10-13-2024 10:45 PM
HSRP virtual IP unreachable with portchannel subinterface in CML lab
########### config for switch begins here #######
!
conf t
!
int po32
description "port-channel interface connected to rtr1"
switchport mode trunk
switchport trunk allow vlan 10,20
no shut
!
int e0/3
description "member interface of port-channel32 interface connected to rtr1"
switchport trunk allow vlan 10,20
switchport mode trunk
channel-group 32 mode active
no shut
!
int e0/0
description "member interface of port-channel32 interface connected to rtr1"
switchport mode trunk
switchport trunk allow vlan 10,20
channel-group 32 mode active
no shut
!
end
!
conf t
int po33
description "port-channel interface connected to rtr2"
switchport mode trunk
switchport trunk allow vlan 10,20
no shut
!
int e0/1
switchport mode trunk
description "member interface of port-channel33 interface connected to rtr2"
switchport trunk allow vlan 10,20
channel-group 33 mode active
no shut
!
int e1/0
switchport mode trunk
description "member interface of port-channel33 interface connected to rtr2"
switchport trunk allow vlan 10,20
channel-group 33 mode active
no shut
!
end
!
wr
########### config ends here #######
########### config for rtr1 begins here #######
!
conf t
!
int po32
description "port-channel interface connected to be-data-sw"
no shut
!
int gi1
description "member interface of port-channel32 interface connected to switch1"
no ip add
channel-group 32 mode active
no shut
!
int gi2
description "member interface of port-channel32 interface connected to switch2"
no ip add
channel-group 32 mode active
no shut
!
int po32.20
no shut
encapsulation dot1q 20
ip add 172.16.20.251
standby version 2
standby 1 priority 105
standby 1 ip 172.16.20.1
standby 1 preempt
standby 1 timers msec 252 msec 840
!
int po32.10
no shut
encapsulation dot1q 10
ip add 172.16.10.251
standby version 2
standby 2 priority 105
standby 2 ip 172.16.10.1
standby 2 preempt
standby 2 timers msec 252 msec 840
standby 2 track 1 decrement 60
!
end
!
wr
!
########### config ends here #######
########### config for rtr2 begins here #######
!
conf t
!
int po33
description "port-channel interface connected to be-data-sw"
no shut
!
int gi2
description "member interface of port-channel33 interface connected to switch1"
no ip add
channel-group 33 mode active
no shut
!
int gi1
description "member interface of port-channel33 interface connected to switch2"
no ip add
channel-group 33 mode active
no shut
!
int po33.20
no shut
encapsulation dot1q 20
ip add 172.16.20.252
standby version 2
standby 1 priority 100
standby 1 ip 172.16.20.1
standby 1 preempt
standby 1 timers msec 100 msec 300
!
int po33.10
no shut
encapsulation dot1q 10
ip add 172.16.10.252
standby version 2
standby 2 priority 100
standby 2 ip 172.16.10.1
standby 2 preempt
standby 2 timers msec 252 msec 840
standby 2 track 1 decrement 60
!
end
!
wr
!
########### config ends here #######
10-13-2024 10:56 PM - edited 10-13-2024 10:57 PM
Hello @Rohit Patil
First, your switch configuration indicates that trunking is enabled, but please double-check that the VLANs are actively allowed and operational on the trunks.
Check and share the output:
#show standby brief
The HSRP configuration includes tracking for Po32.10 and Po33.10. If the tracking is causing issues (for example, if the tracked object is down), the HSRP priority may be getting reduced...check #show standby track
Last, if there are multiple paths for VLANs 10 and 20, ensure that STP is not blocking any of the interfaces necessary for the traffic flow. Check the STP status:
show spanning-tree vlan 10
show spanning-tree vlan 20
Make sure that the relevant ports are in the forwarding state...
10-13-2024 11:35 PM
Hi M02@rt37 the standby IP pings only when I use physical interfaces not the port channels of subinterfaces in cisco CML.
10-13-2024 11:34 PM - edited 10-13-2024 11:34 PM
Hello
do you have ip routing enabled - if not enable it and test again?
sh standby brief
sh ip int brief
sh ip route
10-13-2024 11:52 PM
inserthostname-here#show standby brief
inserthostname-here#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
inserthostname-here#
inserthostname-here#show ip int br
inserthostname-here#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 unassigned YES unset up up
GigabitEthernet2 unassigned YES unset up up
GigabitEthernet3 unassigned YES unset administratively down down
GigabitEthernet4 unassigned YES unset administratively down down
Port-channel32 unassigned YES unset up up
Port-channel32.10 172.16.10.251 YES manual up up
Port-channel32.20 172.16.20.251 YES manual up up
inserthostname-here#
inserthostname-here#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.10.0/24 is directly connected, Port-channel32.10
L 172.16.10.251/32 is directly connected, Port-channel32.10
C 172.16.20.0/24 is directly connected, Port-channel32.20
L 172.16.20.251/32 is directly connected, Port-channel32.20
inserthostname-here#
++++
inserthostname-here#show standby brief
inserthostname-here#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
inserthostname-here#
inserthostname-here#show ip int br
inserthostname-here#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 unassigned YES unset up up
GigabitEthernet2 unassigned YES unset up up
GigabitEthernet3 unassigned YES unset administratively down down
GigabitEthernet4 unassigned YES unset administratively down down
Port-channel32 unassigned YES unset up up
Port-channel32.10 172.16.10.251 YES manual up up
Port-channel32.20 172.16.20.251 YES manual up up
inserthostname-here#
inserthostname-here#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.10.0/24 is directly connected, Port-channel32.10
L 172.16.10.251/32 is directly connected, Port-channel32.10
C 172.16.20.0/24 is directly connected, Port-channel32.20
L 172.16.20.251/32 is directly connected, Port-channel32.20
inserthostname-here#
===
on swithc:
inserthostname-here#show standby brief
inserthostname-here#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
inserthostname-here#
inserthostname-here#show ip int br
inserthostname-here#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 unassigned YES unset up up
GigabitEthernet2 unassigned YES unset up up
GigabitEthernet3 unassigned YES unset administratively down down
GigabitEthernet4 unassigned YES unset administratively down down
Port-channel32 unassigned YES unset up up
Port-channel32.10 172.16.10.251 YES manual up up
Port-channel32.20 172.16.20.251 YES manual up up
inserthostname-here#
inserthostname-here#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.10.0/24 is directly connected, Port-channel32.10
L 172.16.10.251/32 is directly connected, Port-channel32.10
C 172.16.20.0/24 is directly connected, Port-channel32.20
L 172.16.20.251/32 is directly connected, Port-channel32.20
inserthostname-here#
==
===
===
from PC i am able to ping virtual IP but only physical IP:
inserthostname-here#show standby brief
inserthostname-here#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
inserthostname-here#
inserthostname-here#show ip int br
inserthostname-here#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 unassigned YES unset up up
GigabitEthernet2 unassigned YES unset up up
GigabitEthernet3 unassigned YES unset administratively down down
GigabitEthernet4 unassigned YES unset administratively down down
Port-channel32 unassigned YES unset up up
Port-channel32.10 172.16.10.251 YES manual up up
Port-channel32.20 172.16.20.251 YES manual up up
inserthostname-here#
inserthostname-here#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.10.0/24 is directly connected, Port-channel32.10
L 172.16.10.251/32 is directly connected, Port-channel32.10
C 172.16.20.0/24 is directly connected, Port-channel32.20
L 172.16.20.251/32 is directly connected, Port-channel32.20
inserthostname-here#
10-13-2024 11:53 PM
10-13-2024 11:57 PM
Success rate is 0 percent (0/5)
inserthostname-here#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
inserthostname-here#
10-14-2024 12:03 AM
It complex I can not see what is wrong but let do config step by step
1-remove previous config
2- config PO member with no switchport
3- config PO main with no switchport and no shut
4- config hsrp without track abd defualt priority
Do above
And check hstp status in both peer
MHM
10-14-2024 12:12 AM
on router it is not getting accepted..
no switch port
do i have to do no switchport on the switch ports... u mean to say??
10-14-2024 12:24 AM
########### config for switch begins here #######
!
conf t
!
int po32
switchport trunk encapsulation dot1q
description "port-channel interface connected to rtr1"
switchport mode trunk
switchport trunk allow vlan 10,20
no shut
!
int gi0/3
switchport trunk encapsulation dot1q
description "member interface of port-channel32 interface connected to rtr1"
switchport trunk allow vlan 10,20
switchport mode trunk
channel-group 32 mode active
no shut
!
int gi0/2
switchport trunk encapsulation dot1q
description "member interface of port-channel32 interface connected to rtr1"
switchport mode trunk
switchport trunk allow vlan 10,20
channel-group 32 mode active
no shut
!
end
!
conf t
int po33
switchport trunk encapsulation dot1q
description "port-channel interface connected to rtr2"
switchport mode trunk
switchport trunk allow vlan 10,20
no shut
!
int gi0/1
switchport trunk encapsulation dot1q
switchport mode trunk
description "member interface of port-channel33 interface connected to rtr2"
switchport trunk allow vlan 10,20
channel-group 33 mode active
no shut
!
int gi1/0
switchport trunk encapsulation dot1q
switchport mode trunk
description "member interface of port-channel33 interface connected to rtr2"
switchport trunk allow vlan 10,20
channel-group 33 mode active
no shut
!
end
!
wr
########### config ends here #######
########### config for rtr1 begins here #######
!
conf t
!
int po32
description "port-channel interface connected to be-data-sw"
no shut
!
int gi1
no switchport
description "member interface of port-channel32 interface connected to switch1"
no ip add
channel-group 32 mode active
no shut
!
int gi2
no switchport
description "member interface of port-channel32 interface connected to switch2"
no ip add
channel-group 32 mode active
no shut
!
int po32.20
no switchport
no shut
encapsulation dot1q 20
ip add 172.16.20.251 255.255.255.0
standby 1 ip 172.16.20.1
!
int po32.10
no shut
encapsulation dot1q 10
ip add 172.16.10.251 255.255.255.0
standby 2 ip 172.16.10.1
!
end
!
wr
!
########### config ends here #######
########### config for rtr2 begins here #######
!
conf t
!
int po33
description "port-channel interface connected to be-data-sw"
no shut
!
int gi2
no switchport
description "member interface of port-channel33 interface connected to switch1"
no ip add
channel-group 33 mode active
no shut
!
int gi1
no switchport
description "member interface of port-channel33 interface connected to switch2"
no ip add
channel-group 33 mode active
no shut
!
int po33.20
no shut
encapsulation dot1q 20
ip add 172.16.20.252 255.255.255.0
standby 1 ip 172.16.20.1
!
int po33.10
no shut
encapsulation dot1q 10
ip add 172.16.10.252 255.255.255.0
standby 2 ip 172.16.10.1
!
end
!
wr
!
########### config ends here #######
current configs
10-14-2024 12:34 AM
totally correct
now in SW
do
vlan 10
vlan 20 <<- add VLAN to DB
then in HSRP peer do
show standby
share output here
MHM
10-14-2024 01:04 AM
sw#show ip int brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset up up
Ethernet0/2 unassigned YES unset up up
Ethernet0/3 unassigned YES unset up up
Ethernet1/0 unassigned YES unset up up
Ethernet1/1 unassigned YES unset up up
Ethernet1/2 unassigned YES unset up up
Ethernet1/3 unassigned YES unset up up
Ethernet2/0 unassigned YES unset up up
Ethernet2/1 unassigned YES unset up up
Ethernet2/2 unassigned YES unset up up
Ethernet2/3 unassigned YES unset up up
Port-channel32 unassigned YES unset up up
Port-channel33 unassigned YES unset up up
Vlan10 unassigned YES unset up up
Vlan20 unassigned YES unset up up
=====
=====
r2#
r2#show standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po33.10 2 100 Active local 172.16.10.251 172.16.10.1
Po33.20 1 100 Active local 172.16.20.251 172.16.20.1
r2#
===
===
r1#
r1#show standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
r1#
r1
====
====
ABLE TO PING physical IP but not standby IP:
sw#show ip int brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset up up
Ethernet0/2 unassigned YES unset up up
Ethernet0/3 unassigned YES unset up up
Ethernet1/0 unassigned YES unset up up
Ethernet1/1 unassigned YES unset up up
Ethernet1/2 unassigned YES unset up up
Ethernet1/3 unassigned YES unset up up
Ethernet2/0 unassigned YES unset up up
Ethernet2/1 unassigned YES unset up up
Ethernet2/2 unassigned YES unset up up
Ethernet2/3 unassigned YES unset up up
Port-channel32 unassigned YES unset up up
Port-channel33 unassigned YES unset up up
Vlan10 unassigned YES unset up up
Vlan20 unassigned YES unset up up
=====
=====
r2#
r2#show standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po33.10 2 100 Active local 172.16.10.251 172.16.10.1
Po33.20 1 100 Active local 172.16.20.251 172.16.20.1
r2#
===
===
r1#
r1#show standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
r1#
r1
====
====
ABLE TO PING FROM PC to physical IP, but not standby IP
inserthostname-here:~$
inserthostname-here:~$ ping 172.16.10.251
PING 172.16.10.251 (172.16.10.251): 56 data bytes
64 bytes from 172.16.10.251: seq=0 ttl=42 time=39.918 ms
^C
--- 172.16.10.251 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 39.918/39.918/39.918 ms
inserthostname-here:~$ ping 172.16.10.1
PING 172.16.10.1 (172.16.10.1): 56 data bytes
^C
--- 172.16.10.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
inserthostname-here:~$ ^C
inserthostname-here:~$
10-14-2024 01:16 AM
Ip defualt gateway <VIP of vlan10>
Ping to standby and use source vlan 10 of l2 SW
And better to test hsrp connect pc and ping from pc
MHM
10-14-2024 01:03 AM
Hello
@Rohit Patil wrote:
From PC i am able to ping virtual IP but only physical IP:
So just to confirm - you CAN ping the hsrp VIP and only the active physical correct?
10-14-2024 01:07 AM
I am not able to ping VIP/Standby IP but able to ping only physical IPs. The HSRP VIT/Standby IP is reachable from only active HSRP router.
r1#show standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po32.10 2 100 Standby 172.16.10.252 local 172.16.10.1
Po32.20 1 100 Standby 172.16.20.252 local 172.16.20.1
r1#
r1#
r1#
r1#
r1#
r1#ping 172.16.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
r1#
r2#
r2#show standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Po33.10 2 100 Active local 172.16.10.251 172.16.10.1
Po33.20 1 100 Active local 172.16.20.251 172.16.20.1
r2#
r2#
r2#ping 172.16.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/13 ms
r2#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide