02-06-2013 04:08 AM - edited 03-07-2019 11:32 AM
Two c2911 routers are connected to LAN and have HSRP configured. HSRP is negotiating successfully (active/standby), but LAN switch Enterasys Matrix E1 has problems accessing the virtual HSRP address. The switch can ping HSRP IP, and the virtual HSRP MAC is visible in its MAC table. But the static routes configured on the switch towards the HSRP IP seem to refuse working. Workaround to enable users to access network was to direct the static routes to the physical IP of one router. Is there a known incompatibility between Enterasys with Cisco HSRP?
C2911 configuration:
interface GigabitEthernet0/0
description *** Enterasys Switch ***
no ip address
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
load-interval 30
duplex full
speed 100
ntp disable
no cdp enable
no mop enabled
no mop sysid
!
interface GigabitEthernet0/0.100
description *** VLAN100 ***
encapsulation dot1Q 100
ip vrf forwarding 54
ip address 10.20.2.5 255.255.255.248
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
standby 192 ip 10.20.2.4
standby 192 preempt delay minimum 300
ntp disable
no cdp enable
!
interface GigabitEthernet0/0.120
description *** VLAN120 ***
encapsulation dot1Q 120
ip vrf forwarding 53
ip address 10.20.2.13 255.255.255.248
no ip redirects
no ip proxy-arp
standby 193 ip 10.20.2.12
standby 193 preempt delay minimum 300
ntp disable
no cdp enable
!
interface GigabitEthernet0/0.140
description *** VLAN140 ***
encapsulation dot1Q 140
ip vrf forwarding 59
ip address 10.20.2.21 255.255.255.248
no ip redirects
no ip proxy-arp
standby 194 ip 10.20.2.20
standby 194 preempt delay minimum 300
ntp disable
no cdp enable
!
02-06-2013 04:52 AM
"But the static routes configured on the switch towards the HSRP IP seem to refuse working."
Are you using host routes to get to the vIP or subnets? What makes me ask is that you stated that you can put a static route pointing to the physical address (which tells me host route) and it works. I don't know anything about these switches, but being that the router is connected and using subinterfaces, is the switch a l2 switch? Can you tell us a little more about this switch?
HTH,
John
*** Please rate all useful posts ***
02-06-2013 05:39 AM
The Enterasys Matrix E1 is a Layer 3 switch. The routes which are configured statically are needed to access remote networks in the WAN behind the routers. Example on Enterasys switch:
interface vlan 100
ip address 10.20.2.1 255.255.255.248
!
router vrrp
create vlan 100 100
address vlan 100 100 10.20.2.1
!
192.168.0.0 255.255.255.0 10.20.2.4 1 (not working)
or
192.168.0.0 255.255.255.0 10.20.2.5 1 (working)
My cutomer only provides me with the L3 portion of switch config, and I am not that familiar with Enterasys.
Regards,
Lothar
02-06-2013 05:44 AM
Hello,
Have you tried using VRRP instead which is an open standard redundancy protocol
res
Paul
02-06-2013 06:39 AM
No, I haven't tried VRRP, yet. I need to have a good reason to request a change from HSRP to VRRP on the Cisco routers, a problem document for example.
Providers are used to implement HSRP as redundancy protocol on Cisco CE routers, and customers connect switches of different vendors without any problem.
Here we have an issue, and I need to recommend the customer or the provider how to fix it and why exactly.
Regards,
Lothar
02-06-2013 07:21 AM
Hello
Then it probably wont be the redundancy protocol being used which you are having issues with.
Do these matrix switches need routing enabled?, Can you configure them as host switches? - ie: default-gateway
Have you tried the standby use-bia command - this uses the mac addr of the interfae in use rather than the virutal mac assigned in hrsp.
res
Paul
Please don't forget to rate this post if it has been helpful.
02-06-2013 08:04 AM
Hi Paul,
Thanks for being engaged with my issue.
No, I haven't tried the "use-Bia" command yet. This will only be a solution for one VLAN. But what if the second VLAN is facing the same issue? I am afraid the "use-bia" command on all router subinterfaces will let the switch resolve all 3 hsrp addresses with the same router MAC address. I won't feel fine with that.
The Matrix switches are configured with routing enabled. They route between Vlans 100, 120, 140 connected to the routers, and Vlan 1, the management Vlan not connected to the router and including the default-gateway to customer's local management environment.
Regards,
Lothar
03-13-2013 01:38 AM
Please let me inform about issue fixing. A reboot of the switches enabled them to accept the hsrp virtual ip and mac. I requested the customer to check for OS update recommendation of his Matrix E1.
Thx to John and Paul for being engaged with my issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide