HRSP and Sub interfaces

N W · ‎04-06-2011

Guys

We have two routers, connected to a switch over a vlan. I want to run HSRP. It works when I use the interface and an access port on the switch, but fails when I use a sub-interfcae on the router and a trunk port on the switch. Ping connectivity is there, but hello messages are not reaching the neighbor from both routers.

Any ideas on what may be wrong?

Thanks

Noel

tj.mitchell · ‎04-06-2011

Please post the configurations on all devices as I just lab'ed it up and it's working fine..

glen.grant · ‎04-06-2011

Check encapsulation type on router and switch , also whatever native vlan you are using has to match on all

3 .

alessandro.ratti · ‎04-06-2011

Were routers subinterfaces defined as trunk and is connected to a trunk port on the switches?
Verify that the VLAN is defined on both switches, otherwise HSRP does not work correctly.
If you have defined the authentication verifies that the keys match and test the same configuration without authentication.

tj.mitchell · ‎04-06-2011

He stated that there is icmp connectivity between the routers. So there is connectivity. HSRP authentication is a possibility, can you pls post the configurations?

Sent from Cisco Technical Support iPhone App

alessandro.ratti · ‎04-06-2011

Ok, at IP level all is running fine.

My question is: does the switch know vlan id of routers subinterface? Maybe the problem could be at l2...

Other problem in addition to authentication: is multicast or udp filtered by some routers acl or by some other equipment?

Rember that hsrp hello packets are sent to the destination IP multicast address 224.0.0.2 on UDP port 1985.

Anyway I think that the problem is the switch (mis)configuration.

I agree with tj.mitchell that configuration of switch and routers may help to better understand where the problem is.

tj.mitchell · ‎04-06-2011

Let's get the configs and see there's something blocking or miss -configed somewhere.

Sent from Cisco Technical Support iPhone App

N W · ‎04-07-2011

Hi Guys

I have gotten it working as a main interface on the router and an access port on the switch.

Unfortunatley I cannot change it again back to sub-interfaces.

It was just a basic config on the subinterface. something like below:

RTR1

int fa0/1.98

enca dot1q 91

ip address 10.160.91.2 255.255.255.0

standby 91 ip 10.160.91.1

RTR2

int fa0/1.98

enca dot1q 91

ip address 10.160.91.3 255.255.255.0

standby 91 ip 10.160.91.1

standby 91 priority 110

Switch1

interface FastEthernet0/20
switchport trunk encapsulation dot1q
speed 100
duplex full
spanning-tree portfast trunk
spanning-tree bpduguard enable

Switch2

interface FastEthernet0/20
switchport trunk encapsulation dot1q
speed 100
duplex full
spanning-tree portfast trunk
spanning-tree bpduguard enable

alessandro.ratti · ‎04-07-2011

Could you paste a


show vlan

from switch1 and switch2?

How the switches are connected to each other?

N W · ‎04-07-2011

The VLan is on both switches, and they are connected via a trunk port which is not locked now.