Re: HSRP does not work somehow

muratemredemirci · ‎10-13-2024

Hi all!

I am trying to configure a collapsed layer network architecture. I configured HSRP and L3 switches sees each other with no problem (sh standby br is OK) but when I configure a PC in VLAN10 and give default gateway as the HSRP virtual IP to it, there is no connection. But when I configure the PC's default gateway as the VLAN10 IP of the CLSwitch1, pings are succesfull. Access switches are L3 switches with "no ip routing" by the way. Let me share the configs. Thanks in advance!

Flavio Miranda · ‎10-13-2024

@muratemredemirci

Try to make the configuration consistent between the devices. You are adding parameter in one side and not the other.

muratemredemirci · ‎10-14-2024

Thanks for reply. I will do it but i dont think that would resolve the issue.

MHM Cisco World · ‎10-13-2024

First you need mandatory

Ip routing

In both l3 SW

Second check hsrp

Share

Show standby for both L3SW

MHM

muratemredemirci · ‎10-14-2024

L3 Switches are both ip routing enabled. sh standby br shows both active, standby and virtual IPs correctly. I will share it when I get back on my lab PC.

MHM Cisco World · ‎10-14-2024

OK, both active meaning both HSRP dont know each other
check
1- if VLAN is add to SW by show vlan brief
2- if there is ACL apply that drop hsrp multicast traffic
3- disable igmp snooping

check above

MHM

muratemredemirci · ‎10-14-2024

Hi,

1- VLAN is added, I use CLSwitch1 as VTP server.

2- There is no ACLs, I did not configure any.

3 - I disabled igmp snooping on CLSwitch1 and CLSwitch2 but not in Access Switches. Should I?

Thanks.

MHM Cisco World · ‎10-14-2024

You must disable it in access SW also

Note:- make double check if vlan is available in SW or not

MHM

muratemredemirci · ‎10-14-2024

disabled igmp snooping and ten times checked, VLANS exist on all switches. Thankfully VTP works with no issues(that i know of).

Aref Alsouqi · ‎10-14-2024

Could you please the output of the command "sh standby" on both switches for review? Also, when you say there is connection when you configure the HSRP virtual IP on PC in VLAN 10, what do you exactly mean? what connectivity tests have you done in that case?

muratemredemirci · ‎10-14-2024

I meant when I ping 10.0.0.1 from CLSwitch1 and success. But no success when I ping it from CLSwitch2.

CLSwitch2#sh stan br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 P Standby 10.0.0.10 local 10.0.0.1
Vl20 20 100 P Standby 10.0.8.20 local 10.0.8.1
Vl30 30 100 P Standby 10.0.16.30 local 10.0.16.1
Vl40 40 100 P Standby 10.0.24.40 local 10.0.24.1
Vl50 50 100 P Standby 10.0.32.50 local 10.0.32.1
Vl60 60 100 P Standby 10.0.40.60 local 10.0.40.1
Vl70 70 100 P Standby 10.0.48.70 local 10.0.48.1
Vl80 80 100 P Standby 10.0.56.80 local 10.0.56.1
Vl100 100 100 P Standby 10.0.72.100 local 10.0.72.1

CLSwitch1#
CLSwitch1#sh stan br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 105 P Active local 10.0.0.11 10.0.0.1
Vl20 20 105 P Active local 10.0.8.21 10.0.8.1
Vl30 30 105 P Active local 10.0.16.31 10.0.16.1
Vl40 40 105 P Active local 10.0.24.41 10.0.24.1
Vl50 50 105 P Active local 10.0.32.51 10.0.32.1
Vl60 60 105 P Active local 10.0.40.61 10.0.40.1
Vl70 70 105 P Active local 10.0.48.71 10.0.48.1
Vl80 80 105 P Active local 10.0.56.81 10.0.56.1
Vl100 100 105 P Active local 10.0.72.101 10.0.72.1

I also see duplicate entries on arp table on devices, for instance CLSwitch1:

CLSwitch1# sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.1 - 0000.0c9f.f00a ARPA Vlan10
Internet 10.0.0.10 - aabb.cc80.0900 ARPA Vlan10
Internet 10.0.0.11 4 aabb.cc80.0a00 ARPA Vlan10
Internet 10.0.5.1 7 0050.7966.6800 ARPA Vlan10
Internet 10.0.8.1 - 0000.0c9f.f014 ARPA Vlan20
Internet 10.0.8.20 - aabb.cc80.0900 ARPA Vlan20
Internet 10.0.8.21 7 aabb.cc80.0a00 ARPA Vlan20
Internet 10.0.16.1 - 0000.0c9f.f01e ARPA Vlan30
Internet 10.0.16.30 - aabb.cc80.0900 ARPA Vlan30
Internet 10.0.16.31 7 aabb.cc80.0a00 ARPA Vlan30
Internet 10.0.24.1 - 0000.0c9f.f028 ARPA Vlan40
Internet 10.0.24.40 - aabb.cc80.0900 ARPA Vlan40
Internet 10.0.24.41 7 aabb.cc80.0a00 ARPA Vlan40
Internet 10.0.32.1 - 0000.0c9f.f032 ARPA Vlan50
Internet 10.0.32.50 - aabb.cc80.0900 ARPA Vlan50
Internet 10.0.32.51 7 aabb.cc80.0a00 ARPA Vlan50
Internet 10.0.40.1 - 0000.0c9f.f03c ARPA Vlan60
Internet 10.0.40.60 - aabb.cc80.0900 ARPA Vlan60
Internet 10.0.40.61 7 aabb.cc80.0a00 ARPA Vlan60
Internet 10.0.48.1 - 0000.0c9f.f046 ARPA Vlan70
Internet 10.0.48.70 - aabb.cc80.0900 ARPA Vlan70
Internet 10.0.48.71 7 aabb.cc80.0a00 ARPA Vlan70
Internet 10.0.56.1 - 0000.0c9f.f050 ARPA Vlan80
Internet 10.0.56.80 - aabb.cc80.0900 ARPA Vlan80
Internet 10.0.56.81 7 aabb.cc80.0a00 ARPA Vlan80
Internet 10.0.72.1 - 0000.0c9f.f064 ARPA Vlan100
Internet 10.0.72.5 7 aabb.cc80.0500 ARPA Vlan100
Internet 10.0.72.7 7 aabb.cc80.0700 ARPA Vlan100
Internet 10.0.72.10 7 aabb.cc80.0a00 ARPA Vlan100
Internet 10.0.72.100 - aabb.cc80.0900 ARPA Vlan100
Internet 172.16.1.1 - aabb.cc00.0900 ARPA Ethernet0/0
Internet 172.16.1.2 7 cc01.1a7b.0000 ARPA Ethernet0/0

Is this normal? I created this network by duplicating the devices.

Aref Alsouqi · ‎10-15-2024

Could you please share the output of the following commands from both switches for review?

sh standby
sh int vl 10

Richard Burts · ‎10-15-2024

Yes show standby will show things that are potentially important that show standby brief does not show.

HTH

Rick

muratemredemirci · ‎10-17-2024

Guys, I created the same topology on Cisco Packet tracer using L2 and L3 switches with the smallest amonunt of commands and it worked. Pings to virtual IPs are successfull. I think the issue is with the L3 switches on GNS3.

Aref Alsouqi · ‎10-17-2024

Probably at this point. Glad to know that it worked for you in the end.