cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
625
Views
0
Helpful
8
Replies

HSRP - how to determine if hosts are using correct gateway IP

captainbluff
Level 1
Level 1

Hello,

I have the following scenario:

- I have 2 routers ( Cat6509 ) running HSRP on VLAN14, connected to two layer 2 switch ( Cat6509 ).

- I have no access to the hosts on VLAN14

- Obviously in order for HSRP to work, the hosts will need to use the HSRP VIP address 10.1.1.3, however I have a feeling that they are using the 10.1.1.1 and 10.1.1.2.

What is the best way to prove that the hosts are using the wrong gateway IP?
Is there a debug command that I can perform to determine the source and destination IP or MAC address?

8 Replies 8

mikegrous
Level 3
Level 3

SPAN the uplink ports. See waht the dest MAC address is. The coorelate that MAC to the ARP table to see if it is sending to .1 .2 or .3

Correct me if I am wrong but SPAN only shows source and destination ports not source and destination MAC?

If it was configured correctly, they should have 10.1.1.3 as the default gateway.

Can you post the HSRP configuration, as the output of the 'show standby ?

Also, do the clients get the default gateway information via DHCP or is it setup statically?

It's not so much an HSRP  config issue, Cisco TAC has already confirmed it is correct. I need to prove to the customer that their hosts ( which I have no access to ) are using the wrong gateway IP. I want prove this buy using outputs from the router or switch.

Well, you could span that port, and look at the L2 frame using Wireshark?

That option is currently not available, any other suggestions?

  Look at a few of the clients and do a  ipconfig /all  and see what gateway is assigned to the nic or what the dhcp server is handing out for the gateway .  It is going to send it to whatever gateway is assigned on the client.  Have a couple of the clients look, they won't do that for you ?

Glen

In this thread Joe has told us twice that he does not have access to the hosts on the vlan.

Joe

I would suggest that you run (for a little while) debug arp. Look in its output (terminal monitor or show logg depending on how logging is configured). If you see requests to resolve 10.1.1.1 or 10.1.1.2 coming from client addresses then you have evidence that the clients are not using the HSRP virtual address. If the arp requests are for 10.1.1.3 then they are using the HSRP address.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: