cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
900
Views
0
Helpful
6
Replies

Cisco ISR 1921 - LAN connectivity issues.

gustavitin
Level 1
Level 1

Hello,

 

We have two Cisco routers 1921 (Software Version 15.7(3)M5) with a EHWIC-4ESG card connecting multiple L2 switches. I have configured vlan10 with multiple IPs to provide access to all devices in the LAN segment. Router 1 (R1) is by configuration the HSRP Active router and R2 is the Standby router. Under normal circumstances, there are no connectivity issues, but we had experienced both routers losing connectivity to some LAN devices.

The lack of connectivity is not triggered by any network event, it happens only one router at the time, and some devices are reachable, others are not. The routers do not loss connectivity between them, the standby sessions remained formed and connectivity to the WAN interfaces is fine. The lack of connectivity (from/to some LAN devices) to the router having issues won't disappear by failing over the Standby or clearing the arp cache or cef table. The only solution we found is reloading the affected router to restore connectivity which by no means is a solution. Adding the main configs below.

Please review if possible, and thanks for the nice work being performed in the Cisco forum.

 

rt1#show inventory
NAME: "CISCO1921/K9", DESCR: "CISCO1921/K9 chassis, Hw Serial#: FGL1513211Y, Hw Revision: 1.0"
PID: CISCO1921/K9 , VID: V01 , SN: FGL1513211Y

NAME: "4 Port GE Non-POE EHWIC Switch on Slot 0 SubSlot 0", DESCR: "4 Port GE Non-POE EHWIC Switch"
PID: EHWIC-4ESG , VID: V01 , SN: FOC20035TX9

rt2#show inventory
NAME: "CISCO1921/K9", DESCR: "CISCO1921/K9 chassis, Hw Serial#: FTX1829804Z, Hw Revision: 1.0"
PID: CISCO1921/K9 , VID: V05 , SN: FTX1829804Z

NAME: "4 Port GE Non-POE EHWIC Switch on Slot 0 SubSlot 0", DESCR: "4 Port GE Non-POE EHWIC Switch"
PID: EHWIC-4ESG , VID: V01 , SN: FOC222469YV

 

rt2#show version | i Version
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.7(3)M5, RELEASE SOFTWARE (fc1)
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)

 

rt1#show run inter vlan 10
Building configuration...

Current configuration : 478 bytes
!
interface Vlan10
description LAN
ip address 192.168.200.2 255.255.255.0 secondary
ip address 192.168.1.2 255.255.255.0
ip nat inside
ip virtual-reassembly in
standby 1 ip 192.168.1.1
standby 1 priority 120
standby 1 preempt delay minimum 90
standby 1 track 1 decrement 20
standby 1 track 2 decrement 20
standby 2 ip 192.168.200.1
standby 2 priority 120
standby 2 preempt delay minimum 90
standby 2 track 1 decrement 20
standby 2 track 2 decrement 20
end

rt2#show run inter vlan 10
Building configuration...

Current configuration : 489 bytes
!
interface Vlan10
description LAN
ip address 192.168.200.3 255.255.255.0 secondary
ip address 10.0.9.3 255.255.255.0 secondary
ip address 192.168.1.3 255.255.255.0
ip nat inside
ip virtual-reassembly in
standby 1 ip 192.168.1.1
standby 1 priority 110
standby 1 preempt
standby 1 track 1 decrement 20
standby 1 track 2 decrement 20
standby 2 ip 192.168.200.1
standby 2 priority 110
standby 2 preempt
standby 2 track 1 decrement 20
standby 2 track 2 decrement 20
end

rt1#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 1 120 P Active local 192.168.1.3 192.168.1.1
Vl10 2 120 P Active local 192.168.200.3 192.168.200.1

rt2#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 1 110 P Standby 192.168.1.2 local 192.168.1.1
Vl10 2 110 P Standby 192.168.200.2 local 192.168.200.1


rt1#show spanning-tree summary
Root bridge for: none.
PortFast BPDU Guard is disabled
UplinkFast is disabled
BackboneFast is disabled

Name Blocking Listening Learning Forwarding STP Active
-------------------- -------- --------- -------- ---------- ----------
VLAN10 0 0 0 4 4
-------------------- -------- --------- -------- ---------- ----------
1 VLAN 0 0 0 4 4

rt2#show spanning-tree summary
Root bridge for: none.
PortFast BPDU Guard is disabled
UplinkFast is disabled
BackboneFast is disabled

Name Blocking Listening Learning Forwarding STP Active
-------------------- -------- --------- -------- ---------- ----------
VLAN10 2 0 0 2 4
-------------------- -------- --------- -------- ---------- ----------
1 VLAN 2 0 0 2 4

 

 

 

 

 

6 Replies 6

Hello,

 

the first thing to notice is that none of your routers is the root for any Vlan, which means the root is one of the connected switches. Which in any case is not optimal. 

 

On R1, configure:

 

spanning-tree vlan 10 root primary 

 

and on R2:

 

spanning-tree vlan 10 root secondary

 

and check if the issue persists...

Thanks for the quick response, I will try that and monitor the routers for a few days.

 

May i know how thats going to impact here in this case. 

Please do not hesitate to click the STAR button if you are satisfied with my answer.

When this problem happens does it impact a single client or is it multiple clients? If it is multiple clients, do these clients share some common characteristic (such as are they connected to the same access switch)?

 

When the problem happens again would you post these things:

- IP address of the client(s) impacted

- show arp -a from the impacted client(s)

- show arp from the routers

HTH

Rick

Leo Laohoo
Hall of Fame
Hall of Fame

@gustavitin wrote:

but we had experienced both routers losing connectivity to some LAN devices.


ARP poisoning?

I don't think that would be the case, as connectivity is lost to/from multiple devices, and the router has multiple IPs as well.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: