HSRP issue with Enterasys Matrix E1

lstegemann · ‎02-06-2013

Two c2911 routers are connected to LAN and have HSRP configured. HSRP is negotiating successfully (active/standby), but LAN switch Enterasys Matrix E1 has problems accessing the virtual HSRP address. The switch can ping HSRP IP, and the virtual HSRP MAC is visible in its MAC table. But the static routes configured on the switch towards the HSRP IP seem to refuse working. Workaround to enable users to access network was to direct the static routes to the physical IP of one router. Is there a known incompatibility between Enterasys with Cisco HSRP?

C2911 configuration:

interface GigabitEthernet0/0

description *** Enterasys Switch ***

no ip address

no ip redirects

no ip proxy-arp

ip nat inside

ip virtual-reassembly in

load-interval 30

duplex full

speed 100

ntp disable

no cdp enable

no mop enabled

no mop sysid

!

interface GigabitEthernet0/0.100

description *** VLAN100 ***

encapsulation dot1Q 100

ip vrf forwarding 54

ip address 10.20.2.5 255.255.255.248

no ip redirects

no ip proxy-arp

ip nat inside

ip virtual-reassembly in

standby 192 ip 10.20.2.4

standby 192 preempt delay minimum 300

ntp disable

no cdp enable

!

interface GigabitEthernet0/0.120

description *** VLAN120 ***

encapsulation dot1Q 120

ip vrf forwarding 53

ip address 10.20.2.13 255.255.255.248

no ip redirects

no ip proxy-arp

standby 193 ip 10.20.2.12

standby 193 preempt delay minimum 300

ntp disable

no cdp enable

!

interface GigabitEthernet0/0.140

description *** VLAN140 ***

encapsulation dot1Q 140

ip vrf forwarding 59

ip address 10.20.2.21 255.255.255.248

no ip redirects

no ip proxy-arp

standby 194 ip 10.20.2.20

standby 194 preempt delay minimum 300

ntp disable

no cdp enable

!

John Blakley · ‎02-06-2013

"But the static routes configured on the switch towards the HSRP IP seem to refuse working."

Are you using host routes to get to the vIP or subnets? What makes me ask is that you stated that you can put a static route pointing to the physical address (which tells me host route) and it works. I don't know anything about these switches, but being that the router is connected and using subinterfaces, is the switch a l2 switch? Can you tell us a little more about this switch?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

lstegemann · ‎02-06-2013

The Enterasys Matrix E1 is a Layer 3 switch. The routes which are configured statically are needed to access remote networks in the WAN behind the routers. Example on Enterasys switch:

interface vlan 100

ip address 10.20.2.1 255.255.255.248

!

router vrrp

create vlan 100 100

address vlan 100 100 10.20.2.1

!

192.168.0.0 255.255.255.0 10.20.2.4 1 (not working)

or

192.168.0.0 255.255.255.0 10.20.2.5 1 (working)

My cutomer only provides me with the L3 portion of switch config, and I am not that familiar with Enterasys.

Regards,

Lothar

paul driver · ‎02-06-2013

Hello,

Have you tried using VRRP instead which is an open standard redundancy protocol

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

lstegemann · ‎02-06-2013

No, I haven't tried VRRP, yet. I need to have a good reason to request a change from HSRP to VRRP on the Cisco routers, a problem document for example.

Providers are used to implement HSRP as redundancy protocol on Cisco CE routers, and customers connect switches of different vendors without any problem.

Here we have an issue, and I need to recommend the customer or the provider how to fix it and why exactly.

Regards,

Lothar

paul driver · ‎02-06-2013

Hello

Then it probably wont be the redundancy protocol being used which you are having issues with.

Do these matrix switches need routing enabled?, Can you configure them as host switches? - ie: default-gateway

Have you tried the standby use-bia command - this uses the mac addr of the interfae in use rather than the virutal mac assigned in hrsp.

res

Paul

Please don't forget to rate this post if it has been helpful.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

lstegemann · ‎02-06-2013

Hi Paul,

Thanks for being engaged with my issue.

No, I haven't tried the "use-Bia" command yet. This will only be a solution for one VLAN. But what if the second VLAN is facing the same issue? I am afraid the "use-bia" command on all router subinterfaces will let the switch resolve all 3 hsrp addresses with the same router MAC address. I won't feel fine with that.

The Matrix switches are configured with routing enabled. They route between Vlans 100, 120, 140 connected to the routers, and Vlan 1, the management Vlan not connected to the router and including the default-gateway to customer's local management environment.

Regards,

Lothar

lstegemann · ‎03-13-2013

Please let me inform about issue fixing. A reboot of the switches enabled them to accept the hsrp virtual ip and mac. I requested the customer to check for OS update recommendation of his Matrix E1.

Thx to John and Paul for being engaged with my issue.