I have a LAN consisting of two interconnected cat 6009 backbone switches. I have cat 3500 series as edge switches connected to the backbone switches using fiber uplinks (GBICs). I've configured several VLANs with HSRP on the 6009's. All the workstations connected to the edge switches are pointing to the virtual ip address of the VLAN they belong to. Everything is working great. However, every now and then one specific VLAN lose connectivity to the outside. The people on this VLAN cannot access anything outside their VLAN. They cannot ping the default gateway (which is the virtual address of the HSRP). They can still communicate with others on the same VLAN (not a broadcast storm) . This problem happens to the same VLAN everytime. It lasts for few minutes and sometimes for few hours. It's really puzzling me. Could it be a bug. I'm running IOS (tm) c6sup2_rp Software (c6sup2_rp-IS-M), Version 12.1(3a)E4, EARLY DEPLOYME
NT RELEASE SOFTWARE (fc1). Any suggestions are appreciated. Thanks.
Since the issue is only with one particular vlan communicating with others, I feel, that the catch here is the trunk link. Did you check the trunk link configurations, is it fine ? Or may be the cable is loosely connected. You could check these and then also find out ways of troubleshooting in the following document:
Troubleshooting LAN Switching Environments
Are you using spanning-tree?
Do you know which switch is the spanning-tree root for each VLAN?
With the VLAN behaving unstable intermittently; I would check to ensure the uplinks from the 6500 to 3500 are configured correctly and explicitly specify the root bridge for each VLAN.
Using a sniffer to look at the network will reveal some surprises for sure.
I think a physical layer issue would have been pretty obvious during the long outage. Here are a few things to try during the next event if you have not already:
1) can you ping the hsrp address of the bad vlan from other networks? If so what 6009 is it on (did it fail over)? if you can't then somethings wrong with the core.
2) can pcs in the bad vlan ping the primary (not hsrp) addresses of the 6009s in their vlan? If so another host may be mis-configured with the HSRP gateway address as its address instead of as their gateway; but apparently is not answering pings.
3) check the arp table in a pc after trying to ping the 3 addresses of the router in the vlans; two primary and the hsrp. If there are any entries what hosts are they?