cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2111
Views
25
Helpful
13
Replies

IPv6 HSRP on VRF with Catalyst 3750X

I have a couple of Catalyst 3750X's in a lab.  They aren't stacked but have a 2 x 1Gbps LACP L2 port-channel between them and there are several VLANs that trunk across this.  There are L3 SVIs on each C3750X and I'm running HSRP on some of these.  Some are in different VRFs.  I have one VLAN - 100, that is a transit VLAN to an ASA firewall.  IPv4 HSRP is configured on this VLAN which is working as expected.  There is no routing protocol between the C3750X's and the ASA, so there is a default route on the C3750X's to the ASA inside address and the ASA has some static IPv4 routes via the HSRP address.  This is all working as expected.

I have also enabled IPv6 HSRP with a Global address, however this isn't working.  My logic was the same for IPv4 - static IPv6 default on the C3750X's and a static IPv6 route to the /56 behind the C3750X's.  The HSRP state for IPv6 on VLAN 100 is Active/Active and the two C3750X's don't appear to be receiving the others HSRP hello messages.

The configuration is pretty simple:

 

!! C3750X #1
interface Vlan100
 description Firewall-Transit
 vrf forwarding GLOBAL-ROUTES
 ip address 192.168.210.250 255.255.255.248
 no ip redirects
 no ip proxy-arp
 ip pim sparse-mode
 standby version 2
 standby 0 ipv6 XXXX:XXXX:201:13F8::1/64
 standby 10 ip 192.168.210.249
 standby 10 priority 90
 standby 10 preempt
 ipv6 address XXXX:XXXX:201:13F8::2/64
 ipv6 enable
!

!! C3750X #2
interface Vlan100
 description Firewall-Transit
 vrf forwarding GLOBAL-ROUTES
 ip address 192.168.210.251 255.255.255.248
 no ip redirects
 no ip proxy-arp
 ip pim sparse-mode
 standby version 2
 standby 0 ipv6 XXXX:XXXX:201:13F8::1/64
 standby 10 ip 192.168.210.249
 standby 10 preempt
 ipv6 address XXXX:XXXX:201:13F8::3/64
 ipv6 enable

 

The output from 'show standby vlan 100' on each C3750X looks like this:

 

dna-lab-c3750x-1#sho standby vlan 100
Vlan100 - Group 0 (version 2)
  State is Active
    2 state changes, last state change 00:29:06
  Link-Local Virtual IPv6 address is FE80::5:73FF:FEA0:0 (impl auto EUI64)
    Virtual IPv6 address XXXX:XXXX:201:13F8::1/64
  Active virtual MAC address is 0005.73a0.0000 (MAC In Use)
    Local virtual MAC address is 0005.73a0.0000 (v2 IPv6 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.168 secs
  Preemption disabled
  Active router is local
  Standby router is unknown
  Priority 100 (default 100)
  Group name is "hsrp-Vl100-0" (default)
Vlan100 - Group 10 (version 2)
  State is Standby
    1 state change, last state change 00:29:06
  Virtual IP address is 192.168.210.249
  Active virtual MAC address is 0000.0c9f.f00a (MAC Not In Use)
    Local virtual MAC address is 0000.0c9f.f00a (v2 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.456 secs
  Preemption enabled
  Active router is 192.168.210.251, priority 100 (expires in 9.552 sec)
    MAC address is c464.132b.4d47
  Standby router is local
  Priority 90 (configured 90)
  Group name is "hsrp-Vl100-10" (default)

 

As a test I created a VLAN and the associated SVI but in the global table on each C3750X and enabled IPv6 with HSRP and this worked - or at least the output showed they could see each other.

The C3750X's are running 15.2(4)E10 and have the IPServices license enabled.  IP & IPv6 routing is globally enabled on each.

I think this is a bug or limitation as this should be a pretty simple configuration.

 

1 Accepted Solution

Accepted Solutions

After lots of messing around and getting just weirder and weirder results, I think I've fixed it, however I have no idea why.... Simple things like just pinging between SVIs wasn't working for all interfaces, the switches weren't seeing each other as IPv6 neighbours.  Reboots seemed to get things back for a while, but it just got weird.

The global command:

 ipv6 dhcp-relay source-interface Loopback0

was added to the configuration on both C3750X's last week, however neither Loopback0 interfaces had an IPv6 address.  Adding an IPv6 address to Loopback0 and all the weirdness has stopped.

All very odd.

View solution in original post

13 Replies 13

Standby x ipv6 autoconfig <<- add this and check

Already tried that and the results are the same - both say:

  Active router is local
  Standby router is unknown

 

First no standby x ipv6 xxxxxxxxx

Then add 

Standby x ipv6 autoconfig 

Yes, I've already tried that and the results are the same.  I've also disabled IPv6 on the SVIs, removed all the IPv6 configuration and added it back.  However the results are always the same.

marce1000
VIP
VIP

 

          >.... have also enabled IPv6 HSRP with a Global address, however this isn't working. 
 Ref : https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_53_se/configuration/guide/3750xscg/swhsrp.html#15579
         >.... HSRP for IPv4 and HSRP for IPv6 are mutually exclusive. You cannot enable both at the same time.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

That's the bit I was obviously missing....

Thank you

Actually, that is only applicable to stacked 3750's and not standalone, which is what I've got.

Yes this confuse me, what support and what not support. 
so it need some check. 
what if I want to config HSRP ipv6 in different SVI are this can be done or not?
what meaning of global HSRP ipv6 if there is no command in global mode, the command is in interface mode. 
anyway let me check and if I get something I will update you.
thanks 

In description you mention FW

Are you use asa transparent ?

If yes then I think you need to allow 224.0.0.102 mutlicast ip for ipv6 hsrp.

I've just configured this on two spare C3560X switches I have - same IOS, L2 port-channel, multiple VRFs etc.

I initially just configured IPv6 on the SVIs and HSRP worked.  I then added IPv4 and HSRP didn't work for this, so it points to a limitation.  However I then removed the IPv4 HSRP configuration and replaced it with a GLBP and this works.  However I've just tried this on the original lab and HSRP for IPv6 is still not working.  There is now only one standby group configured and its for IPv6, but I still see:

 Active router is local
  Standby router is unknown

Think I'm going to give up with it and leave out the HSRPv6 configuration for this SVI.

 

After lots of messing around and getting just weirder and weirder results, I think I've fixed it, however I have no idea why.... Simple things like just pinging between SVIs wasn't working for all interfaces, the switches weren't seeing each other as IPv6 neighbours.  Reboots seemed to get things back for a while, but it just got weird.

The global command:

 ipv6 dhcp-relay source-interface Loopback0

was added to the configuration on both C3750X's last week, however neither Loopback0 interfaces had an IPv6 address.  Adding an IPv6 address to Loopback0 and all the weirdness has stopped.

All very odd.

thanks a lot for your feedback. 
many many thanks.

It was a proper puzzler.  There is an IPv4 DHCP scope configured on one of the switches and that stopped working as well.  I'm guessing there are some interdependencies with processes and having the invalid configuration broke various things.

Ho hum.  All working now though.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco