03-22-2024 01:22 PM
Team,
After testing a configuration with 2 9k Nexus, 1 iosvl2 switch, and an ios host testing HSRP and it is not working during a simulated down interface event. Everything else seems fine VPC checks, port-channels check, HSRP checks, tracking checks but when I shut down the interface and HSRP decrements the end host does not continue to ping/route with the HSRP VIP. It can ping NXSOB ip but not the HSRP vip.
Testing environments are EVE-NG and Virl simulator.
1. VPC config
2. HSRP
3. tracking interface object
testing by simulating failure of a tracking line object. The HSRP decrements as per design but the end host does not connect to the HSRP VIP IP.
Config:NXOSA
vlan 201
vlan 202
vrf context keepalive-vrf
vpc domain 1
role priority 1
peer-keepalive destination 10.0.0.6 source 10.0.0.5 vrf keepalive-vrf
peer-gateway
track 1 interface Ethernet1/6 line-protocol
track 1 decrement 150
interface Vlan201
no shutdown
no ip redirects
ip address 172.21.255.2/24
no ipv6 redirects
hsrp 1
preempt
priority 200
ip 172.21.255.1
track 1 decrement 150
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan 1,201-202
spanning-tree port type network
vpc peer-link
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 1,201-202
vpc 20
interface Ethernet1/1
description vPC-Peer-Keepalive-Link
no switchport
vrf member keepalive-vrf
ip address 10.0.0.5/30
no shutdown
interface Ethernet1/2
switchport mode trunk
switchport trunk allowed vlan 1,201-202
channel-group 1 mode active
interface Ethernet1/3
switchport mode trunk
switchport trunk allowed vlan 1,201-202
channel-group 1 mode active
interface Ethernet1/6
description VPC20-access-Switch
shutdown
switchport mode trunk
switchport trunk allowed vlan 1,201-202
spanning-tree port type edge
channel-group 20 mode active
--------------------------------------------------------------------------------------
Config:NXOSB
vlan 201
vlan 202
vrf context keepalive-vrf
vpc domain 1
role priority 1
peer-keepalive destination 10.0.0.5 source 10.0.0.6 vrf keepalive-vrf
peer-gateway
interface Vlan201
no shutdown
no ip redirects
ip address 172.21.255.3/24
no ipv6 redirects
hsrp 1
preempt
priority 100
ip 172.21.255.1
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan 1,201-202
spanning-tree port type network
vpc peer-link
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 1,201-202
vpc 20
interface Ethernet1/1
description vPC-Peer-Keepalive-Link
no switchport
vrf member keepalive-vrf
ip address 10.0.0.6/30
no shutdown
interface Ethernet1/2
switchport mode trunk
switchport trunk allowed vlan 1,201-202
channel-group 1 mode active
interface Ethernet1/3
switchport mode trunk
switchport trunk allowed vlan 1,201-202
channel-group 1 mode active
interface Ethernet1/6
description VPC20-access-Switch
shutdown
switchport mode trunk
switchport trunk allowed vlan 1,201-202
spanning-tree port type edge
channel-group 20 mode active
Config:Access Switch
interface Port-channel20
switchport trunk allowed vlan 201,202
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/0
negotiation auto
!
interface GigabitEthernet0/1
description NXOSA
switchport trunk allowed vlan 201,202
switchport trunk encapsulation dot1q
switchport mode trunk
negotiation auto
channel-group 20 mode active
!
interface GigabitEthernet0/2
description NXOSB
switchport trunk allowed vlan 201,202
switchport trunk encapsulation dot1q
switchport mode trunk
negotiation auto
channel-group 20 mode active
!
interface GigabitEthernet0/3
description host access
switchport access vlan 201
switchport mode access
negotiation auto
A# show hsrp standby
Vlan201 - Group 1 (HSRP-V1) (IPv4)
Local state is Standby, priority 50 (Cfged 200), may preempt
Forwarding threshold(for vPC), lower: 0 upper: 200
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 1.360000 sec(s)
Virtual IP address is 172.21.255.1 (Cfged)
Active router is 172.21.255.3, priority 100 expires in 8.811000 sec(s)
Standby router is local
Authentication text "cisco"
Virtual mac address is 0000.0c07.ac01 (Default MAC)
9 state changes, last state change 00:00:13
Track object 1 state DOWN decrement 150
IP redundancy name is hsrp-Vlan201-1 (default)
B# show hsrp all
Vlan201 - Group 1 (HSRP-V1) (IPv4)
Local state is Active, priority 100 (Cfged 100), may preempt
Forwarding threshold(for vPC), lower: 0 upper: 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 1.045000 sec(s)
Virtual IP address is 172.21.255.1 (Cfged)
Active router is local
Standby router is 172.21.255.2 , priority 50 expires in 9.573000 sec(s)
Authentication text "cisco"
Virtual mac address is 0000.0c07.ac01 (Default MAC)
11 state changes, last state change 00:01:20
IP redundancy name is hsrp-Vlan201-1 (default)
Is this a simulator issue or am I missing a configuration?
04-05-2024 04:45 PM
Is this issue solve ?
MHM
09-30-2024 09:37 AM
Yes, it is. I used another image on the endpoint node, and it worked.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide