HSRP - how to determine if hosts are using correct gateway IP

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013
08:43 AM
- last edited on
03-25-2019
04:25 PM
by
ciscomoderator
Hello,
I have the following scenario:
- I have 2 routers ( Cat6509 ) running HSRP on VLAN14, connected to two layer 2 switch ( Cat6509 ).
- I have no access to the hosts on VLAN14
- Obviously in order for HSRP to work, the hosts will need to use the HSRP VIP address 10.1.1.3, however I have a feeling that they are using the 10.1.1.1 and 10.1.1.2.
What is the best way to prove that the hosts are using the wrong gateway IP?
Is there a debug command that I can perform to determine the source and destination IP or MAC address?
- Labels:
-
Other Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 08:57 AM
SPAN the uplink ports. See waht the dest MAC address is. The coorelate that MAC to the ARP table to see if it is sending to .1 .2 or .3

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 11:14 AM
Correct me if I am wrong but SPAN only shows source and destination ports not source and destination MAC?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 11:46 AM
If it was configured correctly, they should have 10.1.1.3 as the default gateway.
Can you post the HSRP configuration, as the output of the 'show standby
Also, do the clients get the default gateway information via DHCP or is it setup statically?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 11:50 AM
It's not so much an HSRP config issue, Cisco TAC has already confirmed it is correct. I need to prove to the customer that their hosts ( which I have no access to ) are using the wrong gateway IP. I want prove this buy using outputs from the router or switch.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 12:12 PM
Well, you could span that port, and look at the L2 frame using Wireshark?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 12:22 PM
That option is currently not available, any other suggestions?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 07:38 PM
Look at a few of the clients and do a ipconfig /all and see what gateway is assigned to the nic or what the dhcp server is handing out for the gateway . It is going to send it to whatever gateway is assigned on the client. Have a couple of the clients look, they won't do that for you ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 07:57 PM
Glen
In this thread Joe has told us twice that he does not have access to the hosts on the vlan.
Joe
I would suggest that you run (for a little while) debug arp. Look in its output (terminal monitor or show logg depending on how logging is configured). If you see requests to resolve 10.1.1.1 or 10.1.1.2 coming from client addresses then you have evidence that the clients are not using the HSRP virtual address. If the arp requests are for 10.1.1.3 then they are using the HSRP address.
HTH
Rick
Rick
