Well done!! The key-chain is irrelevant and it is there to make you think it is important and may have issues. (Again to make you waste time)
What is it that we are accomplishing with this type of HSRP configuration? From: Di Bias, Steve [mailto:[email protected]] Sent: October-23-10 9:09 PM To: Jason Maynard; [email protected] Subject: RE: [OSL | CCIE_RS] I have added another "Troubleshooting" scenario Well here is what I did in order to get this working, let me know if I missed something somewhere. Thanks! Group 1 has standby IP mismatch R2 int fa0/0 no standby 1 ip 192.168.1.111 standby 1 ip 192.168.1.11 Group 2 has authentication string mismatch R1 int fa0/0 no standby 2 authentication secur3 standby 2 authentication s3cur3 The key chains are irrelevant since you are using an MD5 key-string. I left it as is but if we needed to we could change group 1 to use it standby 1 authentication md5 key-chain HSRP Both R1 and R2 has preemption enabled for the groups they are active for, however if we want failback preemption will need to be enabled everywhere R1 int fa0/0 standby 2 preempt R2 int fa0/0 standby 1 preempt Now for the interface tracking track 1 interface serial 0/0 line-protocol int fa0/0 standby 2 track 1 dec 210 Now to see if it works R2#sh standby fa0/0 2 FastEthernet0/0 - Group 2 State is Active 2 state changes, last state change 00:21:48 Virtual IP address is 192.168.1.12 Active virtual MAC address is 0000.0c07.ac02 Local virtual MAC address is 0000.0c07.ac02 (v1 default) Hello time 3 sec, hold time 10 sec Next hello sent in 2.580 secs Authentication text, string "s3cur3" Preemption enabled Active router is local Standby router is 192.168.1.1, priority 50 (expires in 7.448 sec) Priority 255 (configured 255) Track object 1 state Up decrement 210 IP redundancy name is "HSPR2" (cfgd) R2(config)#int s0/0 R2(config-if)#shutdown *May 20 10:43:12.135: %TRACKING-5-STATE: 1 interface Se0/0 line-protocol Up->Down *May 20 10:43:12.703: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 2 state Active -> Speak *May 20 10:43:22.703: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 2 state Speak -> Standby R2(config-if)#do sh standby fa0/0 2 FastEthernet0/0 - Group 2 State is Standby 4 state changes, last state change 00:01:01 Virtual IP address is 192.168.1.12 Active virtual MAC address is 0000.0c07.ac02 Local virtual MAC address is 0000.0c07.ac02 (v1 default) Hello time 3 sec, hold time 10 sec Next hello sent in 1.188 secs Authentication text, string "s3cur3" Preemption enabled Active router is 192.168.1.1, priority 50 (expires in 7.188 sec) Standby router is local Priority 45 (configured 255) Track object 1 state Down decrement 210 IP redundancy name is "HSPR2" (cfgd) and on R1 R1(config-if)#do sh stand fa0/0 2 FastEthernet0/0 - Group 2 State is Active 5 state changes, last state change 00:01:56 Virtual IP address is 192.168.1.12 Active virtual MAC address is 0000.0c07.ac02 Local virtual MAC address is 0000.0c07.ac02 (v1 default) Hello time 3 sec, hold time 10 sec Next hello sent in 0.132 secs Authentication text, string "s3cur3" Preemption enabled Active router is local Standby router is 192.168.1.2, priority 45 (expires in 8.128 sec) Priority 50 (configured 50) IP redundancy name is "HSRP2" (cfgd) Thank you, Steve Di Bias Network Engineer - Information Systems Valley Health System - Las Vegas Office - 702- 369-7594 Cell - 702-241-1801 [email protected] From: [email protected] [mailto:[email protected]] On Behalf Of Jason Maynard Sent: Saturday, October 23, 2010 5:11 PM To: [email protected] Subject: [OSL | CCIE_RS] I have added another "Troubleshooting" scenario You must use the authentication type configured within the standby command. Preemption should work on both devices and you must monitor the serial 1/0 link on the opposite router. R1 __ key chain HSRP key 1 key-string cisco accept-lifetime 00:00:00 Jan 1 1993 infinite send-lifetime 00:00:00 Jan 1 2010 infinite interface FastEthernet0/0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto no keepalive standby 1 ip 192.168.1.11 standby 1 priority 255 standby 1 preempt standby 1 authentication md5 key-string HSRP standby 1 name HSRP1 standby 2 ip 192.168.1.12 standby 2 priority 50 standby 2 authentication secur3 standby 2 name HSRP2 R2 __ key chain HSRP key 1 key-string cisco accept-lifetime 00:00:00 Jan 1 1993 infinite send-lifetime 00:00:00 Jan 1 1993 infinite interface FastEthernet0/0 ip address 192.168.1.2 255.255.255.0 duplex auto speed auto no keepalive standby 1 ip 192.168.1.111 standby 1 priority 50 standby 1 authentication md5 key-string HSRP standby 1 name HSRP1 standby 2 ip 192.168.1.12 standby 2 priority 255 standby 2 authentication s3cur3 standby 2 name HSPR2 standby 2 preempt https://blogger.googleusercontent.com/tracker/798422581969112174-66452885185 79354784?l=packetsanalyzed.blogspot.com <http://feedads.g.doubleclick.net/~a/iVk9ZawyROWQ_XP8jAekNTTJv78/0/da> http://feedads.g.doubleclick.net/~a/iVk9ZawyROWQ_XP8jAekNTTJv78/0/di <http://feedads.g.doubleclick.net/~a/iVk9ZawyROWQ_XP8jAekNTTJv78/1/da> http://feedads.g.doubleclick.net/~a/iVk9ZawyROWQ_XP8jAekNTTJv78/1/di http://feeds.feedburner.com/~r/PacketsAnalyzed/~4/xE5gywBVHJI UHS Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of this information is prohibited, and may be punishable by law. If this was sent to you in error, please notify the sender by reply e-mail and destroy all copies of the original message.
<<image001.gif>>
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
