Tracking

xuserxtest · ‎05-07-2013

link 1

Switch_1 4506 --------------------- ASA_1 5520

| |

| trunk |

| |

Switch_2 4506 --------------------- ASA_2 5520

link 2

Hi,

I want to use 4506 to track link 1 so that if it fail the traffic will use link 2 to go to ASA firewall. Switch_1 and Switch_2 is configured to use VRRP where Switch_1 is the primary.

Current configuration (which im not sure about it):

Switch_1

track 1 interface gigabitethernet2/3 line protocol

interface vlan10

ip address 192.168.10.10 255.255.255.0

vrrp 1 ip 192.168.10.1

vrrp priority 50

vrrp 1 track 1 decrement 50

Switch_2

interface vlan10

ip address 192.168.10.10 255.255.255.0

vrrp 1 ip 192.168.10.1

vrrp priority 80

Any help and suggestion vey much appreciated.

cadet alain · ‎05-07-2013

Hi,

your Vlan interfaces IP must be different and the primary switch should have the highest priority( sw1):

Switch_1

track 1 interface gigabitethernet2/3 line protocol

interface vlan10

ip address 192.168.10.10 255.255.255.0

vrrp 1 ip 192.168.10.1

vrrp priority 80

vrrp 1 track 1 decrement 50

Switch_2

interface vlan10

ip address 192.168.10.11 255.255.255.0

vrrp 1 ip 192.168.10.1

vrrp priority 50

Regards

Alain

Don't forget to rate helpful posts.

acampbell · ‎05-07-2013

If you want switch 1 to be the primary rourter
then you need to give it the higher priority.
The interfaces also need to use individual IP addresses.
You have 192.168.10.10 on both switches. One of them will need to
change.

!
!Switch_1
!
track 1 interface gigabitethernet2/3 line protocol
interface vlan10
ip address 192.168.10.10 255.255.255.0
vrrp 1 ip 192.168.10.1
vrrp priority 110
vrrp 1 track 1 decrement 50
!
!

!
!Switch_2
!
interface vlan10
ip address 192.168.10.11 255.255.255.0
vrrp 1 ip 192.168.10.1
vrrp priority 80
!

Here is link to a very useful document:-

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp_fhrp/configuration/12-4/fhp-vrrp.html

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.

xuserxtest · ‎05-07-2013

Hi Alain, Alex

Thanks for your reply.

How should I track link 1 so that if link 1 fail the traffic will use Switch_2 (link 2) via trunk.

Example 1:

Switch_1

track 1 interface g2/3 line protocol (g2/3 is Switch_1 port connected to ASA)

interface vlan10

ip address 192.168.10.10 255.255.255.0

vrrp 1 ip 192.168.10.1

vrrp priority 80

vrrp 1 track 1 decrement 50

Switch_2

interface vlan10

ip address 192.168.10.11 255.255.255.0

vrrp 1 ip 192.168.10.1

vrrp priority 50

or

Example 2:

link 1 (vlan299)

Switch_1 4506 --------------------- ASA_1 5520

| |

| trunk |

| |

Switch_2 4506 --------------------- ASA_2 5520

link 2 (vlan 299)

Switch_1

track 1 interface vlan299 line protocol

interface g2/3 (g2/3 is Switch_1 port connected to ASA)

vrrp 1 ip address 192.168.20.1

vrrp 1 priority 80

vrrp 1 track 1 decrement 50

Switch_2

interface g2/3 (g2/3 is Switch_1 port connected to ASA)

vrrp 1 ip address 192.168.20.1

vrrp 1 priority 50

Which one is the correct or suitable for the situation?

Thanks

acampbell · ‎05-07-2013

WSH shW

You will need to use example 1.

Tracking interface vlan 299 will only look at the local switch, it will alway be up if any ports or trunks are live with access to vlan 299.

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.