HSRP Duplicate Address 0000.0c07.ac01

Rakhmadian Purnama · ‎10-23-2012

Hi CSC,

I have some question about HSRP in 3750 switch. I have two Cisco 3750 switch which configured HSRP. Let say, we have interface vlan 100 that join in HSRP group member 1. The configuration on both switch is like as follows :

SWI-3750-A (Active)

==========

interface Vlan100

description *** gateway User NPL ***

ip address 10.8.51.253 255.255.255.0

ip access-group BLOK-AV in

standby 1 ip 10.8.51.254

standby 1 timers 5 20

standby 1 priority 105

standby 1 preempt

bridge-group 1

SWI-3750-B (Passive/Standby)

==========

interface Vlan100

description *** gateway User NPL ***

ip address 10.8.51.252 255.255.255.0

ip access-group BLOK445 in

standby 1 ip 10.8.51.254

standby 1 timers 5 20

standby 1 priority 95

standby 1 preempt

SWI-3750-A#show standby vlan 100

Vlan100 - Group 1

State is Active

1 state change, last state change 29w4d

Virtual IP address is 10.8.51.254

Active virtual MAC address is 0000.0c07.ac01

Local virtual MAC address is 0000.0c07.ac01 (v1 default)

Hello time 5 sec, hold time 20 sec

Next hello sent in 4.287 secs

Preemption enabled

Active router is local

Standby router is 10.8.51.252, priority 95 (expires in 18.095 sec)

Priority 105 (configured 105)

IP redundancy name is "hsrp-Vl100-1" (default)

The problem is, in Active switch log there is notifications about duplicate IP address sourced by Virtual MAC Address. The duplicate IP address is IP that belongs to Active switch interface vlan 100 (10.8.51.253).

Log Error :

Oct 17 15:56:08.379 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 16:13:00.759 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 16:15:46.026 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 16:47:04.974 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Oct 17 17:00:41.678 IND: %HSRP-4-DUPADDR: Duplicate address 10.8.51.253 on Vlan100, sourced by 0000.0c07.ac01

Can anybody give the clue why it can be happened? Is this about looping / spanning-tree issue ?

Regards,

Rp

Raju Sekharan · ‎10-24-2012

yes. a loop can cause this

To confirm that you are receiving your own HSRP packets back, you can configure the command

"standby use-bia" under the interface

Thnaks

Raju

Rakhmadian Purnama · ‎10-24-2012

Hi Raju,

OK, i'll try it. But when I read this

http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_s2g.html#wp1084414

the standby used-bia only applied into token ring interface. I couldn't aplly it in my interface vlan.

Regards,

Rakhmad

p.mcgowan · ‎10-24-2012

looks like you have a duplicate IP address on the network

shutdown interface vlan100 on switch A, this will make switch B the active switch, from switch B ping 10.8.51.253, if there is a duplicate IP you will get a response, this will then show in the arp table (show arp) you can then track the suspect down via the mac address

please rate helpful posts

Rakhmadian Purnama · ‎10-24-2012

Hi mcgowan,

Yes, there is duplicate MAC. But, its duplicate between interface vlan address and virtual MAC address on HSRP.

when I type command :

show mac address | i 0000.0c07.ac01

It shows me :

100 0000.0c07.ac01 STATIC CPU

I think this MAC generate by system on HSRP. Currently I shutdown interface vlan 100 on switch A, like as your suggestion. But the impact is my client will get trouble when switch B is down, because HSRP is not running well.

Regards,

Rakhmad

Lee Smitherman · ‎10-25-2012

Hi, are there any HSRP devices also connected to that layer 2 vlan(another pair)?

Also try changing your config on both devices, instead of using 1 as your group, use 500 to match the vlan.

standby 500 ip 10.8.51.254

standby 500 timers 5 20

standby 500 priority 105

standby 500 preempt

Rakhmadian Purnama · ‎10-25-2012

Hi Lee,

I use HSRP v.1, i think the group only limited until 255. It's ok, I can change to another group member.

The one odd thing is, I have another interface vlan in the same switch. Such as : vlan 200, vlan 300, etc. but they are in stable condition of HSRP. My problem is only occured on inter vlan 100 which HSRP group member is 1.

milan.kulik · ‎10-25-2012

Hi,

can you check on the SWI-3750-B it's really in Standby?

It might believe to be the Active one, too, and send the HSRP messages using the virtual MAC address.

HTH,

Milan

Rakhmadian Purnama · ‎11-12-2012

Hi all,

I think root cause of this problem is about the looping. I found some devices (like Hub) which attached in my switch, and then i apply spanning-tree bpdu-guard enable in that port the log error has stopped.

thanks alot to all of you.

Regards,

Rp

belrey_echano · ‎12-12-2014

Hi there, when yo enable the bpdu guard you are not having any issues on the flapping duplicate?

wfranc123 · ‎12-13-2013

I have faced the similar scenario, in my case i had different hsrp group number 2 for vlan 100 on switch B and Switch B have another HSRP group 2 for vlan 101. So i changed the HSRP group number to 1 for vlan 100 on switch B and that resolved the deplicate IP address issue.

Cas_CCIE#60232 · ‎03-14-2018

hi

check version of hsrp

Local virtual MAC address is 0000.0c07.ac01 (v1 default) <------------

Looks like U have version 1. Configure version 2 on both switches:

standby version 2

TheNetRunner · ‎07-20-2021

I found that I had a standby version mismatch between my L3 switches, moving them both to version 2 fixed the issue.

! This shows you the standby config
s2-sw1#sh standby
Vlan100 - Group 100 (version 2) <--- version number is here.
  State is Speak
    13 state changes, last state change 00:32:19
....
! This allows you to change the version.
(config-if)#standby version 2