 
					
				
		
			
    
	
		
		
		07-17-2013
	
		
		08:43 AM
	
	
	
	
	
	
	
	
	
	
	
	
	
	
 - last edited on 
    
	
		
		
		03-25-2019
	
		
		04:25 PM
	
	
	
	
	
	
	
	
	
	
	
	
	
	
 by 
		
	
	
	
			
				
		
		
			ciscomoderator
		
		
		
 
		
		
		
		
		
	
			
		
Hello,
I have the following scenario:
- I have 2 routers ( Cat6509 ) running HSRP on VLAN14, connected to two layer 2 switch ( Cat6509 ).
- I have no access to the hosts on VLAN14
- Obviously in order for HSRP to work, the hosts will need to use the HSRP VIP address 10.1.1.3, however I have a feeling that they are using the 10.1.1.1 and 10.1.1.2.
What is the best way to prove that the hosts are using the wrong gateway IP?
Is there a debug command that I can perform to determine the source and destination IP or MAC address?
07-17-2013 08:57 AM
SPAN the uplink ports. See waht the dest MAC address is. The coorelate that MAC to the ARP table to see if it is sending to .1 .2 or .3
 
					
				
		
07-17-2013 11:14 AM
Correct me if I am wrong but SPAN only shows source and destination ports not source and destination MAC?
07-17-2013 11:46 AM
If it was configured correctly, they should have 10.1.1.3 as the default gateway.
Can you post the HSRP configuration, as the output of the 'show standby 
Also, do the clients get the default gateway information via DHCP or is it setup statically?
07-17-2013 11:50 AM
It's not so much an HSRP config issue, Cisco TAC has already confirmed it is correct. I need to prove to the customer that their hosts ( which I have no access to ) are using the wrong gateway IP. I want prove this buy using outputs from the router or switch.
07-17-2013 12:12 PM
Well, you could span that port, and look at the L2 frame using Wireshark?
07-17-2013 12:22 PM
That option is currently not available, any other suggestions?
07-17-2013 07:38 PM
Look at a few of the clients and do a ipconfig /all and see what gateway is assigned to the nic or what the dhcp server is handing out for the gateway . It is going to send it to whatever gateway is assigned on the client. Have a couple of the clients look, they won't do that for you ?
07-17-2013 07:57 PM
Glen
In this thread Joe has told us twice that he does not have access to the hosts on the vlan.
Joe
I would suggest that you run (for a little while) debug arp. Look in its output (terminal monitor or show logg depending on how logging is configured). If you see requests to resolve 10.1.1.1 or 10.1.1.2 coming from client addresses then you have evidence that the clients are not using the HSRP virtual address. If the arp requests are for 10.1.1.3 then they are using the HSRP address.
HTH
Rick
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide