cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
23635
Views
0
Helpful
21
Replies

HSRP Active local, Standby unknown

tsipoulanis
Level 1
Level 1

Hallo everyone,

 

i have a small issue and i would like to give me your lights.

i just received the new leyer 3 Daughter for our 5548UP, i installed them and want to configure the hsrp for HA.

in our topology we have vPC,

why is not possible to implement the HSRP, and maybe the answer is on

 Rx - Good: 0

can someone help me?

i can ping one device to each other. and locally i can ping the hsrp IP 10.5.0.5

 

please check the vlan configs

interface Vlan100
  no shutdown
  management
  no ip redirects
  ip address 10.5.0.6/24
  no ip arp gratuitous hsrp duplicate   (is something i found in internet, but finally didnt help me)
  hsrp version 2
  hsrp 10
    preempt delay minimum 240
    priority 130                                                  (the primary has 150) 
    timers 1 3
    ip 10.5.0.5


NSWDCDE07# show hsrp
Vlan100 - Group 10 (HSRP-V2) (IPv4)
  Local state is Active, priority 150 (Cfged 150), may preempt
    Forwarding threshold(for vPC), lower: 1 upper: 150
  Preemption Delay (Seconds) Minimum:240
  Hellotime 1 sec, holdtime 3 sec
  Next hello sent in 0.739000 sec(s)
  Virtual IP address is 10.5.0.5 (Cfged)
  Active router is local
  Standby router is unknown
  Authentication text "cisco"
  Virtual mac address is 0000.0c9f.f00a (Default MAC)
  2 state changes, last state change 00:03:53
  IP redundancy name is hsrp-Vlan100-10 (default)

NSWDCDE07# show hsrp summary

HSRP Summary:

Extended-hold (NSF) disabled
Global HSRP-BFD disabled

Total Groups: 1
     Version::    V1-IPV4: 0       V2-IPV4: 1      V2-IPV6: 0
       State::     Active: 1       Standby: 0       Listen: 0
       State::  V6-Active: 0    V6-Standby: 0    V6-Listen: 0

Total HSRP Enabled interfaces: 1

Total Packets:
             Tx - Pass: 903     Fail: 0
             Rx - Good: 0

Packet for unknown groups: 0

Total MTS: Rx: 101

1 Accepted Solution

Accepted Solutions

I see this in your config which seems odd

interface Vlan100
  no shutdown
  management >>>>

why is the svi designated with the inband management config.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/command/reference/layer2/7x/n5500-l2-cr/n5500-l2_cmds_m.html#pgfId-2369135

Can you remove it and test?

-Raj

 

 

View solution in original post

21 Replies 21

Mark Malone
VIP Alumni
VIP Alumni

is the physical topology just 2 5ks directly connected using HSRP or is there any other devices involved , HSRP cant see the other switch its unknown which is usually layer 1 or 2 issue

Is the HSRP feature enabled on both 5ks

Is the vlan 100 up/up on both sides and stp in forwarding state on both sides

Nothing blocking the multicast hellos 224.0.0.2 acls/firewalls

the 2 Nexus are in the lab without any other device.

both of the 5K have the vlan100 UP, and are reachable.

feature is enable. i found in internet that i have to reinstall the licenses and reconfigure the hsrp protocol after the installation of the L3 daughter card, and i did it correct.

nothing is blocking the hello packets.

System Version is System version: 7.0(6)N1(1)

 

is really strange...
thank you for the quick respond

ok so license shows as installed on each 5k , stp is ok, hello packets not being blocked

direct connection between switches so no other device causing the problem , that's most the general things

can you post the show hsrp off the other 5k as well

yes please,

NSWDCDE07# show hsrp
Vlan100 - Group 10 (HSRP-V2) (IPv4)
  Local state is Active, priority 150 (Cfged 150), may preempt
    Forwarding threshold(for vPC), lower: 1 upper: 150
  Preemption Delay (Seconds) Minimum:240
  Hellotime 1 sec, holdtime 3 sec
  Next hello sent in 0.625000 sec(s)
  Virtual IP address is 10.5.0.5 (Cfged)
  Active router is local
  Standby router is unknown
  Authentication text "cisco"
  Virtual mac address is 0000.0c9f.f00a (Default MAC)
  5 state changes, last state change 00:30:52
  IP redundancy name is hsrp-Vlan100-10 (default)

 

NSWDCDE06# show hsrp
Vlan100 - Group 10 (HSRP-V2) (IPv4)
  Local state is Active, priority 130 (Cfged 130), may preempt
    Forwarding threshold(for vPC), lower: 1 upper: 130
  Preemption Delay (Seconds) Minimum:240
  Hellotime 1 sec, holdtime 3 sec
  Next hello sent in 0.390000 sec(s)
  Virtual IP address is 10.5.0.5 (Cfged)
  Active router is local
  Standby router is unknown
  Authentication text "cisco"
  Virtual mac address is 0000.0c9f.f00a (Default MAC)
  2 state changes, last state change 00:31:07
  IP redundancy name is hsrp-Vlan100-10 (default)

out of interest and to try rule this out as a software bug if you convert the config to vrrp or set another vlan as vrrp do you get the same issue ?

I cant see anything worng with your config so far but somethings blocking hello packets and if there not going through hsrp will not form correctly

Has anything to do with the titimes of spanning tree?

I use mst and are the default.

I try vrrp also, but the same issue, both are the master .

 

I go now home and will try a new vlan.

I see this in your config which seems odd

interface Vlan100
  no shutdown
  management >>>>

why is the svi designated with the inband management config.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/command/reference/layer2/7x/n5500-l2-cr/n5500-l2_cmds_m.html#pgfId-2369135

Can you remove it and test?

-Raj

 

 

;) thank you, 

All,

I am running into the same issue with a pair of 6k's. I tore down the vpc configuration and made it a direct trunk and the same issue is happening with HSRP or VRRP.

Both 6k's see themselves as the master/active and do not receive vrrp/hsrp packets. Both show tx but 0 rx.

I switched out the optics and ports with no change in behavior. Debugs on HSRP show hello timer expired. 

License was removed and reinstalled. 

do you have the L3 Card? do you need it for the 6k's?

All,

Turns out if you do not have the base license installed HSRP will be able to be configured but not work.

The customer had the enterprise license installed but removed base which caused the issue. 

can that help us? 

​2015 Oct  5 18:26:47 NSWDCDE06 %ARP-3-DUP_VADDR_SRC_IP:  arp [3420]  Source address of packet received from 0000.0c07.ac0b on Vlan101(port-channel1) is duplicate of local virtual ip, 10.5.1.5
2015 Oct  5 18:26:57 NSWDCDE06 %ARP-3-DUP_VADDR_SRC_IP:  arp [3420]  Source address of packet received from 0000.0c9f.f00a on Vlan100(port-channel1) is duplicate of local virtual ip, 10.5.0.5

Can you please post the output of these two commands

 

show module

show license usage

I m on the way, I will send you in 20.

Thank you ahmede

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco