Nexus 55K HSRP listeners unable to ping standby ip after vrf membership change

Antony Pasteris · ‎12-21-2016

Hi, we have four Nexus switches 55K running nx-os 6.0(2)N2(5). The network is composed of two clusters of Nexus switches as shown below :

cluster 1 cluster 2

NX1_1 ---- VPC ---- NX2_1

| |

peer-link peer-link

| |

NX1_2 ---- VPC ---- NX2_2

HSRP configurations :

NX1_1 is the active member

NX2_1 is the standby

NX1_2 and NX2_2 are Listeners

We recently changed the vrf membership of one SVI (int vlan X) from vrf A to vrf B and since then the HSRP listeners are unable to ping the virtual IP.

Ping from the standby to the virtual IP works. Ping between members physical IPs work without problems. The only problem we are facing at this moment is the ping from HSRP listeners to the Virtual IP. Everything worked fine before the vrf membership change. The two vrfs' in discussion are not new and other SVI's on vrf A work without problems as well as SVIs on vrf B.

The procedure used for changing vrf management was :

1. shutdown the SVI

2. change the vrf membership

3. apply ip addressing config

4. no shut SVI

5. steps 1-4 were carried out in the following manner , NX1_1 followed by NX2_1 then NX1_2 and finally NX2_2

Thanks

Antony Pasteris · ‎12-22-2016

The problem seems to have been solved by changing the order of steps carried out to change the vrf membership.

1. shutdown SVIs in all 4 switches

2. change vrf membership in all 4 switches

3. apply ip addressing in all 4 switches

4. no shut NX1_1 (switch with highest HSRP priority)

5. no shut the two Listeners and finally the standby

This way we did not observe the ping problems.