Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1115
Views
0
Helpful
4
Replies

Unable to Ping HSRP Interface IP/VLAN

Vic48
Level 1
Level 1

‎06-12-2020 09:23 AM

I'm trying to allow NTP traffic from a Cat 3650 switch to a Nexus 9k, which are neighboring switches, over a trunked interface. The Cat 3650 doesn't have a working default gateway so I configured an address associated with a VLAN on the Nexus switch.

 

So here's the breakdown of the traffic from the Cat 3650:

 

interface TenGigabitEthernet1/1/3
description 10g Uplink to Nexus9372PX-01
switchport mode trunk
channel-group 15 mode active
!
interface TenGigabitEthernet1/1/4
description 10g Uplink to Nexus9372PX-02
switchport mode trunk
channel-group 15 mode active

***********************************************************

interface Port-channel15
description Uplink to Nexus9372PX
switchport mode trunk

********************************************************

SJCAT3650#sh ether summ


Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
15 Po15(SU) LACP Gi1/0/2(D) Te1/1/3(P) Te1/1/4(P)

**********************************************************

interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address 10.10.202.126 255.255.255.0
negotiation auto

*********************************************************

 

 

From the Nexus side:

 

interface Ethernet1/20
description SJCAT3650 port G3-TE3
switchport mode trunk
channel-group 15 mode active

****************************************************

interface port-channel15
description Uplink To 3650
switchport mode trunk
vpc 15

*********************************************************

SJCISCO9k-01# sh hsrp interface vlan 202
Vlan202 - Group 202 (HSRP-V2) (IPv4)
Local state is Active, priority 110 (Cfged 110), may preempt
Forwarding threshold(for vPC), lower: 0 upper: 110
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 2.615000 sec(s)
Virtual IP address is 10.10.202.254 (Cfged)
Active router is local
Standby router is 10.10.202.253 , priority 100 expires in 1.723000 sec(s)
**************************************************************************

Vlan202 10.10.202.252 protocol-up/link-up/admin-up

 

 

So when I try to ping any of the ip's they all fail:

 

SJCAT3650#ping 10.10.202.252
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.202.252, timeout is 2 seconds:
.....

 

Success rate is 0 percent (0/5)

SJCAT3650#ping 10.10.202.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.202.254, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)


SJCAT3650#ping 10.10.202.253
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.202.253, timeout is 2 seconds:
.....

 

Since the VLAN is being allowed over the port channel and the ip address from the Cat 3650 is in the same subnet as VLAN 202 on the Nexus why are the pings dropping.

 

Thanks for your help on this one guys!

Labels:
Preview file
40 KB
Preview file
11 KB
0 Helpful
4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

‎06-12-2020 10:24 AM 

interface GigabitEthernet0/0
 vrf forwarding Mgmt-vrf
 ip address 10.10.202.126 255.255.255.0
 negotiation auto

The ip on the 3650 belongs to the management port and the management port is is a different VRF (Mgmt-vrf). What is connected to the mgmt port? What device is supposed to do the routing for vlans? If the 3650 is supposed be layer-2 than you need a default route under the mgmt vrf.

HTH 

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎06-13-2020 12:03 AM

Hi,

I can see that Cat 3650's management interface Gi0/0 in the management vrf. So how this interface is connected? If you this gig0/0 is also connected on management switch or back to nexus switch in VLAN 202 as an orphan port then try to ping as:

 

ping 10.10.202.252 vrf Mgmt-vrf

 

Other option:

Configure an SVI on the 3650 under the VLAN 202 and define the default gateway with HSRP virtual IP address.

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Vic48
Level 1
Level 1
In response to Deepak Kumar

‎06-16-2020 02:51 PM

That's not a valid command:

 

SJCAT3650#ping 10.10.202.252 vrf Mgmt-vrf
^
% Invalid input detected at '^' marker.

SJCAT3650#ping 10.10.202.252 vrf ?
% Unrecognized command
SJCAT3650#ping 10.10.202.252 ?
data specify data pattern
df-bit enable do not fragment bit in IP header
repeat specify repeat count
size specify datagram size
source specify source address or name
timeout specify timeout interval
tos specify type of service value
validate validate reply data
<cr>

0 Helpful

paul driver
VIP
VIP

‎06-14-2020 07:31 AM

Hello

is the vtp database of the 3650 populated?
sh vlan brief


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card