05-26-2014 03:04 AM - edited 03-07-2019 07:32 PM
Hi,
We have two VSS clusters interconnected via a trunk allowing two VLANs.
Both VSS clusters have an SVI for both VLANs.
Problem is that I cannot ping the IP address of SVI cluster number one from number two and vice & versa.
However I can ping a PC connected to cluster number two from cluster number one in the same VLAN.
If I try to ping the same PC from cluster number two specifying another source, it fails...
I have noticed that the MAC address used for the SVI on both cluster is the same.... I believe this is the problem.
Here is the output:
Cluster one:
Vlan50 is up, line protocol is up
Hardware is Ethernet SVI, address is 0008.e3ff.fd90 (bia 0008.e3ff.fd90)
Description: Infoblox
Internet address is 10.30.0.2/24
Cluster two:
Vlan50 is up, line protocol is up
Hardware is Ethernet SVI, address is 0008.e3ff.fd90 (bia 0008.e3ff.fd90)
Description: Infoblox
Internet address is 10.30.0.3/24
As a result of this, here is a strange STP output: (show spanning-tree vlan 50 from Cluster number two)
VLAN0050
Spanning tree enabled protocol rstp
Root ID Priority 8242
Address 0008.e3ff.fd90
Cost 230038
Port 2561 (Port-channel1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 16434 (priority 16384 sys-id-ext 50)
Address 0008.e3ff.fd90
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/2/5 Desg FWD 20000 128.133 P2p
Po1 Root FWD 20000 128.2561 P2p
Po3 Desg FWD 20000 128.2563 P2p
Po4 Desg FWD 20000 128.2564 P2p
We can see that the Bridge ID is the same as the Root ID although this bridge IS NOT THE ROOT
Is there a way to change the MAC address of the SVI with IOS-XE, Version 03.05.02.E
Solved! Go to Solution.
10-01-2014 05:53 AM
Don't know if you got anything from TAC on this, but...
I've had a similar problem where two 4500-X VSS clusters had the same MAC address. As you might imagine this made life interesting when it came to trying to elect a root bridge with STP :-o
The root cause of the problem was that both clusters were configured with the same virtual switch domain. By default the router MAC address is generated based on this virtual domain (mac-address use-virtual).
I'm guessing that you used virtual switch domain 100, as it's exactly the same MAC as I had - I googled the MAC address and it brought me here!
Rebuilding the VSS cluster with a different virtual switch domain changed the MAC and resolved the issue.
Tucked away in the VSS documentation is this little nugget of wisdom:
The virtual switch domain is a number between 1 and 255, and must be unique for each VSS in your network (the domain number is incorporated into various identifiers to ensure that these identifiers are unique across the network.) [emphasis added]
HTH
--hugh
05-26-2014 12:35 PM
Hi Louis,
Not sure if it changed for new SUPs, but in old SUPs you could not change the mac-address from 4500 switches.
If they're in VSS what I recommend you is to use the command "mac-address use-virtual" when configuring VSS.
switch virtual domain 1
switch mode virtual
switch 1 priority 255
mac-address use-virtual
What you could maybe try is to configure an HSRP address so it would use a virtual mac (Not sure if this one would work, it would be better to use first option).
05-26-2014 01:52 PM
Hi Renan
Thank you for your reply.
Actually, Each VSS cluster has already been configured with "mac-address use-virtual".
I don't think it is related to VSS setup, the problem is that VSS clusters cannot talk to each other because they use the same Mac address for their respective SVI.
About HSRP, they have successfully negotiated their active-standby role (between both clusters). However I cannot ping the virtual address from the standby cluster...
Additional information: All the 4500-E chassis (and their supervisors) are part from the same order delivered at the customer by Cisco. I believe their come from the same Production line, from the factory, it is probably why they have the same MAC address.
I have opened a TAC case and will wait for their feedback on this.
I'll update this post with Cisco input.
Kind regards,
10-01-2014 05:53 AM
Don't know if you got anything from TAC on this, but...
I've had a similar problem where two 4500-X VSS clusters had the same MAC address. As you might imagine this made life interesting when it came to trying to elect a root bridge with STP :-o
The root cause of the problem was that both clusters were configured with the same virtual switch domain. By default the router MAC address is generated based on this virtual domain (mac-address use-virtual).
I'm guessing that you used virtual switch domain 100, as it's exactly the same MAC as I had - I googled the MAC address and it brought me here!
Rebuilding the VSS cluster with a different virtual switch domain changed the MAC and resolved the issue.
Tucked away in the VSS documentation is this little nugget of wisdom:
The virtual switch domain is a number between 1 and 255, and must be unique for each VSS in your network (the domain number is incorporated into various identifiers to ensure that these identifiers are unique across the network.) [emphasis added]
HTH
--hugh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide