Can anybody please help me with the hsrp issues please.
I configured HSRP on two 3750 switches with 10 vlans configured on it. I connected both the switches to a L2 switch from where the connection is terminated to Router (outside network). I tried the switchover by shutting down one of the vlan (Vlan 10) interface manually and the standby router became active and the active router went to init mode. Switch over is working fine but the main issue is pcs connected to the vlan 10 are not able to access the outside network.
I checked that ip routing is enabled on both the L3 switches.
If i am not able to access the outside network there is no point of configuring HSRP for redundancy in my network.
I have attached my network layout about how i connected switches in the attachment.
Can anybody please assist me in solving the problem
The PCs should be set up so that they use the shared "standby" address of the HSRP as default gateway, and not the address of the individual L3 switches. (Check that there is no clash: each L3 switch should have its own IP address on VLAN 10, plus a third address that is shared between them ... three addresses in all. If in doubt post the configs of you VLAN 10 interfaces.)
I assume also that each of the L3 switches has routes to the outside world via the outside router.
What routing protocol do you have between the L3 switches and the outside router? You have to consider the failover mechanism on the VLAN that connects the L3 switches to the outside router as well. How does your ouside router know which of the L3 switches has a working VLAN 10 interface?
Thanks for your reply.
Here is the configuration on both the switches
description " Extra Vlan "
ip address 10.10.5.130 255.255.255.128
standby 10 ip 10.10.5.129
standby 10 priority 120
standby 10 preempt
description " Extra Vlan"
ip address 10.10.5.131 255.255.255.128
standby 10 ip 10.10.5.129
standby 10 priority 110
standby 10 preempt
Static route is configured on both the L3 switches to the outside Router and inter-vlan routing is taking place in the outside router.
ip route 0.0.0.0 0.0.0.0 10.10.1.1
Outside Router is managed by our ISP and it was running BGP
I can reach the outside network from both the L3 switches.
I am assuming the problem could be with STP on the switches which is blocking the connection from secondary L3 switch to outside network. Do you think that can be any problem.
I'm not sure what you mean about "inter-vlan routing is taking place in the outside router". Doesn't the L3 switch do the inter-VLAN?
Could you tell me a bit more about the configuration of the 10.10.1.x network? I suppose that is a VLAN too. So do you have HSRP running on that? And how is the routing arranged for incoming packets? If the outside router has a packet for, say, 10.10.5.140, how does it know which L3 switch to send it to?
In our scenario L3 switch is not performing the intervlan routing it was configured on the outside router.
10.10.10.1 is the default gateway for both the L3 switches. 10.10.1.x is the range for Vlan 1. HSRP is running on that interface as well with the virtual IP 10.10.1.2
If the outside router needs to send the packet with ip 10.10.5.140 then it should send to the HSRP IP for vlan 10 which is 10.10.5.129 it is then determined by the HSRP to send the packet to active switch
Sorry, but I am still not there yet. If the L3 switches are carrying several VLAN interfaces, then they will do the inter-VLAN routing rather than sending the packets to the outside router. The L3 switch will see each VLAN as a "connected" network, which is more specific than the default route.
Try a show ip routing on one of the L3 switches and examine the routing table.
when I issue sh ip route on L3 switch it displays that all the vlans are directly connected. However there should be a routing protol implemented in order to allow communication from one vlan to other vlan and that routing is not been configured on the 3750 switches. It is configured on outside router.
Do u think by configuring inter vlan routing on L3 switch could solve the problem.
If the show ip route tells you that the VLANs are connected, it means that your L3 switches are already doing your inter-VLAN routing. You do not need a routing protocol to route between directly connected networks.
What you could usefully add is a routing protocol on the VLAN that connects between your outside router and your L3 switches. That would tell the outside router which of the L3 switches has connections to the VLAN in question.
For example, most of the time VLAN 10 is accessible from either L3 switch. But if you shut down the SVI on one of the switches, then only the other one can pass traffic from the outside to VLAN 10. The router needs to know this somehow.
So, how is the routing arranged on your outside router?
Can I just ask if the original poster has HSRP configured on just the inside interfaces or is it configured on both the inside and outside interfaces?
If HSRP is only on the inside interfaces, would the fact that a L2 switch is introduced between the L3 switches and the outside router not cause ARP issues, which might account for the connectivity problems being experienced?
If it was me, I would be looking for at least a /29 subnet from the ISP and configure HSRP both towards my insode hosts and the outside ISP router.
I have a simular Testnetwork.
What i have is a layer 2 trunk between the Layer 3 switches!
Ip Routing is activated!
Traffic from Vlan 5 to Vlan 10 won't go over the Router, it will be routed at layer 3 switches.
Seems to work fine, only that failover takes to long (may be a problem with my L2 2960G).
(I am working on that).
See my configs!
I have a PC @ Access 10.1.5.201 and one @ router 100.100.100.199.
They can iperf each other.
Let me know if this helps you