Looks like its more a coincidence than HSRP being a major culprit !! did you do any other changes apart from adding the HSRP commands ? Add switch / hubs etc ?
Logs clearly indicate that there was a loop in your network. Not sure if HSRP will create layer 2 loops on your network ?? analyze the mac addresses seein the loop (host flapping messages) and see if you can derive something out of it.. the biggest problem is STP issues are a lil tough to troubleshoot after it has been solved :D one has to be online to know the root cause of a STP issue.. I would advice you to re-add the HSRP commands , by taking a downtime and see if it creates an issue again..
But, there is one thing which I noted as to how the configurations were done by the network admin when the problem occured.
Currently, the access layer switches are doing the intervlan routing.
Steps carried out:
step1:The netadmin created the l2 vlan in core switches(eg:vlan100)
step2: Then, the l3 vlans were created in the access switches (eg:int vlan100) with the HSRP configurations.
Now, there is one thing which was missed by the netadmin & that was he didn't add the newly created vlan in the spanning-tree vlan priorities before proceeding towards creating l3 lan in the access layer switches.
From the logs you can see that there is a dup-address being sourced
1. %HSRP-4-DUPADDR: Duplicate address [IP_address] on [chars], sourced by [enet]
The IP address in an HSRP message received on the specified interface is the same as the IP address of the router. Another router might be configured with the same IP address. The most likely cause is a network loop or a misconfigured switch that is causing the router to see its own HSRP Hello messages.
Recommended Action: Check the configurations on all the HSRP routers to ensure that the interface IP addresses are unique. Check that no network loops exist. If port channels are configured check that the switch is correctly configured for port-channels. Enable standby use-bia so that the error message displays the interface MAC address of the sending router. This can be used to determine if the error message is caused by a misconfigured router or a network loop."
Check the mac-address 0000.0c07.ac17 using the show stand command, and you would see this is could be the virtual mac-address of the vlan1.
check the ospf network statement on the core switch/access switch and see if the address 10.68.44.0 is included? may be this should not be there....
There is one thing which was missed by the netadmin & that was he didn't add the newly created vlan in the spanning-tree vlan priorities before proceeding towards creating vlan interfaces in the access layer switches.
Don't know why he would define vlan 100 on the core switch if vlan 100 is being routed at the access level , that could be problematic as spanning tree is then included in the link up to the core , don't know why . The dup hsrp messages are caused by a temp loop condition in the net somewhere .
Don't know why he would define vlan 100 on the core switch if vlan 100 is being routed at the access level...
Ditto! I was thinking the same thing.
Your admin person doesn't seem to know what he/she is doing with regard to this at least.
Having a routed access layer that is performing the inter-vlan routing means that the vlan will not span to the core layer, since you should have L3 uplinks for L3 isolation.
All he needed to do was create the vlan in L2 at the access layer and then create the SVIs for it and apply the HSRP configs accordingly. One router will be the primary and the other the secondary. Simple. This is assuming, of course, that you have an L2 trunk (crosslinks) connecting the 2 access layer switches, otherwise HSRP will not work.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...