Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
991
Views
0
Helpful
6
Replies

HSRP Problem @ 4506

sdasgupta
Level 1
Level 1

‎12-26-2010 06:38 AM - edited ‎03-06-2019 02:42 PM

Hi All,

I have a similar discussion few days back....but starting it again due to some confusion

LAN Setup:- I have 2 Nos. of Core switch Cisco 4506, Core_1 ( VTP Mode Server ) and all other switch including Core_2 in VTP mode client. I have made some of the Interface VLAN priority high in Core_1 same vlan priority in Core_2 low, on the other hand some of the vlan priority hing in Core_2 same vlan priority low in Core_2. I tried to keep both the Core switch in Active - Active mode so that VLAN traffic can equally distributed among the Core Switches.

NB:- All the Core & Access switch native / default VLAN ( Vlan 1 is Down ) and STP confgured as ( spanning-tree mode pvst ), here is the required configuration for Core_1 & Core_2 for this discussion / issue.

Core_1:-

interface Vlan32
ip address 172.16.32.2 255.255.255.0
ip helper-address 172.16.100.53
standby version 2
standby 32 ip 172.16.32.1
standby 32 priority 110
standby 32 preempt
!
interface Vlan33
description "ADMIN_2ND"
ip address 172.16.33.2 255.255.255.0
ip helper-address 172.16.100.53
standby version 2
standby 33 ip 172.16.33.1
standby 33 priority 90
standby 33 preempt

interface Vlan34
description "IT"
ip address 172.16.34.2 255.255.255.0
ip helper-address 172.16.100.53
standby version 2
standby 34 ip 172.16.34.1
standby 34 priority 110
standby 34 preempt

interface Vlan39
description "LAB"
ip address 172.16.39.2 255.255.255.0
standby version 2
standby 39 ip 172.16.39.1
standby 39 priority 90
standby 39 preempt

Core_2:-

interface Vlan32
ip address 172.16.32.3 255.255.255.0
ip helper-address 172.16.100.53
standby version 2
standby 32 ip 172.16.32.1
standby 32 priority 90
standby 32 preempt
!
interface Vlan33
description "ADMIN_2ND"
ip address 172.16.33.3 255.255.255.0
ip helper-address 172.16.100.53
standby version 2
standby 33 ip 172.16.33.1
standby 33 priority 110
standby 33 preempt

interface Vlan34
description "IT"
ip address 172.16.34.3 255.255.255.0
ip helper-address 172.16.100.53
standby version 2
standby 34 ip 172.16.34.1
standby 34 priority 90
standby 34 preempt

interface Vlan39
description "LAB"
ip address 172.16.39.3 255.255.255.0
standby version 2
standby 39 ip 172.16.39.1
standby 39 priority 110
standby 39 preempt

IF I SHUT DOWN EITHER OF THE SWITCH, ALL VLAN USER CAN REACH EACH OTHER...NO PROBLEM AS SUCH.

PROBLEM DESCRIPTION:-

The problem starts If I make admin shut down for any VLAN let say VLAn 32 in Core_1, all the user of VLAN 32 can't ping any VLAN User / Server which are higher priority in Core_1 ( Like VLAN 34 ), but can ping all VLAN which are only high priority in Core_2 ( Like VLAN 33 & 39 )

PLEASE ADVICE ME WHAT COULD BE ISSUE AND ANY SUGGESTED RESOLUTION:-

attached here also the " sh standby " output before and after Admin shut for VLAN 32 in Core_1 for all ur ready ref..

Labels:
77685-sh standby output.zip
0 Helpful
6 Replies 6

Dan-Ciprian Cicioiu
Level 7
Level 7

‎12-26-2010 06:54 AM

Hello ,

Can you draw/describe all your topology.

Dan

0 Helpful

sdasgupta
Level 1
Level 1
In response to Dan-Ciprian Cicioiu

‎12-26-2010 07:10 AM

Hi Dan,

Please find attached Network Arch & Backbone design.

There is no dynamic routing....default interVLAN routing in Core Switch among the VLAN.

Regards

Sujit

77686-LAN_DESIGN.zip
0 Helpful

Dan-Ciprian Cicioiu
Level 7
Level 7
In response to sdasgupta

‎12-26-2010 07:14 AM

If i understood well the setup is :

the campus LAN is phisically connected just to Core 1

the server farm is phisically connected just to Core 2

the interfaces for the both , server farm and campus lan are on both equipments using HSRP and priority

right ?

Dan

0 Helpful

sdasgupta
Level 1
Level 1
In response to Dan-Ciprian Cicioiu

‎12-26-2010 07:28 AM

Hi Dan,

Please refer the slide 2 & 3 for understanding the exact physical connection, slide 1 is the overview only.

Actually Core-1 & Core_2 both are connected to LAN as well as with Server Farm. There are 2 Server Farm Switches ( 3560 ) are connected with Core_1 & Core_2 at a time. STP is working for any loop avoidance

Thanks

Sujit

0 Helpful

sdasgupta
Level 1
Level 1
In response to Dan-Ciprian Cicioiu

‎12-26-2010 07:28 AM

Hi Dan,

Please refer the slide 2 & 3 for understanding the exact physical

connection, slide 1 is the overview only.

Actually Core-1 & Core_2 both are connected to LAN as well as with Server

Farm. There are 2 Server Farm Switches ( 3560 ) are connected with Core_1

& Core_2 at a time. STP is working for any loop avoidance

Thanks

Sujit

0 Helpful

Dan-Ciprian Cicioiu
Level 7
Level 7
In response to sdasgupta

‎12-26-2010 07:37 AM

Okay ,

The problem is for sure the routing:

In the situation that you discribed : Interface vlan 32 on core 1 is shutdown > default gateway for the vlan 32 hosts will be Core2 .

You will ping from vlan 32 host a vlan 34 host => the packet will go to Core 2 ( the gateway for vlan32 ) and straight to the host in vlan 34 ( the core 2 has the SVI and the prefix of vlan 34 is direcly connected )

The packet arrives at host in vlan 34 , which replies to the host giving the packet to Core 1 (the default gateway of the vlan 34).

The core1 search the routing table ... and .. nothing , or probably it finds a default route to the Firewall.

To solve this either you run a routing protocol between the core switches , or set some static routes ( for example you will create a interconection vlan between the to switches and set a summary static route 172.16.0.0 255.255.0.0 to the other switch via the new interconect )

Dan

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card