with the VRRP Set up we have one router is 192.168.160.2 ( master) other router is 192.168.160.3. the VRRP address is 192.168.160.1. this setup has been working fine for about 1.5 years but now when clients that hang off the 192.168.160.3 switch they cant get out externaly. when doing a tracert the clients get to 192.168.160.3 but no further ( the clients shouldnt be seeing that address they should only see the vrrp address ( 192.168.160.1 right?)
the clients shouldnt be seeing that address they should only see the vrrp address ( 192.168.160.1 right?)
No as the vrrp address is a virtual address, the clients should see the master address.
Can you do a sh vrrp br on both
so if thats the case then when doing a tracert the clients will see the ip of the master ( 192.168.160.2?) no matter what switch they hang off? so then this isnt looking like a hsrp problem but a vlan problem?
we are using nortel L3 switchs so not sure what the sh cmd is for them.
A traceroute will always shown the physical address of the actual path taken.
Be glad that it works like this because it simplifies troubleshooting.
When you have a host ending on the standby device, you have probably had a topology change causing the primary router to be unreachable.
Please perform a 'sh stand' to check the actual vrrp status.
then when doing a tracert the clients will see the ip of the master
Yes exactly but maybe there has been a failover and .2 is no longer the master, that's why I wanted to see output of vrrp
Can you also clear the arp caches of the clients and do the traceroute again.
This is more like a misconfiguration. As long as clients use 192.168.160.1 as default GW they should not see/know nothing about .3 IP.
Check the configuration, post it here, then try to switch-over on the backup router, see what happens. And BEFORE doing any other troubleshooting I would restart that Nortel switch.
thanks guys i will get all the details when i am back at work tomorrow,
i am still a bit confused when doing a tracert should the client see the master ip ( .2) or the backup (.3) as the cleint is hanging of the backup. but the backup should just passing the traffic to the master. or should the client only see the GW as to the clinet that is the switches ip address.
The default gateway should be the virtual IP but in any communication you'll see a real IP (the master and not the backup as it is the real physical router forwarding traffic).