Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
868
Views
0
Helpful
2
Replies

HSRP between remote sites

psmith621
Level 1
Level 1

‎09-16-2015 06:24 AM - edited ‎03-08-2019 01:48 AM

Hi All

I wonder if you can help me with an HSRP issue.   We are trunking VLANs between two data centers (round trip time between data centres is only 6 milliseconds).  There are around 30 VLANs being trunked.  The HSRP group is made up of four switches: two in data center A and two in data center B.

This issue is that for  eleven of the VLANs the switches in data center B cannot see HSRP Hello Packets from the switches in data center A.

However the switches in data center A can see the Hello packets on all 30 VLANs from the switches in data center B (I have noticed this when I do a "debug HSRP" ).  

I cannot understand why the Hello Packets from certain VLANs are being blocked.  There is no routing involved obviously (and therefore no firewalls) since all the switches are on the same VLANs.  There are no ACL or VACLs on the switches.   I am assuming that the WAN provider who provides the circuit between the data centers must have configured some sort of filtering based on mac address (although the filtering applies only in one direction). The WAN provider is not very helpful and insist that they are not doing any layer 2 filtering.

We are running HSRP version 1 so I am assuming that the source mac address of the Hello Packets will be the mac address of the sending switch on that VLAN.  (The mac address of the switches is the same on all VLANs apart from the last 2 hex numbers). 

I cannot change the BIA of the switches since they don't support this.

I was wondering whether it would be a good idea to create a GRE tunnel between the data centers and then to route any traffic with destination 224.0.0.2 across the tunnel or alternatively whether I should implement HSRP version 2 (although I guess this would have to be done in a change window).  Would be grateful if anyone has any suggestions.  Thanks

 

 

 

 

 

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎09-16-2015 08:32 AM

It is very strange that HSRP seems to be unidirectional in some vlans but not in others. Is there anything else that reflects this sort of unidirectional behavior? (does show cdp neighbor show all neighbors correctly on all vlans? does show mac address-table show same content on both sides for the vlans that are impacted for HSRP?)

 

I am not optimistic that changing from HSRP version 1 to version 2 is going to fix this. But since we do not know what is causing the issue it might make sense to try version 2 just to see if the behavior changes.

 

HTH

 

Rick

HTH

Rick
0 Helpful

psmith621
Level 1
Level 1
In response to Richard Burts

‎09-18-2015 02:29 AM

Thanks Rick I will try you suggestions.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card