HSRP Flapping issues

RGENTIL87 · ‎07-31-2012

Hey guys, how you doing ?

I am experiecing issues with HSRP.

I have two 7200 core routers connected via one portchannel layer 2 and i set up the HSRP.

The switch 01 is the master and 02 is the bkp.

the problem is, the bkp router can´t see the master and there are a lot of loggs with active-speak and can´t see the master.

the configuration are ok, i just check and recheck but there are no mistakes.

below the configurations and loggs..

Switch_02

interface Vlan500

description VRF-A

ip vrf forwarding VRF-A

ip address x.x.x.xx.x.x.x.x

no ip redirects

no ip unreachables

no ip proxy-arp

standby 10 ip x.x.x.x

standby 10 preempt

standby 10 authentication vlan500

end

Switch _01

Current configuration : 286 bytes

!

interface Vlan500

description VRF-A

ip vrf forwarding VRF-A

ip address x.x.x.xx.x.x.x.x

no ip redirects

no ip unreachables

no ip proxy-arp

standby 10 ip x.x.xx.x

standby 10 priority 110

standby 10 preempt

standby 10 authentication vlan500

end

the loggs below from switch 02:

.Jul 30 16:27:24: %STANDBY-6-STATECHANGE: Vlan500 Group 10 state Standby -> Active

.Jul 30 16:27:29: %STANDBY-6-STATECHANGE: Vlan500 Group 10 state Active -> Speak

.Jul 30 16:27:45: %STANDBY-6-STATECHANGE: Vlan500 Group 10 state Standby -> Active

.Jul 30 16:27:49: %STANDBY-6-STATECHANGE: Vlan500 Group 10 state Active -> Speak

the status is:

switch02:

Vl500 10 100 P Standby unknow local x.x.x.x

the configurations are ok, but the router can´t see each other, just in the vlan 500 the other vlans are ok...

do you know what happens ?

Rick Morris · ‎08-01-2012

I am not 100% familiar with the HSRP config but isn't there suppose to be a track statement so the HSRP knows what iterface is up or down. You have preempt on both so both are trying to become the active.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080094e90.shtml

RGENTIL87 · ‎08-01-2012

Rick,

thanks for the answer, but in the link the example there are preempt on both sides.

The preempt feature is used when the active reload and got back to the active state.

how the priority is differnte i think that is not affecting the network, because the other vlans are the same configurations without errors.

ogamanya · ‎08-01-2012

Almost looks like you have comms problems on vlan 500. did you attempt a debug on the hello packets on both routers?

eduardaskravcovas · ‎06-06-2017

Had a similar issue with HSRP, where STP blocked one of the VLANs. Only one port is going to the switch from the router and to make HSRP work, applied no spanning tree VLAN 10 command.

Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet0 128.1 128 19 BLK 0 32768 6c20.5650.e57f 128.1

Rick Morris · ‎08-01-2012

The example is just a guide not something exact you should set up. The preempt typically is only on one side not both. The preempt, as you stated is so the active, when back in service comes back to the correct one. What I don't see in your config is what you are tracking so how does HSRP know the state of any interface. You need to define a track so HSRP knows who is active and not and what to key off of based on a change in status.

jimmysands73_2 · ‎08-01-2012

AFAIK.....

This is not HSRP related, you can have have prempts on both devices and on a stable network, this should not impact it, because the link is not going up/down so its not causing another election.

I see as Ona stated, a vlan comm issue. Thats where I would start looking.

When you say

"The routers can not see each other"....what do you mean?

tweller · ‎08-01-2012

It might be the missing priority on the second device. Although I know it should by default give the one device the priority of 100, you might want to enter it anyway. also did you try taknig the authenitcation line out of both sides? Another thought is a while back we had a similar problem with the cable between the devices needing to reseated. Although in that instance all our vlans were flapping and switch 2 could not see switch 1.

Kyle McKay · ‎08-01-2012

This issue does not appear to be HSRP-related.

As previously mentioned, I would look into issues on VLAN 500 to determine the root cause. I have seen this before on VLANs undergoing a broadcast storm or extreme levels of traffic, this would explain why you are only seeing this behavior on one VLAN (because VLAN 500 is swamped and HSRP packets are not making it through).