cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6959
Views
0
Helpful
6
Replies

HSRP over Intervlan routing

ganeshdhungana
Level 1
Level 1

I am really having problem with the implementation of HSRP over intervlan routing.

I configured the HSRP for multiple Vlans (10 &20), but both of the routers are in Active stage. I couldn't figure out where the

probem lies.

I have two routers (Cisco AS5300) and a Cisco 2950 Switch.

The brief configuration is as follows:

ROUTER1:

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 192.168.0.2 255.255.255.0

standby 1 ip 192.168.0.1

standby 1 priority 110

standby 1 preempt

!

interface FastEthernet0/0.20

encapsulation dot1Q 20

ip address 192.168.1.2 255.255.255.0

standby 2 ip 192.168.1.1

ROUTER2:

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 192.168.0.3 255.255.255.0

standby 1 ip 192.168.0.1

!

interface FastEthernet0/0.20

encapsulation dot1Q 20

ip address 192.168.1.3 255.255.255.0

standby 2 ip 192.168.1.1

standby 2 priority 110

standby 2 preempt

SWITCH:

In the trunk ports, I have configured,

(config-if)# switchport trunk encapsulation dot1q  native vlan 1

(config-if)# switchport mode trunk 

Hoping for  favourable responses from you mentors.

Regards,

Ganesh Dhungana


2 Accepted Solutions

Accepted Solutions

darren.g
Level 5
Level 5

Ganesh Dhungana wrote:

I am really having problem with the implementation of HSRP over intervlan routing.

I configured the HSRP for multiple Vlans (10 &20), but both of the routers are in Active stage. I couldn't figure out where the

probem lies.

I have two routers (Cisco AS5300) and a Cisco 2950 Switch.

The brief configuration is as follows:

A 2950 is a layer 2 switch - it doesn't support HSRP for routing. HSRP support in this switch is only for cluster command switch redundancy, not for actual routing.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_6_ea2c/configuration/guide/swgclust.html

provides more infrormation on command switch clustering and how it works.

Cheers

View solution in original post

Ganesh Dhungana wrote:

I have two routers which are connected to the switch.

Cisco 2950 is just there for the intervlan routing.

Doesnt it support the intervlan routing??

I have configured the HSRP on two Cisco AS5300 Routers.

Darren, I am not clear with your logic, would you please clarify me ?

Regards,

Ganesh

Sorry, I mis-read your original post - I thought you were trying to use the 2950 in the HSRP group. And I thought you types ASA5530, not AS5530. Two strikes for me. Mea Culpa.

Have you actually created VLAN 10 and VLAN 20 on your switch? I don't believe the switch will trunk tagged frames unless the VLAN's actually exist.

Also, the documentation I've found on the AS5300 (I've never used one) seems to indicate you should put a the command "standby name " into your configuration - although that may only be needed for IPSec VPN configurations on the AS5300 - see

http://www.cisco.com/en/US/docs/ios/12_1/12_1e9/feature/guide/ft_ipsha.html for what I'm talking about.

Sorry for the original screw up - teach me to read and try to reply coherently after a 12 hour shift!

Cheers.

View solution in original post

6 Replies 6

darren.g
Level 5
Level 5

Ganesh Dhungana wrote:

I am really having problem with the implementation of HSRP over intervlan routing.

I configured the HSRP for multiple Vlans (10 &20), but both of the routers are in Active stage. I couldn't figure out where the

probem lies.

I have two routers (Cisco AS5300) and a Cisco 2950 Switch.

The brief configuration is as follows:

A 2950 is a layer 2 switch - it doesn't support HSRP for routing. HSRP support in this switch is only for cluster command switch redundancy, not for actual routing.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_6_ea2c/configuration/guide/swgclust.html

provides more infrormation on command switch clustering and how it works.

Cheers

I have two routers which are connected to the switch.

Cisco 2950 is just there for the intervlan routing.

Doesnt it support the intervlan routing??

I have configured the HSRP on two Cisco AS5300 Routers.

Darren, I am not clear with your logic, would you please clarify me ?

Regards,

Ganesh

Ganesh Dhungana wrote:

I have two routers which are connected to the switch.

Cisco 2950 is just there for the intervlan routing.

Doesnt it support the intervlan routing??

I have configured the HSRP on two Cisco AS5300 Routers.

Darren, I am not clear with your logic, would you please clarify me ?

Regards,

Ganesh

Sorry, I mis-read your original post - I thought you were trying to use the 2950 in the HSRP group. And I thought you types ASA5530, not AS5530. Two strikes for me. Mea Culpa.

Have you actually created VLAN 10 and VLAN 20 on your switch? I don't believe the switch will trunk tagged frames unless the VLAN's actually exist.

Also, the documentation I've found on the AS5300 (I've never used one) seems to indicate you should put a the command "standby name " into your configuration - although that may only be needed for IPSec VPN configurations on the AS5300 - see

http://www.cisco.com/en/US/docs/ios/12_1/12_1e9/feature/guide/ft_ipsha.html for what I'm talking about.

Sorry for the original screw up - teach me to read and try to reply coherently after a 12 hour shift!

Cheers.

Thanks a ton man...

You are a life saver..Muaah.!!!

I finally resolved the issue..yes, I finally found out the until and unless we create the vlans in the switch,

it cant tagg the vlan traffice for the intervlan routing.

Cheers,

Thanks Again.

Ganesh Dhungana wrote:

Thanks a ton man...

You are a life saver..Muaah.!!!

I finally resolved the issue..yes, I finally found out the until and unless we create the vlans in the switch,

it cant tagg the vlan traffice for the intervlan routing.

Cheers,

Thanks Again.

No worries. Glad I got it right the second time around! :-)

Cheers

I realize this blog is over four years old, so I'm still searching for solid advice to resolve my questions concerning this particular issue.

My particular scenario is similar to this blog, however, I have figured out how to get two routers successfully configured using HSRP, and I'm using sub-interfaces gi5/0.10 & gi/0.20 on one router and subif gi2/0.10 & gi2/0.20 on the other for VLANs 10 and 20. All is working beautifully. My DHCP server is leasing the correct IPs for each separate VLAN. Great so far, right...

However, I do not wish to use ROAS exclusively, which only uses one single physical interface. I desire to use sub-interfaces on my gi5/0 and gi6/0 on LAX and gi2/0 and gi3/0 to accomplish FHRP load balancing across four different interfaces using two routers for my two VLANs VLAN10 and VLAN20. Attached is a screen capture of my GNS3 Topolgy and I will paste my config below.

I'm really curious on how to accomplish what I'm thinking in my brain. Thanks so much for All your expertise and assistance with my problem here.
------------------
HSRP ERROR - My Problem
----------
LAX(config-subif)#ip address 10.1.1.4 255.255.255.0

% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.

LAX(config-subif)#enc
LAX(config-subif)#encapsulation dot1q
% Incomplete command.

LAX(config-subif)#encapsulation dot1q ?
<1-4094> IEEE 802.1Q VLAN ID

LAX(config-subif)#encapsulation dot1q 10
LAX(config-subif)#ip address 10.1.1.4 255.255.255.0
% 10.1.1.0 overlaps with GigabitEthernet5/0.10
====================================================
My Current Operational Config (Irrelevant Config Output Ommitted)
-----------------------------
=============================
Router 1 Config - LAX
=============================
LAX#sho run
Building configuration...

!
ip dhcp excluded-address 10.1.1.1 10.1.1.99
ip dhcp excluded-address 10.1.1.151 10.1.1.254
ip dhcp excluded-address 10.1.2.1 10.1.2.99
ip dhcp excluded-address 10.1.2.151 10.1.2.254
!
ip dhcp pool VLAN10_IPs
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool VLAN20_IPs
network 10.1.2.0 255.255.255.0
default-router 10.1.2.1
dns-server 8.8.8.8 4.2.2.2
!
!
!
!
!
interface GigabitEthernet4/0
ip address 188.23.163.177 255.255.255.248
ip nat outside
ip virtual-reassembly
negotiation auto
!
interface GigabitEthernet5/0
no ip address
ip nat inside
ip virtual-reassembly
negotiation auto
!
interface GigabitEthernet5/0.10
encapsulation dot1Q 10
ip address 10.1.1.3 255.255.255.0
standby 0 priority 115
standby 0 preempt
standby 1 ip 10.1.1.1
standby 1 priority 115
standby 1 preempt
!
interface GigabitEthernet5/0.20
encapsulation dot1Q 20
ip address 10.1.2.3 255.255.255.0
standby 2 ip 10.1.2.1
standby 2 priority 115
standby 2 preempt
!
interface GigabitEthernet6/0
no ip address
ip nat inside
ip virtual-reassembly
negotiation auto
!
interface GigabitEthernet6/0.10
encapsulation dot1Q 10
!
interface GigabitEthernet6/0.20
!
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 188.23.163.178
no ip http server
no ip http secure-server
!
!
ip nat pool OUTSIDE_IP 188.23.163.177 188.23.163.177 netmask 255.255.255.248
ip nat inside source list NAT_ADDRESSES pool OUTSIDE_IP overload
!
ip access-list standard NAT_ADDRESSES
permit 10.1.1.0 0.0.0.255
permit 10.1.2.0 0.0.0.255
!
-------------------------------------------
LAX: HSRP (Show) Output
-------------------------------------------
LAX#sho standby
GigabitEthernet5/0.10 - Group 1
State is Active
2 state changes, last state change 07:17:23
Virtual IP address is 10.1.1.1
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.152 secs
Preemption enabled
Active router is local
Standby router is 10.1.1.2, priority 100 (expires in 9.184 sec)
Priority 115 (configured 115)
Group name is "hsrp-Gi5/0.10-1" (default)
GigabitEthernet5/0.20 - Group 2
State is Active
2 state changes, last state change 07:15:38
Virtual IP address is 10.1.2.1
Active virtual MAC address is 0000.0c07.ac02
Local virtual MAC address is 0000.0c07.ac02 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.408 secs
Preemption enabled
Active router is local
Standby router is 10.1.2.2, priority 100 (expires in 9.088 sec)
Priority 115 (configured 115)
Group name is "hsrp-Gi5/0.20-2" (default)
=====
================================
Router 2 Config - GLBP_RTR
================================
GLBP_RTR#sho run
Building configuration...
!
!
!
!
interface GigabitEthernet2/0
no ip address
negotiation auto
!
interface GigabitEthernet2/0.10
encapsulation dot1Q 10
ip address 10.1.1.2 255.255.255.0
standby 1 ip 10.1.1.1
!
interface GigabitEthernet2/0.20
encapsulation dot1Q 20
ip address 10.1.2.2 255.255.255.0
standby 2 ip 10.1.2.1
!
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 188.23.163.177
ip route 0.0.0.0 0.0.0.0 10.1.1.1
no ip http server
no ip http secure-server
!
!
-------------------------------------------
GLBP_RTR: HSRP (Show) Output
-------------------------------------------
GLBP_RTR(config)#do sho standby
GigabitEthernet2/0.10 - Group 1
State is Standby
1 state change, last state change 04:43:11
Virtual IP address is 10.1.1.1
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.048 secs
Preemption disabled
Active router is 10.1.1.3, priority 115 (expires in 10.272 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Gi2/0.10-1" (default)
GigabitEthernet2/0.20 - Group 2
State is Standby
1 state change, last state change 04:41:01
Virtual IP address is 10.1.2.1
Active virtual MAC address is 0000.0c07.ac02
Local virtual MAC address is 0000.0c07.ac02 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.392 secs
Preemption disabled
Active router is 10.1.2.3, priority 115 (expires in 9.280 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Gi2/0.20-2" (default)
=====

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco