1) I understood what you mean. I don't mean 70.50 is the GW, and I mean what is the GW of 70.50. And you answered me 60.1 is the GW.

2) You are correct that I always config. same subnet of host IP & GW IP. So I don't know why it works for you. Because one subnet cannot communicate to other subnets without require L3 switch or routing. I understood your reason but I want to point out the requirement of same subnet between host IP & GW.

3) Thanks. Got it. Could you provide the standby 3550 config. before enable HSRP ? It may work if there is only one 3550 before.

4) In your current (updated) config., the HSRP should select the active 3550 as default GW (60.2).Could you advise which VLAN and user select standby 3550 as next-hop ? Please provide the "sh HSRP" then we can find which one is active HSRP router. Thx.

Please clarify which point and the area that you not understand and I will try my best to clarify it. If you read those HSRP doc. that I provided before, it should tell the operation, limitation of the HSRP.

This guide provides the information you need to configure Layer 2 and Layer 3 software features on your switch. The Catalyst 3550 switch is supported by either the standard multilayer software image (SMI) or the enhanced multilayer software image (EMI). The EMI provides a richer set of enterprise-class features, including hardware-based IP unicast and multicast routing, inter-VLAN routing, routed access control lists (ACLs), and the Hot Standby Router Protocol (HSRP).

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801f0a52.html

Hello,

the SMI supports the HSRP too as when I input the commands it did recognize it. Plus other forums on the web clearly stated that SMI supports HSRP.

Can you please clarify?

Thanks

Hello,

2) The L3 switch IS the 3550 which acts as L2/L3, it is that switch doing the routing of the vlans. Before, there was only ONE 3550, the standby one was not even connected and when I sent a /32 to a vlan whether it was in same subnet or not, it always worked... Since hsrp, it does not work

3) There was no standby 3550 configuration, it was an empty switch. There was only ONE connected 3550 before.

4) I dont know what you mean by next hop, as you saw in all my configs, standby 3550 is NEVER selected for next hop, I only want it in case the active 3550 fails....

5) sh hsrp is not a valid command, do you mean show standby ? (i already provided that to you in other replies).

The POINT I do not understand is WHY are my packets going to the standby 3550 by default, as you saw in traceroute, instead of going to VLAN3 using .60.2 which is active 3550 default gw, it goes to .60.3 which is standby 3550 default gw, WHY does it go there? I mean why would it know to go to standby and not to active?

Thanks

Thanks for your reply and sorry for the late reply.

2) This is why it works before, the current problem is two L3 switches forward the packet to each other and create the loop. It does not related to HSRP, you can try to remove the HSRP in one VLAN, it should still create the loop.

3) Got it.

4) What I am trying to say you are correct that the VLAN 3 is the next hop but the standby 3550 also located at VLAN 3 (60.3), so it can receive the packet from primary 3550. Just as you said, if there is only one switch, only the host 70.50 will receive the packet and also return the packet. so it may works. But if there is a router / L3 switch, it will also receive it and forward it that according to the routing table,

5) Sorry for the wrong command, you are correct. It is 'sh standby'. Could you mind to provide again and I want to get the updated status ? According to the config, primary 3550 should be active due to higher priority, so I want to prove it. If it is normal now then it is fine not to provide it.

As I mentioned before, the standby will receive the packet and forward it, due to they located at same VLAN. This is why I am requesting to setup the next hop as IP, but I believe it is quite difficult due to insufficient IP space in your current allocation. I suggest to reallocate the IP address and make all hosts in same VLAN at same subnet then you can simplify the static route in switches. Please consider it.

If you really not able to reallocate the IP, try to remove one HSRP in one VLAN then test the connectivity and isolate the problem. Moreover, I requested to provide the subnet mask of 70.50, could you please tell me ? I really want to know why it works before or please provide the pervious working host IP & GW, it helps to undrstand more why it works before and why not now.

Wait for your update.

Hello,

4) Ok but I don't have a router, all I have are those 2 3550's switches.

5) show standby shows everything as it should be. All active states belong to the primary 3550, hsrp looks normal.

Why are you saying impossible due to insufficient IP space, what makes you say that ? I cannot reallocate IP's, customers are already using it. Also I don't understand what you mean by next hop instead of VLANs, can you give an example route with next hop for my network?

Subnet mask of .70.50 is 255.255.255.255 I route it as a SINGLE IP since customer requested ONE MORE IP

You have all that in the config...

THanks

Offical (not forum):

This chapter describes how to use Hot Standby Router Protocol (HSRP) to provide routing redundancy for routing IP traffic without being dependent on the availability of any single router. To use this feature, you must have the enhanced multilayer software image installed on your switch. All Catalyst 3550 Gigabit Ethernet switches ship with the enhanced multilayer software image (EMI) installed. Catalyst 3550 Fast Ethernet switches can be shipped with either the standard multilayer software image (SMI) or EMI pre-installed. You can order the Enhanced Multilayer Software Image Upgrade kit to upgrade Catalyst 3550 Fast Ethernet switches from the SMI to the EMI.

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801f0a3f.html

Hello,

One of my switch is EMI (I think) and the other one SMI, basically, I had an SMI switch and I upgrade the IOS (or perhaps downgraded) to an EMI ios image I had, does that make my 3550 an EMI now or something else needs to be done?

Also, could this be the problem I am getting?

Thanks

I understood your situation. If you cannot reallocate the IP, then it may require a device to provide NAT (Network Address Translation) function to have the Port Address Translation to make all hosts at same subnet but tranlate them to a single IP which is assigned by you.

Sorry if I am misleading you. What I mean the IP Space is I think you cannot assign new IP address to the user that is the same subnet of existing usage. It was because it is already using by the customer and difficult to reallocate most of the IP assignments. It is only related to the IP address assignment plan and not mean you cannot do it.

I mean to use next-hop as IP as below :

ip route x.x.x.x 255.255.255.0 y.y.y.y

instead y.y.y.y is the next-hop that just like your default static route.

If all hosts in same VLAN are configured in same subnet then there is no need to configue those static route, because it is the local subnet of the interface.

What I mean the subnet mask of 70.50 in the PC /sever and not in the switch. Can you confirmed that you configure as 255.255.255.255 in the PC/Server ?

BTW, I just have a new idea but don't know you will accept it or not, please comment.

You can still use the assigned IP address to users. But you have to create new VLAN for new subnet instead of using the same VLAN for different subnets.

Enable those new & old VLANs at the trunk between 3550s and 2950. Assign those new VLAN at 2950 as access mode. e.g. 70.50 change from VLAN3 to VLAN70 and create the VLAN 70 at both 3550 & 2950. Assign the IP address (e.g. 70.2 & 3) to VLAN 70 and condfigure the HSRP group (e.g. IP = 70.1) in the VLAN 70. Configure the 70.50 with 70.1 as default GW. Then you don't need the static routes in 3550, because the 70.x is the local interface and no need to configure the static route.

But if the user is using another hub or switch to connect to the 2950 then we need to enable the trunk at 2950 to the user switch (cannot support hub). If the user is connecting to the 2950 directly, then you can use this solution to fix the problem.

Moreover, there is another issue that if the primary between 3550 and 2950 down, the traffic cannot return to the standby 3550, it was the local interface (VLAN) in primary 3550 still up and not able to route via interlink between 3550s. I think we need to add a connection at ISP and remove the interlink. So I come up another solution :

Due to there is only one ISP connection, if use two 3550 then the single point of failure still on the primary 3550. So, we can stack two 3550 together and create a Etherchannel from two 3550s to the 2950. Then no more HSRP and routing between two 3550 is required. But we need the Gigastack cable and the 3550 should be placed at the same closet.It sounds much simpler and no more problem.

The current problem is the routing loop and IP address assignment, if we use the above proposed solution, we can remove lots of static route and maintain assigned IP. But the cons. is we need to create additonal VLAN for individual subnets.

Last issue, if you upgrade your 3550 IOS to 12.1.(11)EA1 or later, it can support the dynamic routing protocol. Check here :

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a008019e74e.shtml

Please comment. Hope it really help to solve the problem.

Hello,

My network is already separated with Vlans and next hop as vlans. I cannot change everything into vlans as I have so many IP routes because many customers wanted only 1 IP, so I routed it with /32, I don't want to create separate vlans for all that as it can be big hassle...

I thought maybe my problem is the following:

I have one switch running SMI and the other EMI, can that be the problem?

Here are the ISO versions:

Active 3550: 12.2(25)SEE - IP BASE

Standby 3550: 12.1(22)EA8 - EMI

Can this be the problem?

Also, please answer this question. My standby 3550 came originally with SMI image but I had the above EMI package so I changed the IOS, does that make my 3550 with complete EMI functions now? or something else needs to be done?

Thanks

According to the link that I stated in my last message, there is no more SMI after 12.1.11EA1,so I believe both of your switch will support EMI. Once you upgraded to EMI, it does support EMI feature due to it is the running ver.

For the VLAN issue, in my suggestion, if you can create the additional VLANs for the new subnets, you won't require those /32 mask static route, so it should be no more problem. And the user only require to assign the new GW address and won't affect the user too much.

Please also consider to stack two 3550 as a sinlge domain then there will be no more HSRP issue.

I understood there will be lots of problem if you create new VLAN for new subnet, but it is the only solution that I can propose at the moment.

If you insist not to create new VLAN, then I will suggest not to use HSRP due to there is single point of failure of the connection to ISP, then just use the standby 3550 as a cascaded switch of primary 3550 then there will be no more problem too.

Please advise your prefernece. Hope I can help but the situation is limited.

Hello,

1) But on my SMI with the latest version, in my Cisco Network Assistant I DON'T see IGRP, EIRGP for my active 3550 which runs SMI latest version. BUT I DO see those routing protocols for the EMI switch running an earlier version but specific to EMI, what is th eexact check I can do to check really what each supports?

2) I will check for the vlans issue and try to put everyone on vlans.

3) How do I stack two 3550 as a single domain? what is the procedure to do that?

4) After we implement HSRP, we will add ANOTHER provider on the MAIN uplink of standby 3550 and run BGP as well in HSRP environment, so for now we want to integrated HSRP as later on there will be NO ONE POINT of failure.

Please answer 4 points above.

Thanks

1) The 12.2 IPbase is the IP only w/o those routing protocol. You have to upgrade to IP Services feature set or EMI. According to below link, you can download the EMI (IP Services) software at "no additional cost", I tried and able to download the file. Then you will able to enable routing at both switches.

http://www.cisco.com/en/US/products/hw/switches/ps646/products_qanda_item09186a00800913d3.shtml

2) Thanks for that.

3) Please check below for the stack info. If you will have another provider in future then it may better to keep your design w/ two 3550s as L3 switches.

http://www.cisco.com/en/US/products/hw/switches/ps646/products_data_sheet09186a00800a1789.html

4) This is great, please test the VLAN suggestion then you will have no more problem and minimize all potential problem in future. Because use separated VLANs, you don't need those static route and the BGP will also be much simpler. Please remember to consult w/ two providers to enure the network will work w/ both providers and how to make one provider as the active and the other as standby or load-sharing the links. It will be quite complicated issue in future. You can also ask the provider to provide sample config. However, you have to upgrade the active 3550 w/ 3550 (IP Services) first to enable the routing protocol.

Hope this helps.

Hello,

1) Can you please give me the exact version to download? because the latest EMI IOS I found on cisco's website is:

c3550-i5q3l2-tar.121-22.EA8.tar

Is that the correct one? Does that include everything I will need?

2) Also if there is a later version that I can have that will work, that is fine, but please tell me exactly what file name. Make sure it has all EMI features because I will have BGP on those afterwards.

3) Can I upgrade a switch in production? Will the config be lost? How much downtime should I expect from the switch? Please tell me exactly how I should upgrade it and with what precautions to take.

4) Let me know what is the best IOS version to put on BOTH the 3550's so they are the same and can run all EMI features.

Thank You