get on the switch and do 'set vlan 5 state active'

Hi, disabled and renabled VLAN5 shows as an active VLAN but still will not route.

Primary-RSM#sho int vlan 5

Vlan5 is up, line protocol is up

Hardware is Cat6k RP Virtual Ethernet, address is 0008.7cd2.5c42 (bia 0008.7cd

2.5c42)

Description: Server VLAN 5

Internet address is 172.20.152.252/21

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue :0/40 (size/max)

5 minute input rate 3000 bits/sec, 5 packets/sec

5 minute output rate 3000 bits/sec, 3 packets/sec

5052994 packets input, 404404088 bytes, 0 no buffer

Received 5052994 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

3564109 packets output, 475418401 bytes, 0 underruns

0 output errors, 12 interface resets

0 output buffer failures, 0 output buffers swapped out

Just a thought, I am monkeying with another RSM issue and one suggestion that I saw was to change the number- yes whoever said that thinks that there is something with the numeric value. So can you reassign the number, say from 5 make it 17 or something and see if it makes a difference, I know makes absolutely no sense but... :)

This is an interesting problem. My gut is that this is either an IOS/CatOS bug or a switch MAC address issue. It appears that everything is configured properly on the 6500 MSFC and the 7206 router, however I don't have any info on the 6500 Supervisor CatOS config and/or version.

1) The router code on the 6500 is very old. Cisco won't even talk to you with that version of IOS [12.1(11b)E] on the MSFC. You may want to upgrade the code. My assumption is that the CatOS code is equally as out of date. There is a definite relationship between MSFC IOS and Supervisor CatOS version compatibility, so be sure to read the release notes carefully. I can make a recommendation if you send a 'show system' and 'show mod' from the Supervisor and a 'show ver' and 'show diag' from the MSFC.

2) There are a couple of configuration problems, nothing that should be causing this problem, but definitely look at the following:

- What is the native VLAN on the 7200 trunk interface? What is the result of the 'show vlans' command on the 7200 router?

- You only need to configure HSRP preemption on the neighbor that has the highest priority, by definition the lower priority neighbor can never preempt. There have been a bunch of bugs in past IOS versions with incorrectly configuring preemption on both neighbors, so avoid that configuration.

- Be very careful configuring an HSRP group number on any 6500 platform. The 6500 chassis has a limited number of MAC addresses available. The point of a group number is if you have more than one HSRP group PER INTERFACE. In the case of the MSFC/MSFC2/MSFC3, every Vlan logical interface can use the same MAC address for HSRP. This would only be a problem if you had multiple HSRP groups on ANY single interface. Just leave the HSRP group number out of the config and all will be well.

3) From the information you have provided, the MSFC virtual module 15 trunk should be forwarding Vlan 5. Note that you cannot actually configure module 15 from the Supervisor (CatOS), so your 'set trunk 15/1' command was useless. Also note that Vlan 5 will be down on the switch Supervisor if there are no ports in Vlan 5. It appears that there is a trunk configured on the switch so that shouldn't be an issue, but something to keep in mind.

4) For kicks, what is the output from the 'show spant summary' command on the switch Supervisor (CatOS)?

Hopefully that gives you some ideas, have you opened a Cisco TAC case on this issue?

Thanks for the feedback, I am wondering if this is a software issue now. If you could advise on the best release of CatOS and MSFC2 software I should upgrade to that would be great.

Below is the answers to some of your questions

Output from Show Vlans on the 7200 router...

Virtual LAN ID: 5 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet2/0.5

Protocols Configured: Address: Received: Transmitted:

IP 172.20.152.253 52341237 42254486

Virtual LAN ID: 10 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet2/0.10

Protocols Configured: Address: Received: Transmitted:

IP 172.20.128.253 44306170 45198813

Virtual LAN ID: 15 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet2/0.15

Protocols Configured: Address: Received: Transmitted:

IP 172.20.136.253 8058230 8320446

Virtual LAN ID: 20 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet2/0.20

Protocols Configured: Address: Received: Transmitted:

IP 172.20.56.253 203046 238863

Show Spant Summ on the CatOS

cat6506> (enable) sho spant summary

MAC address reduction: disabled

Root switch for vlans: 1,5,10,15,20,25,72,99.

BPDU skewing detection disabled for the bridge

BPDU skewed for vlans: none.

Portfast bpdu-guard disabled for bridge.

Portfast bpdu-filter disabled for bridge.

Uplinkfast disabled for bridge.

Backbonefast disabled for bridge.

Summary of connected spanning tree ports by vlan

VLAN Blocking Listening Learning Forwarding STP Active

1 0 0 0 1 1

5 0 0 0 1 1

10 0 0 0 1 1

15 0 0 0 1 1

20 0 0 0 1 1

25 0 0 0 1 1

30 0 0 0 10 10

72 0 0 0 1 1

99 0 0 0 1 1

Blocking Listening Learning Forwarding STP Active

Total 0 0 0 18 18

With regard to the HSRP groups, if I dont use a group number the standbys wont match with the 7200 standby groups? I am pairing a 7200 and an MSFC.

Show Mod

cat6506> (enable) sho mod

Mod Slot Ports Module-Type Model Sub Status

1 1 2 1000BaseX Supervisor WS-X6K-SUP1A-2GE yes ok

15 1 1 Multilayer Switch Feature WS-F6K-MSFC2 no ok

3 3 48 10/100BaseTX Ethernet WS-X6348-RJ-45 yes ok

Mod Module-Name Serial-Num

--- -------------------- -----------

1 SAD061203R1

15 SAD061300VX

3 SAL0744P0ZV

Mod MAC-Address(es) Hw Fw Sw

--- -------------------------------------- ------ ---------- -----------------

1 00-02-7e-38-dd-d6 to 00-02-7e-38-dd-d7 7.2 5.3(1) 6.3(3)

00-02-7e-38-dd-d4 to 00-02-7e-38-dd-d5

00-02-fc-49-fc-00 to 00-02-fc-49-ff-ff

15 00-08-7c-d2-5c-40 to 00-08-7c-d2-5c-7f 2.3 12.1(11b)E 12.1(11b)E

3 00-0e-38-b4-98-70 to 00-0e-38-b4-98-9f 6.7 5.4(2) 6.3(3)

Mod Sub-Type Sub-Model Sub-Serial Sub-Hw

1 L3 Switching Engine WS-F6K-PFC SAD061203F3 2.0

Sho Ver from MSFC

MSFC2 Software (C6MSFC2-JK2O3SV-M), Version 12.1(11b)E

Got it! the 7206 did have VLAN 1 defined but the MSFC didn't. It was using VLAN5 as the native. I have made sure everything is set to 1 for the native VLANs and its now working fine.

Thanks to everyone for your help on this problem. Much appreciated.

Run "debug standby packet" and post some result that you can see related to int vlan 5 - for both MSFC and 7206 - and also set up an extended access list as follow:

access-list 150 permit IP host [source - int 5 vlan ip address from MSFC] host [destination - sub int on 7206 for vlan 5]

Run "debug ip packet 150" - after that check to see if there are any conversation between the two. Please post some message relate to Vlan 5.

Standby Debug output

00:11:07: SB10: Vl10 Hello out 172.20.128.247 Standby pri 100 ip 172.20.128.254

00:11:07: SB5: Vl5 Hello out 172.20.152.252 Speak pri 100 ip 172.20.152.254

00:11:08: SB10: Vl10 Hello in 172.20.128.253 Active pri 100 ip 172.20.128.254

00:11:09: SB5: Vl5 Hello in 172.20.152.253 Active pri 100 ip 172.20.152.254

00:11:10: SB10: Vl10 Hello out 172.20.128.247 Standby pri 100 ip 172.20.128.254

00:11:10: SB5: Vl5 Hello out 172.20.152.252 Speak pri 100 ip 172.20.152.254

00:11:11: SB10: Vl10 Hello in 172.20.128.253 Active pri 100 ip 172.20.128.254

00:11:11: SB5: Vl5 Hello out 172.20.152.252 Standby pri 100 ip 172.20.152.254

00:11:12: SB5: Vl5 Hello in 172.20.152.253 Active pri 100 ip 172.20.152.254

00:11:13: SB10: Vl10 Hello out 172.20.128.247 Standby pri 100 ip 172.20.128.254

00:11:14: SB10: Vl10 Hello in 172.20.128.253 Active pri 100 ip 172.20.128.254

00:11:14: SB5: Vl5 Hello out 172.20.152.252 Standby pri 100 ip 172.20.152.254

00:11:14: SB5: Vl5 Hello in 172.20.152.253 Active pri 100 ip 172.20.152.254

00:11:16: SB10: Vl10 Hello out 172.20.128.247 Standby pri 100 ip 172.20.128.254

00:11:16: SB10: Vl10 Hello in 172.20.128.253 Active pri 100 ip 172.20.128.254

00:11:17: SB5: Vl5 Hello out 172.20.152.252 Standby pri 100 ip 172.20.152.254

00:11:17: SB5: Vl5 Hello in 172.20.152.253 Active pri 100 ip 172.20.152.254

00:11:18: SB10: Vl10 Hello out 172.20.128.247 Standby pri 100 ip 172.20.128.254

00:11:19: SB10: Vl10 Hello in 172.20.128.253 Active pri 100 ip 172.20.128.254

00:11:20: SB5: Vl5 Hello out 172.20.152.252 Standby pri 100 ip 172.20.152.254

00:11:20: SB5: Vl5 Hello in 172.20.152.253 Active pri 100 ip 172.20.152.254un

all

00:11:21: SB10: Vl10 Hello out 172.20.128.247 Standby pri 100 ip 172.20.128.254

00:11:22: SB10: Vl10 Hello in 172.20.128.253 Active pri 100 ip 172.20.128.254

ACL Debug Ouput on VLAN5

00:12:03: datagramsize=1154, IP 0: s=172.20.152.252 (local), d=172.20.152.253 (

lan5), totlen 1154, fragment 0, fo 0, sending

00:12:03: datagramsize=1220, IP 0: s=172.20.152.252 (local), d=172.20.152.253 (

lan5), totlen 1154, fragment 0, fo 0, sending full packet

00:12:08: datagramsize=1154, IP 0: s=172.20.152.252 (local), d=172.20.152.253 (

lan5), totlen 1154, fragment 0, fo 0, sending

00:12:08: datagramsize=1220, IP 0: s=172.20.152.252 (local), d=172.20.152.253 (

lan5), totlen 1154, fragment 0, fo 0, sending full packet

00:12:13: datagramsize=1154, IP 0: s=172.20.152.252 (local), d=172.20.152.253 (

lan5), totlen 1154, fragment 0, fo 0, sending

00:12:13: datagramsize=1220, IP 0: s=172.20.152.252 (local), d=172.20.152.253 (

Change priority on one of the interface to higher than the other by issue a command in interface configuration: standby [group#] priority [# greater than 100] let me know if that work.

IOS (tm) MSFC2 Software (C6MSFC2-JK2O3SV-M), Version 12.1(11b)E, EARLY DEPLOYMEN

T RELEASE SOFTWARE (fc1)

IOS (tm) 7200 Software (C7200-JS-M), Version 12.0(5)T1, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1999 by cisco Systems, Inc.