Hi Roger,

Sorry did not work. As soon as I put in the line as mentoined:

RT1:

interface FastEthernet0/0.1

description vlan1 Management

encapsulation dot1Q 1 native

ip address 172.16.1.3 255.255.255.0 secondary

ip address 192.168.1.250 255.255.255.0

ip helper-address 172.16.20.11

ip helper-address 172.16.20.13

ip helper-address 172.16.100.2

standby 1 ip

standby 1 ip 172.16.1.1 secondary

standby 1 authentication vlan1

standby 2 ip 192.168.1.249

standby 2 authentication vlan2

RT2:

interface FastEthernet1/0.1

description vlan1 Management

encapsulation dot1Q 1 native

ip address 172.16.1.2 255.255.255.0 secondary

ip address 192.168.1.251 255.255.255.0

ip helper-address 172.16.20.11

ip helper-address 172.16.20.13

ip helper-address 172.16.100.2

standby 1 ip

standby 1 ip 172.16.1.1 secondary

standby 1 authentication vlan1

standby 2 ip 192.168.1.249

standby 2 authentication vlan2

The secondary stanby did not work and the vlan went down.

Rgds.

Indra

Having both routers secondary is not going to help much. One has to be the primary and the other secondary. So only configure the secondary on one of the routers, not both.

You might also want to do the odds & evens thing where you alternate making the odd & even numbered vlans primary and secondary. This way you implement a kind of load balancing. If RT1 was the primary for all VLANS RT1 would perform all the routing for the VLANS and RT2 will basically sit idling doing nothing until a failure occurs on RT1.

cheers

mips

Hi Mips,

Yes my goal is to have some loadbalancing. How can I do that? Do ya have a config??

Rgds.

Indra

Hi

What is the IOS release you are using? Normally that

should work. See also the command reference:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipras_r/1rfip2.htm#1096178

Regards

Roger

Hi Roger,

on RT1:

Cisco Internetwork Operating System Software

IOS (tm) C1700 Software (C1700-K9SV3Y7-M), Version 12.2(8)YJ, EARLY DEPLOYMENT R

ELEASE SOFTWARE (fc1)

Synched to technology version 12.2(8.5)T

TAC Support: http://www.cisco.com/tac

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Fri 21-Jun-02 09:28 by ealyon

Image text-base: 0x80008124, data-base: 0x81204FD0

ROM: System Bootstrap, Version 12.2(4r)XL, RELEASE SOFTWARE (fc1)

ROM: C1700 Software (C1700-K9SV3Y7-M), Version 12.2(8)YJ, EARLY DEPLOYMENT RELEA

SE SOFTWARE (fc1)

rts-rt1 uptime is 2 days, 20 hours, 12 minutes

System returned to ROM by reload

System image file is "flash:c1700-k9sv3y7-mz.122-8.YJ.bin"

cisco 1760 (MPC860P) processor (revision 0x200) with 58983K/6553K bytes of memor

y.

Processor board ID FOC07070R86 (2380503851), with hardware revision BB67

MPC860P processor: part number 5, mask 2

Bridging software.

X.25 software, Version 3.0.0.

Basic Rate ISDN software, Version 1.1.

1 FastEthernet/IEEE 802.3 interface(s)

2 ISDN Basic Rate interface(s)

4 Voice NT or TE BRI interface(s)

32K bytes of non-volatile configuration memory.

32768K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

On RT2:

Cisco Internetwork Operating System Software

IOS (tm) 3600 Software (C3620-IS-M), Version 12.2(8)T, RELEASE SOFTWARE (fc2)

TAC Support: http://www.cisco.com/tac

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Thu 14-Feb-02 09:53 by ccai

Image text-base: 0x60008930, data-base: 0x614AC000

ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (f

c1)

rts-rt2 uptime is 3 days, 21 hours, 43 minutes

System returned to ROM by reload

System image file is "flash:c3620-is-mz.122-8.T.bin"

cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory.

Processor board ID 24398842

R4700 CPU at 80Mhz, Implementation 33, Rev 1.0

Bridging software.

X.25 software, Version 3.0.0.

Basic Rate ISDN software, Version 1.1.

1 FastEthernet/IEEE 802.3 interface(s)

8 ISDN Basic Rate interface(s)

DRAM configuration is 32 bits wide with parity disabled.

29K bytes of non-volatile configuration memory.

32768K bytes of processor board System flash (Read/Write)

4096K bytes of processor board PCMCIA Slot0 flash (Read/Write)

Configuration register is 0x212

Both routers are on 12.28.

Rgds.

Indra

Hi

IOS should be o.k. but i guess that's not what you want to achive....according to a posting above you like to loadbalance over the two routers...so that not only one is used?

If that's you goal use just two standby groups with

one active on each router. You also need the hosts to give different Default Gateways.

R1:

interface FastEthernet0/0.1

description vlan1 Management

encapsulation dot1Q 1 native

ip address 192.168.1.250 255.255.255.0

standby 1 ip 192.168.1.248

standby 1 authentication vlan1

standby 1 priority 100

standby 1 preempt

standby 2 ip 192.168.1.249

standby 2 authentication vlan2

standby 2 priority 200

standby 2 preempt

R2:

interface FastEthernet0/0.1

description vlan1 Management

encapsulation dot1Q 1 native

ip address 192.168.1.251 255.255.255.0

standby 1 ip 192.168.1.248

standby 1 authentication vlan1

standby 1 priority 200

standby 1 preempt

standby 2 ip 192.168.1.249

standby 2 authentication vlan2

standby 2 priority 100

standby 2 preempt

Is that what you want? I still do not see why you have secondary ip on the interface.

Regards

Roger

Roger,

I need the sconday cuase I have tow subnets runnen on Vlan1. Can we do this trick also with the other Vlan interfaces?

Rds.

Indra

Hi

So the loadbalancing works for you primary network?

Do you need that also for the secondary?

It looks like you also having other vlans on this interfaces. You sure can do this for the other vlans

to get the loadbalancing.

If you have anyway vlans i would create a new vlan for the network you got as secondary on that router.

Regards

Roger

Roger,

Ok I've done some cli work and come up with the next config:

RT1:

interface FastEthernet0/0.1

description vlan1 Management

encapsulation dot1Q 1 native

ip address 192.168.1.250 255.255.255.0

ip helper-address 172.16.20.11

ip helper-address 172.16.20.13

ip helper-address 172.16.100.2

standby 2 ip 192.168.1.248

standby 2 preempt

standby 2 authentication vlan2

standby 3 ip 192.168.1.249

standby 3 priority 200

standby 3 preempt

standby 3 authentication vlan3

!

interface FastEthernet0/0.2

description vlan2 Management

encapsulation dot1Q 2

ip address 172.16.1.3 255.255.255.0

ip helper-address 172.16.20.11

ip helper-address 172.16.20.13

ip helper-address 172.16.100.2

standby 1 ip 172.16.1.1

standby 1 preempt

standby 1 authentication vlan1

standby 4 ip 172.16.1.254

standby 4 priority 200

standby 4 preempt

standby 4 authentication vlan4

!

interface FastEthernet0/0.10

description vlan10 Server VLAN

encapsulation dot1Q 10

ip address 172.16.10.2 255.255.255.0

ip helper-address 172.16.20.3

ip helper-address 172.16.20.4

standby 10 ip 172.16.10.1

standby 10 preempt

standby 10 authentication vlan10

standby 11 ip 172.16.10.254

standby 11 priority 200

standby 11 preempt

standby 11 authentication vlan11

!interface FastEthernet0/0.20

description vlan20 RTS USERS & SERVERS

encapsulation dot1Q 20

ip address 172.16.20.253 255.255.255.0

ip helper-address 172.16.10.12

ip helper-address 192.168.1.1

ip helper-address 192.168.1.2

ip helper-address 192.168.1.4

ip helper-address 192.168.1.8

ip helper-address 192.168.1.202

standby 20 ip 172.16.20.1

standby 20 preempt

standby 20 authentication vlan20

standby 21 ip 172.16.20.252

standby 21 priority 200

standby 21 preempt

standby 21 authentication vlan21

!

interface FastEthernet0/0.30

description vlan30 INTERNET VLAN

encapsulation dot1Q 30

ip address 172.16.30.2 255.255.255.0

standby 30 ip 172.16.30.1

standby 30 preempt

standby 30 authentication vlan30

standby 31 ip 172.16.30.254

standby 31 priority 200

standby 31 preempt

standby 31 authentication vlan3

!

interface FastEthernet0/0.100

description vlan100 INSTALL

encapsulation dot1Q 100

ip address 172.16.100.253 255.255.255.0

ip helper-address 172.16.20.3

ip helper-address 172.16.20.7

ip helper-address 172.16.10.16

standby 100 ip 172.16.100.1

standby 100 preempt

standby 100 authentication vlan100

standby 101 ip 172.16.100.252

standby 101 priority 200

standby 101 preempt

standby 101 authentication vlan101

!

interface FastEthernet0/0.110

description vlan110 IMTECH VLAN

encapsulation dot1Q 110

ip address 172.16.110.2 255.255.255.0

standby 110 ip 172.16.110.1

standby 110 preempt

standby 110 authentication vlan110

standby 111 ip 172.16.110.254

standby 111 priority 200

standby 111 preempt

standby 111 authentication vlan111

RT2:

interface FastEthernet1/0.1

description vlan1 Management

encapsulation dot1Q 1 native

ip address 192.168.1.251 255.255.255.0

ip helper-address 172.16.20.11

ip helper-address 172.16.20.13

ip helper-address 172.16.100.2

standby 2 ip 192.168.1.248

standby 2 priority 200

standby 2 preempt

standby 2 authentication vlan2

standby 3 ip 192.168.1.249

standby 3 priority 100

standby 3 preempt

standby 3 authentication vlan3

!

interface FastEthernet1/0.2

description vlan2 Management

encapsulation dot1Q 2

ip address 172.16.1.2 255.255.255.0

ip helper-address 172.16.20.11

ip helper-address 172.16.20.13

ip helper-address 172.16.100.2

standby 1 ip 172.16.1.1

standby 1 priority 200

standby 1 preempt

standby 1 authentication vlan1

standby 4 ip 172.16.1.254

standby 4 priority 100

standby 4 preempt

standby 4 authentication vlan4

!

interface FastEthernet1/0.10

description vlan10 Server VLAN

encapsulation dot1Q 10

ip address 172.16.10.3 255.255.255.0

ip helper-address 172.16.20.3

ip helper-address 172.16.20.4

standby 10 ip 172.16.10.1

standby 10 priority 200

standby 10 preempt

standby 10 authentication vlan10

standby 11 ip 172.16.10.254

standby 11 priority 100

standby 11 preempt

standby 11 authentication vlan11

!

interface FastEthernet1/0.20

description vlan20 RTS USERS & SERVERS

encapsulation dot1Q 20

ip address 172.16.20.254 255.255.255.0

ip helper-address 172.16.10.12

ip helper-address 192.168.1.1

ip helper-address 192.168.1.2

ip helper-address 192.168.1.4

ip helper-address 192.168.1.8

ip helper-address 192.168.1.202

standby 20 ip 172.16.20.1

standby 20 priority 200

standby 20 preempt

standby 20 authentication vlan20

standby 21 ip 172.16.20.252

standby 21 priority 100

standby 21 preempt

standby 21 authentication vlan21

!

interface FastEthernet1/0.30

description vlan30 INTERNET VLAN

encapsulation dot1Q 30

ip address 172.16.30.3 255.255.255.0

standby 30 ip 172.16.30.1

standby 30 priority 200

standby 30 preempt

standby 30 authentication vlan30

standby 31 ip 172.16.30.254

standby 31 priority 100

standby 31 preempt

standby 31 authentication vlan31

!

interface FastEthernet1/0.100

description vlan100 INSTALL

encapsulation dot1Q 100

ip address 172.16.100.254 255.255.255.0

ip helper-address 172.16.20.3

ip helper-address 172.16.20.7

ip helper-address 172.16.10.16

standby 100 ip 172.16.100.1

standby 100 priority 200

standby 100 preempt

standby 100 authentication vlan100

standby 101 ip 172.16.100.252

standby 101 priority 100

standby 101 preempt

standby 101 authentication vlan101

!

interface FastEthernet1/0.110

description vlan110 IMTECH VLAN

encapsulation dot1Q 110

ip address 172.16.110.3 255.255.255.0

standby 110 ip 172.16.110.1

standby 110 priority 200

standby 110 preempt

standby 110 authentication vlan110

standby 111 ip 172.16.110.254

standby 111 priority 100

standby 111 preempt

standby 111 authentication vlan111

These are mine Vlan config on both routers. In this situation I could ping (for example Vlan2):

192.168.1.248 = ok

192.168.1.249 = ok

192.168.1.250 = NOT ok

192.168.1.251 = ok

This is the same for all the other Vlan's.

Please help.

Rgds

Indra

Hi Indra

Strange that you can ping all the ip's except the one configured on the interface.

From where are you setting up the pings?

Can you see anything whene you debug ip icmp?

Regards

Roger

Hi Roger,

I will do that tommorow, cause I am heading home. It is strange, this the first time I encounter this problem. Do I have to configure also the actual interface on both routers? the Fa0/0 and Fa1/0 interfaces?

talk to ya tommorow!

Rgds.

Indra

DEBUG on RT2:

02:34:36: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.11

02:34:36: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.13

02:34:46: %HSRP-6-STATECHANGE: FastEthernet1/0.2 Grp 4 state Standby -> Active

02:34:53: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.11

02:34:53: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.13

02:34:54: ICMP: echo reply sent, src 172.16.100.1, dst 172.16.1.9

02:34:57: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.11

02:34:57: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.13

02:35:05: ICMP: echo reply sent, src 172.16.254.2, dst 172.16.1.9

02:35:05: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.11

02:35:05: ICMP: dst (172.16.1.2) port unreachable rcv from 172.16.20.13

DEBUG on RT1:

rts-rt1#ping 172.16.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:

...!!

Success rate is 40 percent (2/5), round-trip min/avg/max = 1/2/4 ms

rts-rt1#

02:59:23: ICMP: echo reply rcvd, src 172.16.1.2, dst 172.16.1.3

02:59:23: ICMP: echo reply rcvd, src 172.16.1.2, dst 172.16.1.3

02:59:23: %HSRP-6-STATECHANGE: FastEthernet0/0.2 Grp 1 state Active -> Speakping

172.16.1.2

Roger,

Solve the problem (part of it), I use the :

standby use-bia command on the on the sub fa interfaces. Would like to thank ya all (spec. Roger).

THNX

Indra

Hi Indra

I was ones in the beginning thinking about this command but i thought in the new ios releases this command is not needed anymore. so learned also something.

Regards

Roger