12-02-2008 06:29 AM - edited 03-06-2019 02:45 AM
We are running HSRP on a pair of 6509's on 24 Vlan interfaces. I have a problem that has occurred twice now and I know the quick fix, but I want to see if what the root problem is.
The switch will stop routing certain traffic. For instance, the first time it occurred, we were unable to pull up the ILO board web pages in our server VLAN. All other traffic worked fine & you could get to the said pages if you were on the same VLAN. Removing the HSRP configuration and reapplying it for that one VLAN resolved the issue. Now today we are experiencing a very similar type of issue. When using VPN into the concentrator, users can get to 192.168.1.205 server but not to the 204 or 206. Also, I can ping the 2 VLAN interfaces and the HSRP address, but not telnet to any of them.
Thoughts?
12-02-2008 12:34 PM
Hello Nathan,
are any of your HSRP groups referring to secondary ip addresses ?
Are you using different HSRP group number on each Vlan ?
This is a required choice for LAN subinterfaces of a router but actually in a multilayer switch the usage of the same group number on different SVI Vlans is supported and to be preferred for scalability reasons.
also when the problem occurs what is the output of
sh standby vlan x (x the troubled vlan)
are the two devices in agreement about who is Active or are both claiming to be the Active router ?
This could cause problems.
Hope to help
Giuseppe
12-02-2008 08:56 PM
I would check to see if HSRP failed over during this time because you may be experiencing arp problems.
For Hsrp in a redundant aggregation switch configuration, you may have to modify the arp timeout to be less or equal to mac-address aging timeout.
12-03-2008 06:13 AM
Ralph,
There has been no changes to the active HSRP router since the switches were rebooted over a year ago.
TIA,
Nathan
12-03-2008 06:12 AM
Giuseppe,
Yes, we are using different group numbers for each VLAN. The output is as follows:
A
Vlan55 - Group 55
Local state is Active, priority 200, may preempt
Preemption delayed for at least 60 secs
Hellotime 1 sec, holdtime 3 sec
Next hello sent in 0.620
Virtual IP address is 192.168.55.1 configured
Active router is local
Standby router is 192.168.55.254 expires in 2.120
Virtual mac address is 0000.0c07.ac37
2 state changes, last state change 1y19w
IP redundancy name is "hsrp-Vl55-55" (default)
B
Vlan55 - Group 55
Local state is Standby, priority 100, may preempt
Preemption delayed for at least 60 secs
Hellotime 1 sec, holdtime 3 sec
Next hello sent in 0.956
Virtual IP address is 192.168.55.1 configured
Active router is 192.168.55.253, priority 200 expires in 2.252
Standby router is local
6 state changes, last state change 1y19w
IP redundancy name is "hsrp-Vl55-55" (default)
12-03-2008 07:40 AM
the hsrp peering between the switches looks fine. do you have any logs on the switches to do with hsrp? "sh loggs". also might be useful to debug hsrp events and errors between switches. might be ip conflict as well with a devices on the network.
switch#debug sta
switch#debug standby ?
errors HSRP errors
events HSRP events
packets HSRP packets
terse Display limited range of HSRP errors, events and packets
switch#debug standby
Francisco
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: