Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1026
Views
0
Helpful
6
Replies

Problem with HSRP

s-durando
Level 1
Level 1

‎04-12-2006 08:27 AM - edited ‎03-03-2019 02:47 AM

I have two routers in LAN with HSRP configured between them. Below the configuration:

interface FastEthernet0/0

ip address 163.x.x.5 255.255.255.0

ip nat inside

speed 100

full-duplex

standby 10 ip 163.x.112.1

standby 10 priority 120

standby 10 preempt

standby 10 track ATM2/IMA1.1 60

bridge-group 1

...

!

interface FastEthernet0/0

description Collegamento LAN CED

ip address 163.x.x.6 255.255.255.0

speed 100

full-duplex

standby 10 ip 163.157.112.1

standby 10 priority 80

standby 10 preempt

!

Each router is able to ping the FastEthernet of the other one and sees the other router as CDP neighbor, but the HSRP doesn't work:

TRNR02#sh stand brie

P indicates configured to preempt.

|

Interface Grp Prio P State Active Standby Virtual IP

Fa0/0 10 120 P Active local unknown 163.157.112.1

Below logs on 'active' router:

pr 12 16:00:33.153: HSRP: Fa0/0 API active virtual address 163.157.112.2 not found

Apr 12 16:00:33.793: HSRP: Fa0/0 Grp 10 Redundancy group hsrp-Fa0/0-10 state Active -> Active

Apr 12 16:00:33.793: HSRP: Fa0/0 Grp 10 Hello in 163.157.112.6 Active pri 80 vIP 163.157.112.1

Apr 12 16:00:33.793: HSRP: Fa0/0 Grp 10 Active: h/Hello rcvd from lower pri Active router (80/163.157.112.6)

Apr 12 16:00:33.961: HSRP: Fa0/0 API active virtual address 163.157.112.5 not found

Apr 12 16:00:34.101: HSRP: To1/0 API active virtual address 163.157.216.2 not found

Apr 12 16:00:36.794: HSRP: Fa0/0 Grp 10 Redundancy group hsrp-Fa0/0-10 state Active -> Active

Apr 12 16:00:36.794: HSRP: Fa0/0 Grp 10 Hello in 163.157.112.6 Active pri 80 vIP 163.157.112.1

Apr 12 16:00:36.794: HSRP: Fa0/0 Grp 10 Active: h/Hello rcvd from lower pri Active router (80/163.157.112.6)

Below logs on 'passive' router:

Apr 12 16:00:48.799: HSRP: Fa0/0 API arp proto filter, 0000.0c07.ac0a is active vMAC for grp 10 - filter

Apr 12 16:00:48.803: HSRP: Use HSRP virtual address 163.157.112.1 as ICMP src

Apr 12 16:00:51.796: HSRP: Fa0/0 API arp proto filter, 0000.0c07.ac0a is active vMAC for grp 10 - filter

Apr 12 16:00:51.800: HSRP: Use HSRP virtual address 163.157.112.1 as ICMP src

Apr 12 16:00:51.804: HSRP: Fa0/0 API arp proto filter, 0000.0c07.ac0a is active vMAC for grp 10 - filter

Could someone help me please?

Thanks

Stefano

Labels:
0 Helpful
6 Replies 6

dabels
Level 1
Level 1

‎04-12-2006 09:56 AM

can you issue a show standby command so we can see what the status is. also if you do a debug standby it may give you more info as well.

0 Helpful

Roberto Salazar
Level 8
Level 8

‎04-12-2006 10:06 AM

TRNR02 does not know the other router and yet it is able to ping the other HSRP? How about the other router is it active too? If so, HSRP hello is not getting from one router to the other at least the "standby_ HSRP is not getting the HSRP from the "active" . What is between the routers?

0 Helpful

s-durando
Level 1
Level 1
In response to Roberto Salazar

‎04-13-2006 12:16 AM

Each router is able to ping the other one.

Both routers believe to be the active one and the standby is unknown.

I'm investigating with customer about which kind of switch is placed between routers.

The 'debug standby packet' shows that hello packets are sent from both sides but only the active side receives hello from the standby router.

From logs I posted in the first message it seems that in the standby router there is some kind of filtering on hello packets:

Apr 12 16:00:48.799: HSRP: Fa0/0 API arp proto filter, 0000.0c07.ac0a is active vMAC for grp 10 - filter

Apr 12 16:00:48.803: HSRP: Use HSRP virtual address 163.157.112.1 as ICMP src

I can't understand the meaning of 'API arp proto filter'.

Thanks

Stefano

0 Helpful

Roberto Salazar
Level 8
Level 8
In response to s-durando

‎04-13-2006 08:07 AM

The hello packet are sent every certain period of time, the interval escapes me at this moment but the fact that both routers are seeing itself as active HSRP means that the Hello packet is lost in the device between them. The hsrp hello packet is sent to a multicast address 224.0.0.x (again the actual address escapes me at this time.) The easiest to test this out is to replace that device between the fa0/0 of both rotuers with a hub and see if the HSRP status gets corrected - one active HSRP per group and one standby.

0 Helpful

mahmoodmkl
Level 7
Level 7

‎04-12-2006 08:43 PM

Hi

can u plz explain me why u have used the bridge-group command any particular reason for doing it.

Thanks

Mahmood

0 Helpful

s-durando
Level 1
Level 1
In response to mahmoodmkl

‎04-13-2006 12:18 AM

bridge group command is used because there is a Token Ring interface and dlsw configured on router

Thanks

Stefano

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents