in lowering the number of running STP instances.
On a C2950 with 24 or 48 ports you don't need 64 vlans for sure
I see in your show interface trunk that all possible vlans are permitted on trunk ports.
you need to carefully use the command
switchport trunk allowed vlan
changes can be done using
switchport trunk allowed vlan add xx
and with
switchport trunk allowed vlan remove yyy
all this in interface config mode on IOS based switches.
all this to minimize number of STP instances running on device.
And this should be done on both sides or each uplink trunk
Hope to help
Giuseppe
11-23-2009 12:46 AM
Hello Giuseppe,
Thank you for your Post.
I wanted to undrstand from you that after allowing only required vlans and block other vlans in the trunk port will RESOLVE my HSRP issue.
Did you find any problem in HSRP config or in other details.
Please let me know incase if u need any more info to help me on this issue.
Thanks,
Mirza.
11-23-2009 02:50 AM
Hello Mirza,
you can see HSRP in your client vlans as an example of user traffic. if STP is not working well, HSRP suffers problems like yours.
There is no guarantee but experience says your HSRP groups should improve after change.
When using manually configured vlan lists you need to take care of allowing the required vlans.
By the way if you look at the list of vlans in your C2950 you can see that only a few vlans have ports on it.
Be aware that trunk ports are not listed in sh vlan output.
Hope to help
Giuseppe
11-23-2009 05:58 AM
I think Guiseppe is on the right track here . Also I would find out why the 2950 has so many vlans even defined on it . I see that it is in client mode . Is this 2950 attached to any other devices else besides those 2 routers ? If not you should think about rebuilding and deleting all the vlans that are not needed . Is there a reason to have it in client mode ? If not change it to transparent mode and delete all vlans except the ones you need . The 2950 can only support 64 vlans using pvst and will turn off spanning tree for anything above that . Was this switch moved here from somewhere else where you were running client -server ? If so then you should delete any vlans that are not needed as the switch will allocate a spanning tree instance for configured vlan . I see no issue with the hsrp setup itself.
11-23-2009 10:10 AM
Hello Glen & Guissepe,
The current switch which you are seeing is connected from a switch using a up link connection and this switch is running in Server mode.
CDP nei status of the switch is which is server mode.
SC-H1-D1-C2950C24# sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
NadAl_Shiba_IPConFas 0/23 173 R S I Cisco 2851Gig 0/0.1
NSC-H1-D2-C2950G-Fas 0/24 122 S I WS-C2950G-Fas 0/12
As u r suggesting to rmove all the un necessary vlans, shall i create all the required vlan and put them in Transaparent mode.
I have tried using other hardware like 2960 , 2950G to eliminate the hardware isssue but still its not resolved.
But just to let u know that i am using the same setup for about rest 10 locaions and there is no issue with HSRP!
Some abonormaility happening some where which i am still unable to locate.
Thanks,
Mirza.
11-24-2009 12:59 AM
Hello Experts,
Can you please look into my Below Query .
Thanks,
Mirza.
11-24-2009 06:13 AM
Hello Mirza,
to remove unnecessary STP instances is enough to configure the list of used vlans on uplinks with
switchport mode trunk allowed vlan
the issue is not with VTP but on the number of STP instances
example:
this is taken from an access layer switch in one of our campus networks
sh vtp status | inc VLANs
Maximum VLANs supported locally : 1005
Number of existing VLANs : 31
SW-RM-SXR000-F-C4-2>sh spanning-tree sum | inc vlans
17 vlans 16 0 0 113 129
despite the fact that 31 vlans are defined in VTP database only 17 STP instances are running as a result of appropriate configuration of uplinks
sh int te1/1 trunk
Port Mode Encapsulation Status Native vlan
Te1/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Te1/1 1-9,20-23,100,200,225,615
Port Vlans allowed and active in management domain
Te1/1 1-9,20-23,100,200,225,615
Port Vlans in spanning tree forwarding state and not pruned
Te1/1 1-3,5-6,8,20-21,200,615
Hope to help
Giuseppe
11-24-2009 03:11 AM
mirzaakberali wrote:
Hello Glen & Guissepe,
The current switch which you are seeing is connected from a switch using a up link connection and this switch is running in Server mode.
CDP nei status of the switch is which is server mode.
SC-H1-D1-C2950C24# sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - PhoneDevice ID Local Intrfce Holdtme Capability Platform Port ID
NadAl_Shiba_IPConFas 0/23 173 R S I Cisco 2851Gig 0/0.1NSC-H1-D2-C2950G-Fas 0/24 122 S I WS-C2950G-Fas 0/12
As u r suggesting to rmove all the un necessary vlans, shall i create all the required vlan and put them in Transaparent mode.
I have tried using other hardware like 2960 , 2950G to eliminate the hardware isssue but still its not resolved.
But just to let u know that i am using the same setup for about rest 10 locaions and there is no issue with HSRP!
Some abonormaility happening some where which i am still unable to locate.
Thanks,
Mirza.
Mirza
You don't need to create the vlans again, you can just change to VTP transparent mode and the existing vlan will be saved in the config and then simply remove the ones from the config you are not using.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: