02-21-2023 07:58 AM
Hi
I created an SVI gateway for VLAN 20 users in two switches (S13&S18) same gateway i.e., 192.168.20.254 and I am getting an error / I know that its duplicate IP Address, so I need to understand what the solution for this will be for redundancy if S13 fails it should divert the traffic to S18 VLAN 20 SVI gateway.
Feb 21 15:47:12.515: %IP-4-DUPADDR: Duplicate address 192.168.20.254 on Vlan20, sourced by aabb.cc80.0900
switch 18
interface Ethernet0/0
no switchport
ip address 10.100.10.2 255.255.255.0
!
interface Ethernet0/1
no switchport
ip address 10.200.12.2 255.255.255.0
!
interface Ethernet0/2
switchport trunk allowed vlan 20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/3
!
interface Ethernet1/0
!
interface Ethernet1/1
switchport trunk allowed vlan 20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet1/2
switchport trunk allowed vlan 30
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet1/3
!
interface Vlan20
ip address 192.168.20.254 255.255.255.0
!
interface Vlan30
ip address 192.168.30.254 255.255.255.0
!
router ospf 1
router-id 18.18.18.18
network 10.100.10.0 0.0.0.255 area 1.1.1.1
network 10.200.12.0 0.0.0.255 area 1.1.1.1
network 192.168.20.0 0.0.0.255 area 1.1.1.1
network 192.168.30.0 0.0.0.255 area 1.1.1.1
switch 13
interface Ethernet0/0
no switchport
ip address 10.200.200.2 255.255.255.0
!
interface Ethernet0/1
no switchport
ip address 10.200.14.2 255.255.255.0
!
interface Ethernet0/2
switchport trunk allowed vlan 10,20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/3
switchport trunk allowed vlan 10,20
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
!
interface Ethernet1/0
switchport trunk allowed vlan 30
switchport trunk encapsulation dot1q
switchport mode dynamic desirable
!
interface Ethernet1/1
!
interface Ethernet1/2
!
interface Ethernet1/3
!
interface Vlan10
description default gateway SVI 192.168.10.0/24
ip address 192.168.10.254 255.255.255.0
!
interface Vlan20
description default gatway 192.168.20.0/24
ip address 192.168.20.254 255.255.255.0
!
interface Vlan30
ip address 192.168.30.254 255.255.255.0
!
router ospf 1
router-id 13.13.13.13
network 10.200.14.0 0.0.0.255 area 2.2.2.2
network 10.200.200.0 0.0.0.255 area 2.2.2.2
network 192.168.10.0 0.0.0.255 area 2.2.2.2
network 192.168.20.0 0.0.0.255 area 2.2.2.2
network 192.168.30.0 0.0.0.255 area 2.2.2.2
!
Solved! Go to Solution.
02-22-2023 01:12 AM
That is for firewall to act as a Redundancy, are you using FW as Gateway ?
There are 2 Options you can do :
1. If you like to configure Layer 3 on HSRP can do your work.
2. if you Like to IGP to taken care, that is also possible, but you need to make Layer 2 access to Layer 3 access switch.
So OSPF can do Loadbalance Failover automatically, S13 and S18 will be active / active all time - user will not see any failed of S13.
Its all your design and requirement, In the Lab you can test what ever you like, in the real environment, due to License cost Access switch to be just Access switch and act as layer 2
My suggestion since you looking 10, 20,30 single gateway, VIP is best option using HSRP.
S13 will be active all time, in case that fails HSRP Active will move automatically to S18, so users will not notice this.
Understand other concept refer campuse design guide from cisco :
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wlan-design-guide.html
02-21-2023 08:10 AM
You can have same IP address in the network segment so you get dunplicate (only possible in SD-Access in anycast - you can google get more information on that)
for your situation, suggest to use HSRP if you looking redundant for your goal.
02-21-2023 09:12 AM
Hi Balaji,
For redundant I am using a firewall as an Active/passive
02-22-2023 01:12 AM
That is for firewall to act as a Redundancy, are you using FW as Gateway ?
There are 2 Options you can do :
1. If you like to configure Layer 3 on HSRP can do your work.
2. if you Like to IGP to taken care, that is also possible, but you need to make Layer 2 access to Layer 3 access switch.
So OSPF can do Loadbalance Failover automatically, S13 and S18 will be active / active all time - user will not see any failed of S13.
Its all your design and requirement, In the Lab you can test what ever you like, in the real environment, due to License cost Access switch to be just Access switch and act as layer 2
My suggestion since you looking 10, 20,30 single gateway, VIP is best option using HSRP.
S13 will be active all time, in case that fails HSRP Active will move automatically to S18, so users will not notice this.
Understand other concept refer campuse design guide from cisco :
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wlan-design-guide.html
02-22-2023 06:58 AM
Thank Balaji,
Yes, you are correct by default HSRP is the option for VLAN redundancy
02-21-2023 08:11 AM
you cannot use same ip in 2 places in same network segment. configure one device as gateway for vlan.
02-21-2023 09:15 AM
Ok. If I configured S13 as the single gateway for all VLANs (10,20,30) in case S13 will down in that case how all VLANs will access the internet?
02-21-2023 06:24 PM
@R Manjunatha this things came to my mind...
what is the reason distribution layer divided to 2 areas? if its using same set of vlans?
02-21-2023 10:18 PM
there is no reason to divide it into 2 areas it's just layer 3 communications. yes, it's the same set of VLANs for both switches s13 and s18.
02-22-2023 02:07 AM
For me it looks like what @balaji.bandi has noted in his point1 would be the best approach. Hsrp, vrrp or glbp is three possible solutions to have gateway redandancy.
02-22-2023 06:59 AM
Yes, I did thanks
02-22-2023 07:07 AM - edited 02-22-2023 09:44 AM
friend ASA not support HSRP
you can config ASA with Active/Standby or Active/Active
02-22-2023 08:40 AM
02-23-2023 06:18 AM
Hi,
yes.Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide