cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
21523
Views
3
Helpful
4
Replies

HSRP on Secondary IP address - Cisco 2900

thiago.dacruz
Level 1
Level 1

Hello guys,

I have a few old 2600 routers (2621, different IOS's) which I'm now replacing for new one's from the 2900 series (2901, Version 15.1(4)M4).

In my configuration I have two IP addresses in my LAN interface and I have HSRP configured within the secondary IP subnet range. It would be something like this:

interface GigabitEthernet0/1

ip address 172.x.x.x x.x.x.x secondary

ip address 10.z.z.z z.z.z.z

...

standby 10 ip 172.x.x.x

These routers are connected to a common use switch, so I have to keep an acl for control. In my old acl, regardless of the secondary IP address and HSRP IP, the HSRP hello packets were always sent with source in the primary IP address, so I had to allow the primary IP address in my acl like this:

permit udp 10.z.z.z z.z.z.z host 224.0.0.2 eq 1985

Now, in the new 2900 routers, my interface configuration hasn't changed however I can see that the hello packets are now sent with the source within the respective HSRP IP subnet so I had to edit my acl for that:

permit udp 172.x.x.x x.x.x.x host 224.0.0.2 eq 1985

Is this the expected behaviour? Is there a way I can force the HSRP to work as it previously did in the old IOS's?


Thanks a lot