04-30-2022 02:59 AM
Hello Team,
I am trying to figure out why my active HSRP router is not seeing the standby router (standby router is unknow).
**
D11(config)#do sh standby bri
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 0 150 P Active local unknown 10.10.10.254
**
I went with a very simple design to figure out what is happening.
I am using CML 3.0 with 2 routers (D11 and D12 -> HSRP) and a switch where i do have a desktop connected to it for testing purpose with one Interface vlan 10 on both routers. Switch device is configured with VLAN 10 only.
After debugging IP packet from both HSRP devices, i discovered that the active router (D11) is not receiving multicast IP address from D12. I do not have any ACL configured on any Routers and switches...
Below the configuration:
Active HSRP - Router D11
D11(config)#do sh run int g0/1
Building configuration...
Current configuration : 105 bytes
!
interface GigabitEthernet0/1
switchport access vlan 10
switchport mode access
negotiation auto
end
D11(config-if)#do sh run int vlan 10
Building configuration...
Current configuration : 150 bytes
!
interface Vlan10
ip address 10.10.10.1 255.255.255.0
standby version 2
standby 0 ip 10.10.10.254
standby 0 priority 150
standby 0 preempt
end
*************************************
Standby HSRP - Router D11
D12(config)#do sh run int gi0/1
Building configuration...
Current configuration : 105 bytes
!
interface GigabitEthernet0/1
switchport access vlan 10
switchport mode access
negotiation auto
end
D12(config)#do sh run int vlan 10
Building configuration...
Current configuration : 126 bytes
!
interface Vlan10
ip address 10.10.10.2 255.255.255.0
standby version 2
standby 0 ip 10.10.10.254
standby 0 preempt
end
********************************
Switch:
SW1(config)#do sh run int gi0/1
Building configuration...
Current configuration : 105 bytes
!
interface GigabitEthernet0/1
switchport access vlan 10
switchport mode access
negotiation auto
end
SW1(config)#do sh run int gi0/2
Building configuration...
Current configuration : 105 bytes
!
interface GigabitEthernet0/2
switchport access vlan 10
switchport mode access
negotiation auto
end
**********************************
Debugging from D11:
D11(config)#$ 100 permit udp host 10.10.10.2 host 224.0.0.102 eq 1985
D11(config)#$ 100 permit udp host 10.10.10.1 host 224.0.0.102 eq 1985
D11(config)#do debug ip pack 100
IP packet debugging is on for access list 100
D11(config)#
*Apr 29 16:38:30.496: IP: s=10.10.10.1 (local), d=224.0.0.102 (Vlan10), len 80, local feature, Auth Proxy(16), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 29 16:38:30.496: IP: s=10.10.10.1 (local), d=224.0.0.102 (Vlan10), len 80, sending broad/multicast
*Apr 29 16:38:30.496: IP: s=10.10.10.1 (local), d=224.0.0.102 (Vlan10), len 80, sending full packet
D11(config)#
***************************
Debugging from D12:
D12(config)#do sh run | s access-list
access-list 100 permit udp host 10.10.10.2 host 224.0.0.102 eq 1985
access-list 100 permit udp host 10.10.10.1 host 224.0.0.102 eq 1985
D12(config)#do debug ip pack 100
IP packet debugging is on for access list 100
D12(config)#
*Apr 29 16:38:14.149: IP: s=10.10.10.1 (Vlan10), d=224.0.0.102, len 80, rcvd 0
*Apr 29 16:38:14.150: IP: s=10.10.10.1 (Vlan10), d=224.0.0.102, len 80, input feature, packet consumed, MCI Check(109), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 29 16:38:14.495: IP: s=10.10.10.2 (local), d=224.0.0.102 (Vlan10), len 80, local feature, Auth Proxy(16), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 29 16:38:14.496: IP: s=10.10.10.2 (local), d=224.0.0.102 (Vlan10), len 80, sending broad/multicast
*Apr 29 16:38:14.497: IP: s=10.10.10.2 (local), d=224.0.0.102 (Vlan10), len 80, sending full packet
D12(config)#
Thanks for your help, in advance if you can figure out what's going one.
Solved! Go to Solution.
04-30-2022 07:46 AM
Hi David,
Thanks for your recommandation.
I tried everything and nothing works. Currently i have all my links setup as Trunk and VTP is as well setup correctly.
I also ensured STP is not blocking ports between connected HSRP nodes.
As per what i can see on wireshark, the multicast traffic from D12 (standby HSRP node) is beeing sent out on the trunk link between both HSRP devices like you advice, but for some reason this D11(Active HSRP node) doesnt see it.
D12 has full visibility and as no issue.
I dont know if this issue is because i am using an L3 switches. I am pretty sure if i go with Routers i won't see this issue.
04-30-2022 07:50 AM
D11(config)#do sh standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 0 150 P Active local unknown 10.10.10.254
***
D12(config-if)#do sh standby bri
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 0 100 P Standby 10.10.10.1 local 10.10.10.254
D12(config-if)#
04-30-2022 07:56 AM
Thanks MHM,
They are already L3 switches:
D11(config)#do sh run all | s ip routing
ip routing protocol purge interface
ip routing
D11(config)#
**
D12(config)#do sh run all | s ip routing
ip routing protocol purge interface
ip routing
D12(config)#
04-30-2022 08:10 AM
Hello,
--> I am using CML 3.0 with 2 routers (D11 and D12
What devices are D11 and D12 ? Post the output of 'sh ver'...
04-30-2022 08:16 AM
Hello Georg,
D11(config)#do sh version
Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135]
Copyright (c) 1986-2020 by Cisco Systems, Inc.
Compiled Tue 29-Sep-20 11:53 by sweickge
ROM: Bootstrap program is IOSv
D11 uptime is 7 hours, 55 minutes
System returned to ROM by reload
System image file is "flash0:/vios_l2-adventerprisek9-m"
D12(config)#do sh version
Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135]
Copyright (c) 1986-2020 by Cisco Systems, Inc.
Compiled Tue 29-Sep-20 11:53 by sweickge
ROM: Bootstrap program is IOSv
D12 uptime is 7 hours, 57 minutes
System returned to ROM by reload
System image file is "flash0:/vios_l2-adventerprisek9-m"
thanks,
04-30-2022 08:17 AM
OK,
can you share the
show mac-table
in SW and HSRP peer
04-30-2022 08:24 AM - edited 04-30-2022 08:33 AM
@hnavi77 @Have you co figured the layer 2 vlan on all switches?
vlan 10
Creating the interface vlan 10 doesn’t create the layer 2 instance on the “D11 and D12” switch devices, so you need to create it on all devices. That may allow the L2 multicast.
-David
04-30-2022 08:49 AM
""Because i am having similar issue in my more complex topology.""
you meaning in real network?
are you have right license to run HSRP in L3SW ??
04-30-2022 09:51 AM - edited 04-30-2022 05:30 PM
...
04-30-2022 10:21 AM
In the posted configs I see only one interface configured as access port in vlan 10. How does vlan 10 get from D11 to D12?
to help us better understand this environment please post the output of these commands from both D11 and D12
show cdp neighbor
show interface status
show interface trunk
04-30-2022 03:22 PM
04-30-2022 03:29 PM - edited 04-30-2022 04:24 PM
...
04-30-2022 03:47 PM
@MHM, L3 switch works fine.
Added a new L3 switch (D13) and enabled OSPF using Loopback interface with D11.
D11(config-if)#router ospf 1
D11(config-router)#netw 7.0.0.0 0.0.0.255 area 0
D11(config-router)#
*Apr 29 22:22:44.789: %OSPF-5-ADJCHG: Process 1, Nbr 12.0.0.1 on GigabitEthernet0/3 from LOADING to FULL, Loading Done
D11(config-router)#
...
O E2 12.0.0.0 [110/20] via 7.0.0.1, 00:00:51, GigabitEthernet0/3
04-30-2022 03:59 PM - edited 04-30-2022 04:03 PM
All the links have now been configured as trunk to check the result.
but same problem.
Below the output of your request:
Vlan10 - Group 0 (version 2)
State is Active
Virtual IP address is 10.10.10.254
Active virtual MAC address is 0000.0c9f.f000 (MAC In Use)
Local virtual MAC address is 0000.0c9f.f000 (v2 default)
D11(config)#do sh mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 5254.0000.003a DYNAMIC Gi0/1
1 5254.0000.0045 DYNAMIC Gi0/2
10 5254.0000.003a DYNAMIC Gi0/1
10 5254.0000.0046 DYNAMIC Gi0/1
Total Mac Addresses for this criterion: 4
D11(config)#
***
D12(config)#do sh mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 5254.0000.003b DYNAMIC Gi0/1
10 0000.0c9f.f000 DYNAMIC Gi0/1
10 5254.0000.003b DYNAMIC Gi0/1
10 5254.0000.0046 DYNAMIC Gi0/1
Total Mac Addresses for this criterion: 4
D12(config)#
***
SW1(config)#do sh mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 5254.0000.003f DYNAMIC Gi0/1
1 5254.0000.0043 DYNAMIC Gi0/2
10 0000.0c9f.f000 DYNAMIC Gi0/1
10 5254.0000.0046 DYNAMIC Gi1/0
10 5254.0000.800a DYNAMIC Gi0/2
Total Mac Addresses for this criterion: 5
SW1(config)#
Thanks,
04-30-2022 04:00 PM - edited 04-30-2022 04:22 PM
That ok
Meaning l3 is ok,
for trunk keep config as it.
there is different between two topology, in original post and later you change it!
please remove the direct interconnect link between the two HSRP peer
in SW1 that connect both HSRP peer
no ip routing
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide