Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

HSRP on VLAN

I would like to have redudancy solution as show in the attached diagram.

- 2 Multilayer Cisco Switch 6500

- Access 3560 switches connected dual to primary and secondary.

- Both the core switches are connected router

I had configured HSRP on vlans lets say vlan 10 and vlan 20 on both switches

CORE A

interface vlan 10

description IT

ip address 10.1.10.254 255.255.255.0

standby 10 ip 10.1.10.1 255.255.255.0

standby 10 priority 150

standby 10 preempt standby timers 5 15

interface vlan 20

description FINANCE

ip address 10.1.20.254 255.255.255.0

standby 20 ip 10.1.20.1 255.255.255.0

standby 20 priority 100 (default)

standby 20 preempt standby timers 5 15

CORE B

interface vlan 10

description IT

ip address 10.1.10.253 255.255.255.0

standby 10 ip 10.1.10.1 255.255.255.0

standby 10 priority 150

standby 10 preempt standby timers 5 15

interface vlan 20

description FINANCE

ip address 10.1.20.253 255.255.255.0

standby 20 ip 10.1.20.1 255.255.255.0

standby 20 priority 100 (default)

standby 20 preempt standby timers 5 15

Workstations gateways are configured with stanbdby.

For testing the redudancy I shutdown the vlan 10 interface to make sure Core B works perfect.

CORE B was able to come up in active mode however after doing that I was not able to ping any IP address 10.1.10.1,10.1.10.254 and 10.1.10.253. from the workstation.

Here is the output of sh standby brief

CORE A

Interface               Grp                 Prio               P                    State             Active addr                 Standby addr               Group addr

Vl10                      10                  150               P                       Init                unknown                   unknown                    10.1.10.1

CORE B

Interface               Grp                 Prio               P                    State             Active addr                 Standby addr                Group addr

Vl10                     10                  100                P                       Active            Local                      unknown                        10.1.10.1

I dont what's wrong and is there any misconfiguration on the CORE switches

Please help to resolve this issue.

Much Appreciated

More information can be provided on demand

19 REPLIES
Silver

Re: HSRP on VLAN

It may be your spanning tree topology isn't complementing your HSRP config.  Perhaps spanning tree is blocking the path to the Core B switch from the workstation.


Evaluate each interface in your topology to determine what interfaces are forwarding and what interfaces are blocking.  It would be best if the HSRP primary is the spanning tree root for that VLAN.  The Core B switch should have the second lowest priority and the access switches should follow.  Something like this:


Core A - priority 0

Core B - priority 4096

Access A - priority 8192

Access B - priority 12288


Here's a good link:


http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094797.shtml



Chris

Community Member

Re: HSRP on VLAN

Hi Cristopher,

Thanks for your reply.

Please have a look to my config. I am annexing configuration of Core A and Core B

and let me know what I have to add to in my ruuning config

Thanks for your help and support

Community Member

Re: HSRP on VLAN

Now I have got something strange.

A worstation in vlan 10 having following IP config

ip: 10.1.10.2

sm: 255.255.255.0

gw: 10.1.10.1

After shuting the vlan 10 I can ping the default gateway from the worstation. But I am unable to ping to anything in the network.

Please help.

Community Member

Re: HSRP on VLAN

Please I am really in need of urgent help of our cisco experts. Since we have go live test for switch failover. and this issue not yet reolved

Much appreciated.

Silver

Re: HSRP on VLAN

Samir,



Core Core-A switch should have a spanning tree priority of 0 (zero) if it's the HSRP active router.


spanning-tree vlan 1-27 priority 0


Ensure your access switches have priorities greater than the Core-B switch; greater than 8192.



Chris

Community Member

Re: HSRP on VLAN

Cristopher,

thank you for your reply

Currently CORE B switch has priority 16384. Do I have to make any change here

And other access switches will have same priority

Please clarify. Thanks

Community Member

Re: HSRP on VLAN

I have changed the spanning tree on CORE A to zero but still I cannot ping from the worksation.

Core A : sh spanning-tree

VLAN010
  Spanning tree enabled protocol ieee
  Root ID    Priority    0
             Address     001a.e3f5.44c8
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    0
             Address     001a.e3f5.44c8
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

CORE B sh spanning-tree

VLAN010
  Spanning tree enabled protocol ieee
  Root ID    Priority    0
             Address     001a.e3f5.44c8
             Cost        4
             Port        151 (GigabitEthernet2/23)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     001a.e3f5.54c8
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Access Switch : sh spnaning-tree

VLAN010
  Spanning tree enabled protocol ieee
  Root ID    Priority    0
             Address     001a.e3f5.44c8
             Cost        4
             Port        25 (GigabitEthernet0/25)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32968  (priority 32768 sys-id-ext 200)
             Address     0018.baf2.0500
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Thanks

Community Member

Re: HSRP on VLAN

Hi Cristopher,

I'll appreciate your immediate response.              

Silver

Re: HSRP on VLAN

Ensure you have a valid switched path between the workstation and the active HSRP interface by evaluating the spanning tree state of each interface in the path.

From all the switches involved do you have a MAC address entry for the HSRP and physical MAC addresses of the gateways?


Chris

Community Member

Re: HSRP on VLAN

Sorry Chris. I didn't get your question

Community Member

Re: HSRP on VLAN

Please can someone help. Its becoming very urgent for me

Community Member

Re: HSRP on VLAN

Your HSRP config looks fine.

Have you double checked your config on the access switches? What vlan is the switchport the workstation is connected to?

Configure an SVI on the access switch within vlan 10 and see if your workstation can ping that?

Do a show arp on the core switch and see if it has an entry in there for the workstation's MAC.

Community Member

Re: HSRP on VLAN

The worsktation on the access switch is in vlan 10

.To make sure I clear arp-cache and send icmp from the worktations by sending ping packets but mac-address was recorded on the core B.

Community Member

Re: HSRP on VLAN

Please see the attached running config for access switch. FYI

1412
Views
3
Helpful
19
Replies
CreatePlease to create content