Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1775
Views
0
Helpful
7
Replies

Is my HSRP config correct?

robinwenham
Level 1
Level 1

‎04-27-2010 04:16 AM - edited ‎03-06-2019 10:49 AM

Hi, I'd appreciate some checking of my HSRP configuration please.  We have two 1841 routers between two LANs.  The 1841s are in HSRP configuration.  There is no NAT running.  The routers are the default gateway for one of the networks (identified as "industrial" in the configs, Fe0/1), but are not the default gateway in the "commercial" LAN (Fe0/0) - this is done by the WAN link provider's routers which have the necessary routes from commercial to industrial in them.  The routers provide routing between the two subnets.

The problem that we are seeing is that the traffic between the two networks sometimes dies for 30 - 60 seconds, causing process problems.  We have not yet identified what causes it, but it seems from the tracing that has been done that the problem lies in the routing somewhere, not on the individual LANs.

In addition a show standby command shows that the active / standby status of the two interfaces changes at different times, which suggests that at least part of the time one of the interfaces is in standby while the other is active.  I'm not sure whether this is desireable but I don't expect that it will be.

FastEthernet0/0 - Group 11
  State is Active
    3 state changes, last state change 5d03h
  Virtual IP address is 172.16.232.145
  Active virtual MAC address is 0000.0c07.ac0b
    Local virtual MAC address is 0000.0c07.ac0b (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.284 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.232.147, priority 95 (expires in 8.916 sec)
  Priority 105 (configured 105)
  IP redundancy name is "Commercial" (cfgd)
FastEthernet0/1 - Group 12
  State is Active
    10 state changes, last state change 1w0d
  Virtual IP address is 172.32.10.254
  Active virtual MAC address is 0000.0c07.ac0c
    Local virtual MAC address is 0000.0c07.ac0c (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.284 secs
  Preemption enabled
  Active router is local
  Standby router is 172.32.10.253, priority 95 (expires in 8.916 sec)
  Priority 105 (configured 105)
  IP redundancy name is "Industrial" (cfgd)

Any thoughts - comments?

Thanks in advance.

Router 1:

hostname RTR_01
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
no ip dhcp use vrf connected
!
interface FastEthernet0/0
description Commercial_Network
ip address 172.16.232.146 255.255.254.0
speed 100
full-duplex
standby 11 ip 172.16.232.145
standby 11 priority 105
standby 11 preempt
standby 11 name Commercial
!
interface FastEthernet0/1
description Industrial_Network
ip address 172.32.10.252 255.255.255.0
speed 100
full-duplex
standby 12 ip 172.32.10.254
standby 12 priority 105
standby 12 preempt
standby 12 name Industrial
!
ip default-gateway 172.16.232.254
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.232.254
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
control-plane

Router 2:

hostname RTR_02
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
no ip dhcp use vrf connected
!
username <deleted>
!
interface FastEthernet0/0
description Commercial_Network
ip address 172.16.232.147 255.255.254.0
speed 100
full-duplex
standby 11 ip 172.16.232.145
standby 11 priority 95
standby 11 preempt
standby 11 name Commercial
!
interface FastEthernet0/1
description Industrial_Network
ip address 172.32.10.253 255.255.255.0
speed 100
full-duplex
standby 12 ip 172.32.10.254
standby 12 priority 95
standby 12 preempt
standby 12 name Industrial
!
ip default-gateway 172.16.232.254
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.232.254
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
control-plane

Labels:
0 Helpful
7 Replies 7

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎04-27-2010 04:41 AM

Configuration for HSRP seems to be ok what is the show logging output display for HSRP logs in routers.

Ganesh.H

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎04-27-2010 04:44 AM

Hello Robin,

HSRP configuration is correct

you may want to add tracking of core facing interface, the one where IP next-hop 172.16.232.254

of default static route resides

with preemption as soon as both routers are on the Vlan the one with the highest priority takes the role of Active router for the HSRP group

an out of service of 30 to 60 seconds leads also to possible STP recalculations

you can use

sh spanning-tree vlan X detail to see when STP recalculated last time, where X is the vlan of interest

Hope to help

Giuseppe

0 Helpful

francisco_1
Level 7
Level 7

‎04-27-2010 04:46 AM

Your HSRP looks stable based on the last state change. doesnt look like the problem is related to hsrp between your routers. can you post the logs?

FastEthernet0/0 - Group 11
  State is Active
    3 state changes, last state change 5d03h
 

FastEthernet0/1 - Group 12
  State is Active
    10 state changes, last state change 1w0d
 

Francisco

0 Helpful

robinwenham
Level 1
Level 1
In response to francisco_1

‎04-27-2010 04:57 AM

Hi, thanks for the speedy responses.  sho log gives the following.  Note that the dates are a bit strange - we didn't have the correct date programmed in - I've just put in today's date and time.

Router 1:

Syslog logging: enabled (1 messages dropped, 2 messages rate-limited,
                0 flushes, 0 overruns, xml disabled, filtering disabled)
    Console logging: level debugging, 32 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging: level warnings, 8 messages logged, xml disabled,
                    filtering disabled
    Logging Exception size (4096 bytes)
    Count and timestamp logging messages: disabled

No active filter modules.

    Trap logging: level informational, 36 message lines logged

Log Buffer (51200 bytes):

*Aug 14 14:47:07.503: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Aug 14 14:47:10.503: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Aug 14 14:47:13.503: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Apr 12 11:00:16.629: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Apr 12 15:24:29.348: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Apr 14 14:03:36.249: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Apr 20 08:36:41.022: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Apr 22 08:21:12.067: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

Router 2:

Syslog logging: enabled (1 messages dropped, 2 messages rate-limited,
                0 flushes, 0 overruns, xml disabled, filtering disabled)
    Console logging: level debugging, 17 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging: level warnings, 2 messages logged, xml disabled,
                    filtering disabled
    Logging Exception size (4096 bytes)
    Count and timestamp logging messages: disabled

No active filter modules.

    Trap logging: level informational, 21 message lines logged

Log Buffer (51200 bytes):

*Aug 14 14:51:33.515: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Aug 14 14:51:36.515: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

Is that what you were looking for?

Thanks

0 Helpful

francisco_1
Level 7
Level 7
In response to robinwenham

‎04-27-2010 05:17 AM

Logs doesnt give any indication the issue you are experiencing is related to HSRP on the routers.

What Can you also check the logs on the switch the routers are conencted to?

As Giuseppe sugegsted, it might be a looping issue.

Francisco.

0 Helpful

robinwenham
Level 1
Level 1
In response to francisco_1

‎04-27-2010 08:25 AM

Hi, I have increased the logging level to catch all events (there do not seem to be too many so I don't think that it will fill the buffer) but it will be few days before we see anything in there, so I'll post back if we do.

@Giuseppe - I did have tracking turned on but not sure if it helped - can you show me the recommended commands for this?

Another question - it appears that we have spanning-tree portfast enabled on the ports where the routers are connected - will this get in the way of hsrp?

Thanks for your help so far.

0 Helpful

Kevin Dorrell
Level 10
Level 10
In response to robinwenham

‎04-27-2010 10:54 AM

The portfast should be fine, and should not interfere with the HSRP.  In fact, as long as you are not connecting other switches or bridges to the port, the portfast is OK.

This default route to 172.16.232.254 ... is it the same in both routers?  You refer to "WAN link providers routers".  Could you explain a bit further?  Are they in HSRP as well?  Did you configure them, or did the provider?

Kevin Dorrell

Luxembourg

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card