cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1578
Views
0
Helpful
13
Replies

VLAN 20 Users default gateway SVI configuration in two switches

R Manjunatha
Level 3
Level 3

Hi 

I created an SVI gateway for VLAN 20 users in two switches (S13&S18) same gateway i.e., 192.168.20.254 and I am getting an error / I know that its duplicate IP Address, so I need to understand what the solution for this will be for redundancy if S13 fails it should divert the traffic to S18 VLAN 20 SVI gateway.

Feb 21 15:47:12.515: %IP-4-DUPADDR: Duplicate address 192.168.20.254 on Vlan20, sourced by aabb.cc80.0900

 

RManjunatha_0-1676994193382.png

switch 18

interface Ethernet0/0
no switchport
ip address 10.100.10.2 255.255.255.0
!
interface Ethernet0/1
no switchport
ip address 10.200.12.2 255.255.255.0
!
interface Ethernet0/2
switchport trunk allowed vlan 20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/3
!
interface Ethernet1/0
!
interface Ethernet1/1
switchport trunk allowed vlan 20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet1/2
switchport trunk allowed vlan 30
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet1/3
!
interface Vlan20
ip address 192.168.20.254 255.255.255.0
!
interface Vlan30
ip address 192.168.30.254 255.255.255.0
!
router ospf 1
router-id 18.18.18.18
network 10.100.10.0 0.0.0.255 area 1.1.1.1
network 10.200.12.0 0.0.0.255 area 1.1.1.1
network 192.168.20.0 0.0.0.255 area 1.1.1.1
network 192.168.30.0 0.0.0.255 area 1.1.1.1

switch 13

interface Ethernet0/0
no switchport
ip address 10.200.200.2 255.255.255.0
!
interface Ethernet0/1
no switchport
ip address 10.200.14.2 255.255.255.0
!
interface Ethernet0/2
switchport trunk allowed vlan 10,20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/3
switchport trunk allowed vlan 10,20
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
!
interface Ethernet1/0
switchport trunk allowed vlan 30
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
!
interface Ethernet1/1
!
interface Ethernet1/2
!
interface Ethernet1/3
!
interface Vlan10
description default gateway SVI 192.168.10.0/24
ip address 192.168.10.254 255.255.255.0
!
interface Vlan20
description default gatway 192.168.20.0/24
ip address 192.168.20.254 255.255.255.0
!
interface Vlan30
ip address 192.168.30.254 255.255.255.0
!
router ospf 1
router-id 13.13.13.13
network 10.200.14.0 0.0.0.255 area 2.2.2.2
network 10.200.200.0 0.0.0.255 area 2.2.2.2
network 192.168.10.0 0.0.0.255 area 2.2.2.2
network 192.168.20.0 0.0.0.255 area 2.2.2.2
network 192.168.30.0 0.0.0.255 area 2.2.2.2
!

 

1 Accepted Solution

Accepted Solutions

That is for firewall to act as a Redundancy, are you using FW as Gateway ?

There are 2 Options you can do :

1. If you like to configure Layer 3 on HSRP can do your work.

2. if you Like to IGP to taken care, that is also possible, but you need to make Layer 2 access to Layer 3 access switch.

So OSPF can do Loadbalance Failover automatically, S13 and S18 will be active / active all time - user will not see any failed of S13.

Its all your design and requirement, In the Lab you can test what ever you like, in the real environment, due to License cost Access switch to be just Access switch and act as layer 2

My suggestion since you looking 10, 20,30 single gateway, VIP is best option using HSRP.

S13 will be active all time, in case that fails HSRP Active will move automatically to S18, so users will not notice this.

Understand other concept refer campuse design guide from cisco :

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wlan-design-guide.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

13 Replies 13

balaji.bandi
Hall of Fame
Hall of Fame

You can have same IP address in the network segment so you get dunplicate (only possible in SD-Access in anycast - you can google get more information on that)

for your situation, suggest to use HSRP if you looking redundant for your goal.

https://community.cisco.com/t5/networking-knowledge-base/hsrp-overview-and-basic-configuration/ta-p/3131590

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hi Balaji,

For redundant I am using a firewall as an Active/passive 

That is for firewall to act as a Redundancy, are you using FW as Gateway ?

There are 2 Options you can do :

1. If you like to configure Layer 3 on HSRP can do your work.

2. if you Like to IGP to taken care, that is also possible, but you need to make Layer 2 access to Layer 3 access switch.

So OSPF can do Loadbalance Failover automatically, S13 and S18 will be active / active all time - user will not see any failed of S13.

Its all your design and requirement, In the Lab you can test what ever you like, in the real environment, due to License cost Access switch to be just Access switch and act as layer 2

My suggestion since you looking 10, 20,30 single gateway, VIP is best option using HSRP.

S13 will be active all time, in case that fails HSRP Active will move automatically to S18, so users will not notice this.

Understand other concept refer campuse design guide from cisco :

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wlan-design-guide.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Thank Balaji,

Yes, you are correct by default HSRP is the option for VLAN redundancy 

 

you cannot use same ip in 2 places in same network segment. configure  one device as gateway for vlan.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

Ok. If I configured S13 as the single gateway for all VLANs (10,20,30) in case S13 will down in that case how all VLANs will access the internet? 

@R Manjunatha  this things came to my mind...

what is the reason distribution layer divided to 2 areas? if its using same set of vlans?

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

there is no reason to divide it into 2 areas it's just layer 3 communications. yes, it's the same set of VLANs for both switches s13 and s18.

mlund
Level 7
Level 7

For me it looks like what @balaji.bandi has noted in his point1 would be the best approach. Hsrp, vrrp or glbp is three possible solutions to have gateway redandancy.

Yes, I did thanks 

friend ASA not support HSRP 
you can config ASA with Active/Standby or Active/Active 

RManjunatha_0-1676994193382.png

Hi,

yes.Thanks

Review Cisco Networking for a $25 gift card