cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
20190
Views
5
Helpful
12
Replies

HSRP Duplicate Address 0000.0c07.ac01

Hi CSC,

I have some question about HSRP in 3750 switch. I have two Cisco 3750 switch which configured HSRP. Let say, we have interface vlan 100 that join in HSRP group member 1. The configuration on both switch is like as follows :

SWI-3750-A (Active)

==========

interface Vlan100

description *** gateway User NPL ***

ip address 10.8.51.253 255.255.255.0

ip access-group BLOK-AV in

standby 1 ip 10.8.51.254

standby 1 timers 5 20

standby 1 priority 105

standby 1 preempt

bridge-group 1

SWI-3750-B (Passive/Standby)

==========

interface Vlan100

description *** gateway User NPL ***

ip address 10.8.51.252 255.255.255.0

ip access-group BLOK445 in

standby 1 ip 10.8.51.254

standby 1 timers 5 20

standby 1 priority 95

standby 1 preempt

SWI-3750-A#show standby vlan 100

Vlan100 - Group 1

  State is Active

    1 state change, last state change 29w4d

  Virtual IP address is 10.8.51.254

  Active virtual MAC address is 0000.0c07.ac01

    Local virtual MAC address is 0000.0c07.ac01 (v1 default)

  Hello time 5 sec, hold time 20 sec

    Next hello sent in 4.287 secs

  Preemption enabled

  Active router is local

  Standby router is 10.8.51.252, priority 95 (expires in 18.095 sec)

  Priority 105 (configured 105)

  IP redundancy name is "hsrp-Vl100-1" (default)

The problem is, in Active switch log there is notifications about duplicate IP address sourced by Virtual MAC Address. The duplicate IP address is IP that belongs to Active switch interface vlan 100 (10.8.51.253).

Log Error :

Oct 17 15:56:08.379 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 16:13:00.759 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 16:15:46.026 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 16:47:04.974 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 17:00:41.678 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Can anybody give the clue why it can be happened? Is this about looping / spanning-tree issue ?

Regards,

Rp

12 Replies 12

Raju Sekharan
Cisco Employee
Cisco Employee

yes. a loop can cause this

To confirm that you are receiving your own HSRP packets back, you can configure the command

"standby use-bia" under the interface

Thnaks

Raju

Hi Raju,

OK, i'll try it. But when I read this

http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_s2g.html#wp1084414

the standby used-bia only applied into token ring interface. I couldn't aplly it in my interface vlan.

Regards,

Rakhmad

p.mcgowan
Participant
Participant

looks like you have a duplicate IP address on the network

shutdown interface vlan100 on switch A, this will make switch B the active switch, from switch B ping 10.8.51.253, if there is a duplicate IP you will get a response, this will then show in the arp table (show arp) you can then track the suspect down via the mac address

      

please rate helpful posts

Hi mcgowan,

Yes, there is duplicate MAC. But, its duplicate between interface vlan address and virtual MAC address on HSRP.

when I type command :

show mac address | i 0000.0c07.ac01

It shows me :

100    0000.0c07.ac01    STATIC      CPU

I think this MAC generate by system on HSRP. Currently I shutdown interface vlan 100 on switch A, like as your suggestion. But the impact is my client will get trouble when switch B is down, because HSRP is not running well.

Regards,

Rakhmad

Hi,  are there any HSRP devices also connected to that layer 2 vlan(another pair)?

Also try changing your config on both devices, instead of using 1 as your group, use 500 to match the vlan.

standby 500 ip 10.8.51.254

standby 500 timers 5 20

standby 500 priority 105

standby 500 preempt

Hi Lee,

I use HSRP v.1, i think the group only limited until 255. It's ok, I can change to another group member.

The one odd thing is, I have another interface vlan in the same switch. Such as : vlan 200, vlan 300, etc. but they are in stable condition of HSRP. My problem is only occured on inter vlan 100 which HSRP group member is 1.

milan.kulik
Advocate
Advocate

Hi,

can you check on the SWI-3750-B it's really in Standby?

It might believe to be the Active one, too, and send the HSRP messages using the virtual MAC address.

HTH,

Milan

Hi all,

I think root cause of this problem is about the looping. I found some devices (like Hub) which attached in my switch, and then i apply spanning-tree bpdu-guard enable in that port the log error has stopped.

thanks alot to all of you.

Regards,

Rp

Hi there, when yo enable the bpdu guard you are not having any issues on the flapping duplicate?

wfranc123
Beginner
Beginner

I have faced the similar scenario, in my case i had different hsrp group number 2 for vlan 100 on switch B and Switch B have another HSRP group 2 for vlan 101. So i changed the HSRP group number to 1 for vlan 100 on switch B and that resolved the deplicate IP address issue.

Cas_CCIE#60232
Beginner
Beginner

hi

 

check version of hsrp

 

 Local virtual MAC address is 0000.0c07.ac01 (v1 default)  <------------

 

Looks like U have version 1. Configure version 2 on both switches:

 

 standby version 2

TheNetRunner
Beginner
Beginner

I found that I had a standby version mismatch between my L3 switches, moving them both to version 2 fixed the issue.

! This shows you the standby config
s2-sw1#sh standby
Vlan100 - Group 100 (version 2) <--- version number is here.
  State is Speak
    13 state changes, last state change 00:32:19
....
! This allows you to change the version.
(config-if)#standby version 2

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers