08-02-2013 11:29 AM - edited 03-07-2019 02:43 PM
Hi all,
I work at an ISP and I want to implement HSRP to give some protection to my clients.
All clients are connected to 2 routers(RT02 and RT03) over a single interface on each router. Clients are separated by subinterface.
To minimize any effect in the router processor due to the quantity of vlans in use, i was testing HSRP with command "standby follow".
I've choosed a vlan of control to exchange messages of HSRP protocol and set the others vlans to follow this master vlan.
The HSRP works fine but when i do a shut on the master vlan that is in the active router, the state of all slave vlan doesn't change.
Output bellow:
Before shut
| RT02 | RT03 | 
|---|---|
| TenGigabitEthernet3/2.2706 - Group 2706 (version 2) State is Standby 22 state changes, last state change 01:48:30 Virtual IP address is 186.219.34.97 Active virtual MAC address is 0000.0c9f.fa92 Local virtual MAC address is 0000.0c9f.fa92 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 2.400 secs Authentication text, string "2706" Preemption enabled Active router is 186.219.34.99, priority 160 (expires in 9.552 sec) MAC address is ccef.48d0.3c00 Standby router is local Priority 150 (configured 150) Group name is "HSRP_MASTER" (cfgd) Followed by groups: Te3/2.2703 Grp 2703 Standby 186.219.20.25 0000.0c9f.fa8f refresh 10 secs Te3/2.2704 Grp 2704 Standby 186.219.32.97 0000.0c9f.fa90 refresh 10 secs | TenGigabitEthernet2/1.2706 - Group 2706 (version 2) State is Active 26 state changes, last state change 01:49:02 Virtual IP address is 186.219.34.97 Active virtual MAC address is 0000.0c9f.fa92 Local virtual MAC address is 0000.0c9f.fa92 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 2.464 secs Authentication text, string "2706" Preemption enabled Active router is local Standby router is 186.219.34.98, priority 150 (expires in 8.576 sec) Priority 160 (configured 160) Group name is "HSRP_MASTER" (cfgd) Followed by groups: Te2/1.2703 Grp 2703 Active 186.219.20.25 0000.0c9f.fa8f refresh 10 secs (expires in 7.200 sec) Te2/1.2704 Grp 2704 Active 186.219.32.97 0000.0c9f.fa90 refresh 10 secs (expires in 8.240 sec) | 
After shut:
| RT02 | RT03 | 
|---|---|
| State is Active 23 state changes, last state change 00:00:11 Virtual IP address is 186.219.34.97 Active virtual MAC address is 0000.0c9f.fa92 Local virtual MAC address is 0000.0c9f.fa92 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 1.392 secs Authentication text, string "2706" Preemption enabled Active router is local Standby router is unknown Priority 150 (configured 150) Group name is "HSRP_MASTER" (cfgd) Followed by groups: Te3/2.2703 Grp 2703 Active 186.219.20.25 0000.0c9f.fa8f refresh 10 secs (expires in 6.528 sec) Te3/2.2704 Grp 2704 Active 186.219.32.97 0000.0c9f.fa90 refresh 10 secs (expires in 7.968 sec) | TenGigabitEthernet2/1.2706 - Group 2706 (version 2) State is Init (interface down) 27 state changes, last state change 00:00:06 Virtual IP address is 186.219.34.97 Active virtual MAC address is unknown Local virtual MAC address is 0000.0c9f.fa92 (v2 default) Hello time 3 sec, hold time 10 sec Authentication text, string "2706" Preemption enabled Active router is unknown Standby router is unknown Priority 160 (configured 160) Group name is "HSRP_MASTER" (cfgd) Followed by groups: Te2/1.2703 Grp 2703 Active - master disabled Te2/1.2704 Grp 2704 Active - master disabled | 
This condition is normal? This means that all slave group are in standby state on RT03?
I mean, is the HSRP working properly?
A mensagem foi editada por: Pietro Di Blasi Config attached
08-02-2013 12:34 PM
Can you post the HSRP config for both routers?
08-02-2013 12:41 PM
Documents attached!
08-02-2013 12:47 PM
Sorry, it is a .zip file and I cannot open them on my workstation for security purposes, mainly because it cannot inspect the zip file without unpackaging it. Are you able to just cut and paste the hsrp config specifics?
08-02-2013 12:49 PM
Sorry...
RT03
interface TenGigabitEthernet2/1.2703
description Teste HSRP
bandwidth 1000
encapsulation dot1Q 2703
ip address 186.219.32.115 255.255.255.248 secondary
ip address 186.219.20.27 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby version 2
standby 2703 ip 186.219.20.25
standby 2703 ip 186.219.32.113 secondary
standby 2703 authentication 2703
standby 2703 follow HSRP_MASTER
service-policy input 1M
service-policy output 1M
!
interface TenGigabitEthernet2/1.2704
description Teste HSRP
bandwidth 1000
encapsulation dot1Q 2704
ip address 186.219.32.99 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby version 2
standby 2704 ip 186.219.32.97
standby 2704 authentication text 2704
standby 2704 follow HSRP_MASTER
service-policy input 1Mb
service-policy output 1Mb
!
interface TenGigabitEthernet2/1.2706
description Teste HSRP
bandwidth 1000
encapsulation dot1Q 2706
ip address 186.219.34.99 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby version 2
standby 2706 ip 186.219.34.97
standby 2706 authentication text 2706
standby 2706 priority 100
standby 2706 preempt
standby delay minimum 30 reload 60
standby 2706 name HSRP_MASTER
service-policy input 1Mb
service-policy output 1Mb
!
RT02
interface TenGigabitEthernet3/2.2703
description Teste HSRP
bandwidth 1000
encapsulation dot1Q 2703
ip address 186.219.32.114 255.255.255.248 secondary
ip address 186.219.20.26 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby version 2
standby 2703 ip 186.219.20.25
standby 2703 ip 186.219.32.113 secondary
standby 2703 authentication 2703
standby 2703 follow HSRP_MASTER
service-policy input 1M
service-policy output 1M
interface TenGigabitEthernet3/2.2704
description Teste HSRP
bandwidth 1000
encapsulation dot1Q 2704
ip address 186.219.32.98 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby version 2
standby 2704 ip 186.219.32.97
standby 2704 authentication text 2704
standby 2704 follow HSRP_MASTER
service-policy input 1Mb
service-policy output 1Mb
!
interface TenGigabitEthernet3/2.2706
description Teste HSRP
bandwidth 1000
encapsulation dot1Q 2706
ip address 186.219.34.98 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
standby version 2
standby 2706 ip 186.219.34.97
standby 2706 authentication text 2706
standby 2706 priority 150
standby 2706 preempt
standby delay minimum 30 reload 60
standby 2706 name HSRP_MASTER
service-policy input 1Mb
service-policy output 1Mb
!
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide