01-19-2005 11:09 AM - edited 03-02-2019 09:10 PM
pix#1----|----7507 R#1
|
pix#2----|----7507 R#2
R1 and R2 are running HSRP
I can not ping HSRP -ip address from pix until
create static arp
Sniffer shows that active R1 is not responding to ARP
request?
Please help!
I tryed interface command "stand use-bia"
It did not help...
Regards,
Slad
01-19-2005 11:33 AM
It would help if you would post the output of show standby, show interface, show ip interface of the routers. It might also help if you post the config of the intefaces on both routers.
HTH
Rick
01-19-2005 12:37 PM
What does the sniffer trace show? Does R2 respond or is there no response?
Remove the standby-use-bia from the hsrp config on both routers and remove the static arp entry on the pix firewalls. Then try this:
At the switch display the mac-address table. I assume that there is only one swtich in use, let me know if there are two switches or more that are invlolved.
The hsrp process should use a virtual mac address and the active router should issue a gratuitous arp to let the switch know to update its mac-address-table.
At the active pix, do a show arp command, or a show ip arp (one will only list pix interface mac-addresses, the other will list all entries. Post the results here.
Another item to check is that the subnet and mask is properly defined on the pix, routers and that the hsrp address falls within that subnet.
Let me know what you find.
01-19-2005 01:22 PM
Ping works with interface IP address
ping to HSRP IP address not.
There are 4 switches in this switch environment
It was 2 before , we have replaced switches this weekend , and it did stop working that night....
It is not just PIX it looks like we have this
on all VLANs.
So what could be wrong with switching ?
On all switches
sh mac add
shows HSRP MAC address no problem
Sniffer shows ARP request is going to R1 but no responce from R1 or R2...?
Please comment...
Regards,
Slad
01-19-2005 07:46 PM
On each router that participates in HSRP, run this command:
show standby
Post the results here. I am looking to see if each router thinks it is active beacuse the hsrp frames are not crossing the switch trunk links. I assume that each router is connected to a different switch. Let me know if that is not the case.
You did mention that each switch has an entry for the hsrp mac address, for those switches that the active router is NOT connected to does the mac-address-table point to the proper trunk link?
Are you using token-ring or ethernet lan topology?
01-20-2005 06:58 AM
sh stand
points to one Active router R1
and one Standby router R2.
everyting looks normal.
I am going to open Case
It must be something very simple....
Regards,
Slad
01-20-2005 07:40 AM
Are both routers connected to the same layer switch?
Please let me know what the results of the TAC case are.
01-24-2005 02:39 PM
Just wondering if your issue was solved or if you need more help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide