Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1776
Views
0
Helpful
6
Replies

The duplicate address on hsrp group.

huangzhy
Level 1
Level 1

‎12-09-2002 07:12 AM - edited ‎03-02-2019 03:28 AM

I have two cat6509 switches report duplicate address problem.

S2 is the active router , the interface address of vlan 20 is 42.0.191.92, and the hsrp standby address is 42.0.191.98, the log shows:

Dec 8 16:56:18: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.92 on Vlan20, sourced by 0000.0c07.ac14

*Dec 8 16:57:02: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.92 on Vlan20, sourced by 0000.0c07.ac14

*Dec 8 16:57:32: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.92 on Vlan20, sourced by 0000.0c07.ac14

*Dec 8 16:58:02: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.92 on Vlan20, sourced by 0000.0c07.ac14

*Dec 8 17:02:50: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.92 on Vlan20, sourced by 0000.0c07.ac14

S1 is the standby router, the interface address of vlan 20 is 42.0.191.91 , and the hsrp standby ip address is 42.0.191.98. The log shows:

Dec 8 21:39:53: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.91 on Vlan20, sourced by 0007.4fa0.f7fc

*Dec 8 21:40:24: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.91 on Vlan20, sourced by 0007.4fa0.f7fc

*Dec 8 21:41:18: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.91 on Vlan20, sourced by 0007.4fa0.f7fc

*Dec 8 21:59:29: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.91 on Vlan20, sourced by 0007.4fa0.f7fc

*Dec 8 21:59:59: %STANDBY-3-DUPADDR: Duplicate address 42.0.191.91 on Vlan20, sourced by 0007.4fa0.f7fc

I notice that in the log of S2, the duplicate address alert is appear every thirty seconds(why?) , and the source MAc address is the hsrp MAC address.

How can i troubleshoot this problem?

Labels:
0 Helpful
6 Replies 6

jabouaf
Level 1
Level 1

‎12-10-2002 07:54 AM

Hello,

I'm having a same king of problem (maybe not yours):

my customer is using IBM type 1 cable for Ethernet connections with portfast feature on distributions switches (29xx, 35xx).

Here is what I found (maybe I'm wrong): When an hermaphrodite cable is disconnected, (so that the port of the switch is seeing an electrical loop), for the time need by the switch to detect the electrical loop, the port is sending back all broacdast/multicast the port is sending during this very short time.

So I could received ONE duplicate address message (only one, no more)

I used debug for STP on the distribution switch, and when disconnecting the type 1 IBM cable, I saw that, for a very short while the port is forwarding (less than 2 secondes).

Maybe there is some others problems. (some others STP problems, release )

STP=spanning-tree

I hope this could help you.

0 Helpful

james.henderson
Level 1
Level 1

‎12-10-2002 08:05 AM

As stated from cisco's website:

"

Case Study #1: HSRP Standby IP Address Is Being Reported As a Duplicate IP Address

Sample error message:

Oct 12 13:15:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1

on Vlan25, sourced by 0000.0c07.ac19

Oct 13 16:25:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1

on Vlan25, sourced by 0000.0c07.ac19

Oct 15 22:31:02: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1

on Vlan25, sourced by 0000.0c07.ac19

Oct 15 22:41:01: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1

on Vlan25, sourced by 0000.0c07.ac19

These error messages do not necessarily indicate an HSRP problem. Rather, the error messages indicate a possible Spanning-Tree Protocol (STP) loop or router/switch configuration issue. The error messages are just symptoms of another problem.

In addition, these error messages do not prevent HSRP from operating correctly. The duplicate HSRP packet is ignored. These error messages are throttled at 30 second intervals. However, network slow performance and packet loss may result from the network instability that is causing the STANDBY-3-DUPADDR error messages of the HSRP address.

Sample error message:

Oct 15 22:41:01: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1

on Vlan25, sourced by 0000.0c07.ac19

Specifically, the above messages indicate that the router received a data packet sourced from the HSRP IP address on VLAN25 with the MAC addresses 0000.0c07.ac19. Since the HSRP MAC address is 0000.0c07.ac19, either the router in question received its own packet back or both routers in the HSRP group went into the active state. Since the router received its own packet, the problem most likely is with the network rather than the router. A variety of problems can cause this behavior. Momentary STP loops, EtherChannel configuration issues, and duplicated frames are examples of possible network problems that can cause the STANDBY-3-DUPADDR error messages.

When troubleshooting these error messages, review the troubleshooting steps outlined in the HSRP Troubleshooting Modules section of this document. All of the troubleshooting modules are applicable to this section, including modules on configuration. In addition, note any errors in the switch log and reference additional case studies as necessary.

Furthermore, there is a method to prevent the active router from receiving its own multicast hello packet by using an access-list. However, this is only a work-around for the error messages. This work-around actually hides the symptom of the problem. The work-around is to apply an extended inbound access-list to the HSRP interfaces blocking all traffic sourced from the physical IP address destined to all routers multicast address 224.0.0.2. For example:

access-list 101 deny ip host 172.16.12.3 host 224.0.0.2

access-list 101 permit ip any any

interface ethernet 0

ip address 172.16.12.3 255.255.255.0

standby 1 ip 172.16.12.1

ip access-group 101 in

"

0 Helpful

rguerra
Level 1
Level 1
In response to james.henderson

‎12-10-2002 08:39 AM

I have experienced this exact problem about 2 years ago The stated access list works and is what we implemented. Also you may experience this issue with 2 6509s and 4 MSFCs. Try running Single Router Mode on the MSFCs.

0 Helpful

huangzhy
Level 1
Level 1
In response to rguerra

‎12-10-2002 09:40 PM

I think the access list doesn't work.The user complain that the speed of network is very slow.And when i see the interface vlan 20,i find that the broadcast packet the interface is receiving account for up to 50 percent of total packet.And the CPU usage is above 50 percent . When i ping a host on the same subnetwork,the packet loss is very high. I think that there is something wrong with the STP tree.May be there is a loop causing the broadcast storm.But how can i identify the culprit?

0 Helpful

j.stringer
Level 1
Level 1
In response to huangzhy

‎12-11-2002 05:54 AM

If you don't have some kind of network management tool running that monitors the ports then you can use any sniffing tool to discover the port or ports that the broadcasts are originating from. good luck ....

regards

0 Helpful

huangzhy
Level 1
Level 1
In response to j.stringer

‎12-11-2002 05:18 PM

I find it! The malfunctioning HUB is the culprit !

I used sniffer to catch packets and found that most of the packets came from hosts connecting to a hub. At the beginning ,i suspected that it's was computer virus that cause the problem .But i had scan the computer and find there is no virus. Then i replace the NIC of hosts ,and the problem remains.

Last i replaced the HUB,and the problem solved!

0 Helpful
Customers Also Viewed These Support Documents