10-03-2010 11:36 PM
I know it is a lengthy post and it’s bit difficult to read all but I would really appreciate your time and will really be thankful for helping me out.
SW 1 and SW2 are connected back to back through port channel trunk and having HSRP running between them. Both switches’ port no 22 (G0/22) are the members of Vlan 50 (switchport access vlan 50) and are connected to another two dump switches which are also connected back to back . So mean to say, SW1’s port 22 is connected to SW3 and SW2’s port 22 is connected to SW4. SW1 and SW2 are connected back to back having HSRP running between them (SW2 is a standby Switch) and SW3 and SW4 are connected back to back without running HSRP. SW3 and SW4 are layer 2 dump switches and are on network 192.168.50.0/24 and that is why they are individually connected to SW1 and SW2 respectively on their port 22 which is a member of vlan 50
The gateway of all machines which are connected to SW3 and SW 4 is 192.168.50.253 which is a virtual IP. The physical IP of int vlan 50 on SW1 is 192.168.50.251 and 192.168.50.252 on SW2. Ideally, machines should send traffic to SW1 or SW2 only when they need to communicate to the devices outside vlan 50 but that is not the case, I can see the local traffic of vlan 50 going through the trunk between SW1 and SW2 alongwith HSRP hello packets. What does that mean if I disconnect the trunk between SW1 and SW2, will it affect the traffic between SW3 and SW4 which is a local traffic?
Moreover, when I saw the status of STP in each switch (all switches are running default STP), I found that SW3 is a root bridge and both SW1 and SW2 port 22 is a RP port. SW2 port channel which is connected to SW1 is DP and therefore port channel of SW1 is in blocking state which means the trunk between SW1 and SW2 is in a blocking state
Now my question is if trunk between SW2 and SW1 is in blocking state then how they are sending hello packets to eachother for HSRP and how the local traffic (that is source 192.168.50.x to destination 192.168.50.x) is going through the trunk (which at first place should not be happening) and what if I disconnect the trunk between SW1 and SW2? Will it affect the local traffic??
I would really be grateful If anyone can clarify me confusion.
SW1 Configuration
spanning-tree mode pvst
spanning-tree extend system-id
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/1
description WAN_Link
no switchport
ip address 2.2.2.2 255.255.255.252
interface GigabitEthernet0/22
switchport access vlan 50
switchport mode access
interface GigabitEthernet0/47
description Connection_A_To_SW2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
!
interface GigabitEthernet0/48
description Connection_B_To_SW2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface Vlan50
ip address 192.168.50.251 255.255.255.0
standby 1 ip 192.168.50.253
standby 1 priority 105
standby 1 preempt
standby 1 track GigabitEthernet0/1
SW 2 Configuration
spanning-tree mode pvst
spanning-tree extend system-id
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/1
description WAN_Link
no switchport
ip address 1.1.1.1 255.255.255.252
interface GigabitEthernet0/22
switchport access vlan 50
switchport mode access
interface GigabitEthernet0/47
description Connection_A_To_SW1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
!
interface GigabitEthernet0/48
description Connection_B_To_SW1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface Vlan50
ip address 192.168.50.252 255.255.255.0
standby 1 ip 192.168.50.253
standby 1 preempt
standby 1 track GigabitEthernet0/1
10-03-2010 11:37 PM
please also see the attachment
Regards
imran
10-05-2010 11:35 AM
Hi Imran,
I ran a quick simulation just altering your config a little bit to better understand your question.
My HSRP configuration just monitored the port-channel 1 interface state, rather than a dummy interface that you created. I realize that this interface may have been a routed gateway somewhere else. But in my simulation it went no-where.
I actually created a routed interface with the 2.2.2.0 network, rather than put in dummy IP addresses 0f 1.1.1.1 and 2.2.2.2. ( not that I used this interface for anything), but it closely followed your simulation.
I altered my spanning tree cost on Switch_2 , the interface port-channel 1 on switch 2 now has a very high cost, so as to make sure it was going to block over the port-channel when the spanning tree algorithm ran.
I really have no idea why you would want to block the port-channel, but VLAN 50 and the default VLAN are still propagated packets around the ring of switches. So both HSRP hosts could 'talk' to each other, even though the packets took the long way round my test network.
All HSRP did was monitor a interface state, which in your case was Gig 0/1, it still propagated it's multicast packets around the ring
SWITCH 2 remains in standby mode, when I pulled both port channel CAT5 cables out the port-channel 1.
Traffic on my switch_1 which had the HSRP master didn't miss a beat and pinging from a PC in switch_1 on VLAN50 to the PC gateway address continued without interruption. Hope that helped to answer your question.
Some debugs from switch 2
switch2#sh spann
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 001e.79fe.9800
Cost 57
Port 25 (FastEthernet0/23)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0023.347f.6000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role S
*Mar 1 00:28:39.748: %SYS-5-CONFIG_I: Configured from console by consolets Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/23 Root FWD 19 128.25 P2p
Po1 Altn BLK 100000 128.56 P2p
switch2#sh standby all
Vlan50 - Group 1
State is Standby
3 state changes, last state change 00:05:28
Virtual IP address is 192.168.50.253
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.144 secs
Preemption enabled
Active router is 192.168.50.251, priority 105 (expires in 9.536 sec)
Standby router is local
Priority 100 (default 100)
Track interface Port-channel1 state Up decrement 10
Group name is "hsrp-Vl50-1" (default)
switch2#
Configuration of my switch1
hostname switch1
!
track 1 interface Port-channel1 line-protocol
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
interface FastEthernet0/1
switchport access vlan 50
switchport mode access
interface FastEthernet0/4
description Connection_A_To_SW2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface FastEthernet0/5
description Connection_B_To_SW2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface FastEthernet0/23
description Connection_2960_SW3
switchport trunk encapsulation dot1q
interface FastEthernet0/24
description WAN_Link
no switchport
ip address 2.2.2.2 255.255.255.252
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
interface Vlan1
no ip address
shutdown
interface Vlan50
ip address 192.168.50.251 255.255.255.0
standby 1 ip 192.168.50.253
standby 1 priority 105
standby 1 preempt
standby 1 track 1 decrement 10
Configuration of my switch 2
Hostname switch2
track 1 interface Port-channel1 line-protocol
spanning-tree mode pvst
spanning-tree extend system-id
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree cost 100000
!
interface FastEthernet0/1
switchport access vlan 50
switchport mode access
interface FastEthernet0/4
description Connection_A_To_SW1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/5
description Connection_B_To_SW1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface FastEthernet0/23
description Connection_2960_SW4
switchport trunk encapsulation dot1q
interface FastEthernet0/24
description WAN_Link
no switchport
ip address 2.2.2.1 255.255.255.252
interface Vlan1
no ip address
shutdown
interface Vlan50
ip address 192.168.50.252 255.255.255.0
standby 1 ip 192.168.50.253
standby 1 preempt
standby 1 track 1 decrement 10
!
monitor session 1 source interface Fa0/4
monitor session 1 destination interface Fa0/6
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide