HSRP on multiple vlans lab question, please help!

steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
in CCNP
hi,

i've set up a lab in which the DLS1 and DLS2 are the L3 switches to run HSRP
the show standby brief command output from they are:
DLS1:
Interface Grp Pri P State Active Standby Virtual IP
Vl1 1 150 P Active local 172.16.1.4 172.16.1.1
Vl1 1 150 P Active local 172.16.10.4 172.16.10.1
Vl2 1 150 P Active local 172.16.20.4 172.16.20.1
Vl3 1 100 P Standby 172.16.30.4 local 172.16.30.1
Vl4 1 100 P Standby 172.16.40.4 local 172.16.40.1

DLS2:
Interface Grp Pri P State Active Standby Virtual IP
Vl1 1 150 P Active local 172.16.1.4 172.16.1.1
Vl1 1 150 P Active local 172.16.10.4 172.16.10.1
Vl2 1 150 P Active local 172.16.20.4 172.16.20.1
Vl3 1 100 P Standby 172.16.30.4 local 172.16.30.1
Vl4 1 100 P Standby 172.16.40.4 local 172.16.40.1
(the 2nd to 5th vlan name should be actually Vl10, Vl20, Vl30, Vl40,
which is packet tracer 6.0 bug!)

Target is to be able to ping from the payroll(vlan10) to the engineering(vlan20),
but if failed!

the wired thing is i even fail to ping the hsrp virtual ip 172.16.10.1 from payroll
and from ALS1.

ALS1's ip-default-gateway is 172.16.1.1
ALS2's ip -default-gateway is 172.16.1.1

i also tried to ping from ALS1 to 172.16.1.1 but fail, can ping 172.16.1.4 though.
anyone can help diagnose? thanks.
· Share on FacebookShare on Twitter

Comments

  • steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
    topology:
    https://lh4.googleusercontent.com/-LJooV1s0bDM/UxNpLujbglI/AAAAAAAAAx8/qC0bEyS-vSw/w685-h302-no/hsrp+topology.png
    · Share on FacebookShare on Twitter
  • late_collisionlate_collision Member Posts: 146
    Are the access, etherchannel, and trunk ports configured correctly? Is routing enabled?
    RFC 1925: The Twelve Networking Truths
    · Share on FacebookShare on Twitter
  • okplayaokplaya Member Posts: 199
    Do you have the SVIs using the same ip address on both switches?
    · Share on FacebookShare on Twitter
  • kohr-ahkohr-ah Member Posts: 1,277
    This is actually covered in the OCG guide under HSRP using 2 standby groups for the seperate VLANs.
    Check the book I will list the page if I can find it but atm I dont have the book near me.
    · Share on FacebookShare on Twitter
  • late_collisionlate_collision Member Posts: 146
    kohr-ah wrote: »
    This is actually covered in the OCG guide under HSRP using 2 standby groups for the seperate VLANs.
    Check the book I will list the page if I can find it but atm I dont have the book near me.


    It's verbatim from the CCNP SWITCH Lab Manual. Page 103.
    RFC 1925: The Twelve Networking Truths
    · Share on FacebookShare on Twitter
  • steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
    late_collision wrote: »
    Are the access, etherchannel, and trunk ports configured correctly? Is routing enabled?

    yes, i think they are all working.
    DLS1#sh etherchannel s
    Flags: D - down P - in port-channel
    I - stand-alone s - suspended
    H - Hot-standby (LACP only)
    R - Layer3 S - Layer2
    U - in use f - failed to allocate aggregator
    u - unsuitable for bundling
    w - waiting to be aggregated
    d - default port




    Number of channel-groups in use: 3
    Number of aggregators: 3


    Group Port-channel Protocol Ports
    +
    +
    +


    1 Po1(SU) PAgP Fa0/7(P) Fa0/8(P)
    2 Po2(SU) PAgP Fa0/9(P) Fa0/10(P)
    3 Po3(SU) PAgP Fa0/11(P) Fa0/12(P)

    DLS2#sh eth su
    Flags: D - down P - in port-channel
    I - stand-alone s - suspended
    H - Hot-standby (LACP only)
    R - Layer3 S - Layer2
    U - in use f - failed to allocate aggregator
    u - unsuitable for bundling
    w - waiting to be aggregated
    d - default port




    Number of channel-groups in use: 3
    Number of aggregators: 3


    Group Port-channel Protocol Ports
    +
    +
    +


    1 Po1(SU) PAgP Fa0/7(P) Fa0/8(P)
    2 Po2(SU) PAgP Fa0/9(P) Fa0/10(P)
    3 Po3(SU) PAgP Fa0/11(P) Fa0/12(P)


    DLS1#
    DLS1#sh int tru
    Port Mode Encapsulation Status Native vlan
    Po1 on 802.1q trunking 1
    Po2 on 802.1q trunking 1
    Po3 on 802.1q trunking 1


    Port Vlans allowed on trunk
    Po1 1-1005
    Po2 1-1005
    Po3 1-1005


    Port Vlans allowed and active in management domain
    Po1 1,10,20,30,40
    Po2 1,10,20,30,40
    Po3 1,10,20,30,40


    Port Vlans in spanning tree forwarding state and not pruned
    Po1 1,10,20,30,40
    Po2 1,10,20,30,40
    Po3 1,10,20,30,40

    DLS2#sh int tru
    Port Mode Encapsulation Status Native vlan
    Po1 on 802.1q trunking 1
    Po2 on 802.1q trunking 1
    Po3 on 802.1q trunking 1


    Port Vlans allowed on trunk
    Po1 1-1005
    Po2 1-1005
    Po3 1-1005


    Port Vlans allowed and active in management domain
    Po1 1,10,20,30,40
    Po2 1,10,20,30,40
    Po3 1,10,20,30,40


    Port Vlans in spanning tree forwarding state and not pruned
    Po1 none
    Po2 none
    Po3 1,10,20,30,40

    DLS1#sh ip ro
    Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
    * - candidate default, U - per-user static route, o - ODR
    P - periodic downloaded static route


    Gateway of last resort is not set


    172.16.0.0/24 is subnetted, 5 subnets
    C 172.16.1.0 is directly connected, Vlan1
    C 172.16.10.0 is directly connected, Vlan10
    C 172.16.20.0 is directly connected, Vlan20
    C 172.16.30.0 is directly connected, Vlan30
    C 172.16.40.0 is directly connected, Vlan40

    DLS2#sh ip ro
    Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
    * - candidate default, U - per-user static route, o - ODR
    P - periodic downloaded static route


    Gateway of last resort is not set


    172.16.0.0/24 is subnetted, 5 subnets
    C 172.16.1.0 is directly connected, Vlan1
    C 172.16.10.0 is directly connected, Vlan10
    C 172.16.20.0 is directly connected, Vlan20
    C 172.16.30.0 is directly connected, Vlan30
    C 172.16.40.0 is directly connected, Vlan40

    ping from payroll to DLS1's vlan 10 172.16.10.3 is ok, but
    ping from payroll to hsrp virtual interface 172.16.10.1 fail!

    ping from ALS1 to DLS1's vlan 1 172.16.1.3 is ok, but
    ping from ALS1 to hsrp virtual interface 172.16.1.1 fail!
    · Share on FacebookShare on Twitter
  • steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
    okplaya wrote: »
    Do you have the SVIs using the same ip address on both switches?

    no.

    DLS1#sh ip int bri
    ..
    ..
    Vlan1 172.16.1.3 YES manual up up

    Vlan10 172.16.10.3 YES manual up up

    Vlan20 172.16.20.3 YES manual up up

    Vlan30 172.16.30.3 YES manual up up

    Vlan40 172.16.40.3 YES manual up up

    DLS2#sh ip int bri
    ..
    ..
    Vlan1 172.16.1.4 YES manual up up

    Vlan10 172.16.10.4 YES manual up up

    Vlan20 172.16.20.4 YES manual up up

    Vlan30 172.16.30.4 YES manual up up

    Vlan40 172.16.40.4 YES manual up up
    · Share on FacebookShare on Twitter
  • steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
    late_collision wrote: »
    It's verbatim from the CCNP SWITCH Lab Manual. Page 103.

    yes, but the problem is i still cant get it working.icon_redface.gif
    · Share on FacebookShare on Twitter
  • steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
    one more thing, if i shut down all the 3 etherchannels on DLS1, the hsrp failover successfully.
    DLS2#sh stan b
    P indicates configured to preempt.
    |
    Interface Grp Pri P State Active Standby Virtual IP
    Vl1 1 100 P Active local unknown 172.16.1.1
    Vl1 1 100 P Active local unknown 172.16.10.1
    Vl2 1 100 P Active local unknown 172.16.20.1
    Vl3 1 150 P Active local 172.16.30.3 172.16.30.1
    Vl4 1 150 P Active local 172.16.40.3 172.16.40.1
    · Share on FacebookShare on Twitter
  • late_collisionlate_collision Member Posts: 146
    steveyeung wrote: »
    yes, but the problem is i still cant get it working.icon_redface.gif
    I'm not sure how to advise you other than to reset the switches and try again. The student lab manual gives you the commands to enter and walks you through the process. It was probably a typo somewhere.

    steveyeung wrote: »
    DLS1:
    Interface Grp Pri P State Active Standby Virtual IP
    Vl1 1 150 P Active local 172.16.1.4 172.16.1.1
    Vl1 1 150 P Active local 172.16.10.4 172.16.10.1
    Vl2 1 150 P Active local 172.16.20.4 172.16.20.1
    Vl3 1 100 P Standby 172.16.30.4 local 172.16.30.1
    Vl4 1 100 P Standby 172.16.40.4 local 172.16.40.1

    DLS2:
    Interface Grp Pri P State Active Standby Virtual IP
    Vl1 1 150 P Active local 172.16.1.4 172.16.1.1
    Vl1 1 150 P Active local 172.16.10.4 172.16.10.1
    Vl2 1 150 P Active local 172.16.20.4 172.16.20.1
    Vl3 1 100 P Standby 172.16.30.4 local 172.16.30.1
    Vl4 1 100 P Standby 172.16.40.4 local 172.16.40.1

    Something is wrong with this output. Both DLS1 and DLS2 think they are the active gateway for VLAN's 1, 10, and 20 while being in standby for VLAN's 30 and 40.

    One switch should be active for 1, 10, and 20 as well as standby for 30 and 40. The other switch should be standby for 1, 10, and 20 while being active for 30 and 40.

    Something isn't configured right and there isn't a complete configuration to troubleshoot.
    RFC 1925: The Twelve Networking Truths
    · Share on FacebookShare on Twitter
  • fredrikjjfredrikjj Member Posts: 879
    Are you using IOU? (it doesn't really play well with the FHRPs)
    · Share on FacebookShare on Twitter
  • steveyeungsteveyeung Member Posts: 44 ■■□□□□□□□□
    late_collision wrote: »
    I'm not sure how to advise you other than to reset the switches and try again. The student lab manual gives you the commands to enter and walks you through the process. It was probably a typo somewhere.




    Something is wrong with this output. Both DLS1 and DLS2 think they are the active gateway for VLAN's 1, 10, and 20 while being in standby for VLAN's 30 and 40.

    One switch should be active for 1, 10, and 20 as well as standby for 30 and 40. The other switch should be standby for 1, 10, and 20 while being active for 30 and 40.

    Something isn't configured right and there isn't a complete configuration to troubleshoot.


    sorry, i may have mistake in capturing the results. i just run again and with the following results
    DLS1#sh standby b
    P indicates configured to preempt.
    |
    Interface Grp Pri P State Active Standby Virtual IP
    Vl1 1 150 P Active local 172.16.1.4 172.16.1.1
    Vl1 1 150 P Active local 172.16.10.4 172.16.10.1
    Vl2 1 150 P Active local 172.16.20.4 172.16.20.1
    Vl3 1 100 P Standby 172.16.30.4 local 172.16.30.1
    Vl4 1 100 P Standby 172.16.40.4 local 172.16.40.1

    DLS2#sh stan b
    P indicates configured to preempt.
    |
    Interface Grp Pri P State Active Standby Virtual IP
    Vl1 1 100 P Standby 172.16.1.3 local 172.16.1.1
    Vl1 1 100 P Standby 172.16.10.3 local 172.16.10.1
    Vl2 1 100 P Standby 172.16.20.3 local 172.16.20.1
    Vl3 1 150 P Active local 172.16.30.3 172.16.30.1
    Vl4 1 150 P Active local 172.16.40.3 172.16.40.1

    for vl1, 10,20 DLS1 is active, for vlan 30,40 DLS2 is the active. so it seems correct.



    and still the same result:
    from the payroll(host A), ping 172.16.10.3(vlan10 on DLS1), OK.
    from the payroll(host A), ping 172.16.10.1(hsrp virtual ip on DLS1), fail.
    from the payroll(host A), ping 172.16.20.100(engineering HostB), fail.
    payroll(host A)'s default gateway has been set to 172.16.10.1

    sorry, i unstand it may not be enough information for troubleshoot,
    i tried but cant upload the .pkt file, it said invalid file.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.