RE: HSRP [7:74879]

[Andrew Larkins]

Clients will point to the HSRP address as their default gw

-Original Message-
From: Marko Milivojevic [mailto:[EMAIL PROTECTED] 
Sent: 05 September 2003 13:05
To: [EMAIL PROTECTED]
Subject: Re: HSRP [7:74879]


> In the case above, is the client gateway going to be 10.254.0.1 (IP
Address
> of the Active router), which we are currently using, or is it 
> 10.254.0.103 (HSRP IP Address)...

If clients set default gateway to 10.254.0.1, when that router fails,
HSRP won't be of any use. On the other hand, if they set their default
gateway to 10.254.0.103, if any of the two routers is active, they will
still be able to talk to the outside world.


Marko.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74899&t=74879
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: HSRP [7:74879]

[Marko Milivojevic]

> In the case above, is the client gateway going to be 10.254.0.1 (IP
Address
> of the Active router), which we are currently using, or is it 10.254.0.103
> (HSRP IP Address)...

If clients set default gateway to 10.254.0.1, when that router fails,
HSRP won't be of any use. On the other hand, if they set their default
gateway to 10.254.0.103, if any of the two routers is active, they will
still be able to talk to the outside world.


Marko.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74887&t=74879
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: HSRP [7:74879]

[doveletchan]

The default gateway of the client should be 10.254.0.103.


""DW""  &b6l%s
news:[EMAIL PROTECTED] $$ Dear all,
>
> I am slightly confused about the config of HSRP. More specifically it is
the
> client default gateway that is confusing me. I have the following config
for
> redundant Ethernet on Routers 1 / 2:
>
> interface FastEthernet0/1
>
>  ip address 10.254.0.1 255.255.255.0
>
>  duplex auto
>
>  speed auto
>
>  standby timers 3 6
>
>  standby 1 ip 10.254.0.103
>
>  standby 1 priority 255
>
>  standby 1 preempt
>
>  standby 1 authentication 
>
>
>
> interface FastEthernet0/1
>
>  ip address 10.254.0.2 2255.255.0
>
>  duplex auto
>
>  speed auto
>
>  standby timers 3 6
>
>  standby 1 ip 10.254.0.103
>
>  standbriority 200
>
>  standby 1 preempt
>
>  standby 1 authentication 
>
>
>
> In the case above, is the client gateway going to be 10.254.0.1 (IP
Address
> of the Active router), which we are currently using, or is it 10.254.0.103
> (HSRP IP Address)...
>
>
>
> Any help is appreciated,
>
>
>
> Sincerely,
>
>
>
> Derek
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74885&t=74879
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

HSRP [7:74879]

[DW]

Dear all,

I am slightly confused about the config of HSRP. More specifically it is the
client default gateway that is confusing me. I have the following config for
redundant Ethernet on Routers 1 / 2:

interface FastEthernet0/1

 ip address 10.254.0.1 255.255.255.0

 duplex auto

 speed auto

 standby timers 3 6

 standby 1 ip 10.254.0.103

 standby 1 priority 255

 standby 1 preempt

 standby 1 authentication 



interface FastEthernet0/1

 ip address 10.254.0.2 2255.255.0

 duplex auto

 speed auto

 standby timers 3 6

 standby 1 ip 10.254.0.103

 standbriority 200

 standby 1 preempt

 standby 1 authentication 



In the case above, is the client gateway going to be 10.254.0.1 (IP Address
of the Active router), which we are currently using, or is it 10.254.0.103
(HSRP IP Address)...



Any help is appreciated,



Sincerely,



Derek




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74879&t=74879
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: hsrp default route in ospf [7:74017]

[Robert Kimble]

That makes sense.

I managed to find the same answer after doing some reading on Cisco's site.

I appreciate the info.

Thanks Zsombor!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74026&t=74017
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: hsrp default route in ospf [7:74017]

[Zsombor Papp]

Because the HSRP virtual IP address is used only by the directly connected
hosts (as a gateway), not by the remote devices that learn the routes via
OSPF.

Thanks,

Zsombor

Robert Kimble wrote:
> 
> Why would that not make sense?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74025&t=74017
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: hsrp default route in ospf [7:74017]

[Reimer, Fred]

No, that would not make sense.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Robert Kimble [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 15, 2003 9:43 AM
To: [EMAIL PROTECTED]
Subject: hsrp default route in ospf [7:74017]

Howdy all,

I have two 6509's with hsrp running between their msfc's.

OSPF is advertising the ip addresses of interfaces of the routers instead of
the virtual ip that I set up in hsrp.

Since hsrp fails over faster than ospf, I was wondering if there is a way to
have ospf advertise the virtual ip address instead of the interface
addresses?

Any suggestions are much appreciated ;-)
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74022&t=74017
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: hsrp default route in ospf [7:74017]

[Robert Kimble]

Why would that not make sense?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74023&t=74017
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

hsrp default route in ospf [7:74017]

[Robert Kimble]

Howdy all,

I have two 6509's with hsrp running between their msfc's.

OSPF is advertising the ip addresses of interfaces of the routers instead of
the virtual ip that I set up in hsrp.

Since hsrp fails over faster than ospf, I was wondering if there is a way to
have ospf advertise the virtual ip address instead of the interface addresses?

Any suggestions are much appreciated ;-)


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74017&t=74017
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: hsrp and icmp redirects [7:73972]

[[EMAIL PROTECTED]]

How do all incoming routes/gateway branchoffice routes look?

Martijn 

-Oorspronkelijk bericht-
Van: Robert Kimble [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 14 augustus 2003 16:57
Aan: [EMAIL PROTECTED]
Onderwerp: hsrp and icmp redirects [7:73972]


Ok.

I'll try to explain what happened as best as I can.

We have two 6509's each with an msfc and until last night we were only using
the msfc on one of them.

Last night I brought up the second msfc and set up hsrp between the two.

everything worked great here in the office last night. However, this morning
our branch offices had no connectivity to us.

My boss went in and turned off icmp redirects on the vlan interfaces on the
second msfc and everything was fine.

1. I thought icmp redirects were disabled automatically when you configure
hsrp on an interface.

2. How did turning off the redirects fix the problem? (I would ask my boss
but I probably look bad enough).

Any way.

Please let me know if you need more info to answer this question.

-Bobby
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74005&t=73972
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

hsrp and icmp redirects [7:73972]

[Robert Kimble]

Ok.

I'll try to explain what happened as best as I can.

We have two 6509's each with an msfc and until last night we were only using
the msfc on one of them.

Last night I brought up the second msfc and set up hsrp between the two.

everything worked great here in the office last night. However, this morning
our branch offices had no connectivity to us.

My boss went in and turned off icmp redirects on the vlan interfaces on the
second msfc and everything was fine.

1. I thought icmp redirects were disabled automatically when you configure
hsrp on an interface.

2. How did turning off the redirects fix the problem? (I would ask my boss
but I probably look bad enough).

Any way.

Please let me know if you need more info to answer this question.

-Bobby


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73972&t=73972
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

hsrp icmp redirects NEVERMIND [7:73974]

[Robert Kimble]

Wow.

It must've been a late night last night.

I figured out the problem.

It had nothing to do with icmp.

Thank you!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73974&t=73974
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: hsrp and icmp redirects [7:73972]

[YASSER ALY]

Can u provide a simple ascii diagram for your topology including the WAN
connection to reach the remote branches.

>From: "Robert Kimble" > >Ok. > >I'll try to explain what happened as
best as I can. > >We have two 6509's each with an msfc and until last
night we were only using >the msfc on one of them. > >Last night I
brought up the second msfc and set up hsrp between the two. > >everything
worked great here in the office last night. However, this morning >our
branch offices had no connectivity to us. > >My boss went in and turned
off icmp redirects on the vlan interfaces on the >second msfc and
everything was fine. > >1. I thought icmp redirects were disabled
automatically when you configure >hsrp on an interface. > >2. How did
turning off the redirects fix the problem? (I would ask my boss >but I
probably look bad enough). > >Any way. > >Please let me know if you need
GroupStudy by purchasing from the GroupStudy Store:
>http://shop.groupstudy.com >FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html



Add photos to your messages with MSN 8. Get 2 months FREE*.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73978&t=73972
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: HSRP + ARP Problem [7:73098]

[Reimer, Fred]

There is a known issue in some switches (6500's running hybrid mode) where
the CEF adjacencies are not populated correctly.  We've seen issues with
pings and ARP between MSFC's.  Possibly the 2950's have a similar issue...

Fred Reimer - CCNA

Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050

NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Henrique Issamu Terada [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 28, 2003 12:28 PM
To: [EMAIL PROTECTED]
Subject: RES: HSRP + ARP Problem [7:73098]

maybe something in the switch . . . 
are both routers active , noone in standby ?

> _ 
> Henrique Issamu Terada, CCIE # 7460
> IT Support - Open Network
> CPM S.A. - Tecnologia criando valor 
> Tel.: 55 11 4196-0710
> Fax: 55 11 4196-0900
> [EMAIL PROTECTED]
> www.cpm.com.br
> --
> ---
> Esta mensagem pode conter informagco confidencial e/ou privilegiada.  Se
> vocj nco for o destinatario ou a pessoa autorizada a receber esta
> mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas
> ou tomar qualquer agco baseada nessas informagues.  Se vocj recebeu esta
> mensagem por engano, por favor avise imediatamente o remetente,
> respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. 
> 
> This message may contain confidential and/or privileged information. If
> you are not the addressee or authorized to receive this for the addressee,
> you must not use, copy,  disclose or take any action based on this message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
> 
> 
> -Mensagem original-
> De:   [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]
> Enviada em:   segunda-feira, 28 de julho de 2003 10:58
> Para: [EMAIL PROTECTED]
> Assunto:  RE: HSRP + ARP Problem [7:73098]
> 
> Try
> 
> Where they also give you an alternative to use the burned HW in-address
> instead of a virtual HW address.
> 
> http://www.cisco.com/warp/public/473/62.pdf
> 
> Martijn Jansen
> 
> 
> -Oorspronkelijk bericht-
> Van: Tim Champion [mailto:[EMAIL PROTECTED]
> Verzonden: maandag 28 juli 2003 13:35
> Aan: [EMAIL PROTECTED]
> Onderwerp: HSRP + ARP Problem [7:73098]
> 
> 
> Bit of a strange one this. We have 2 7206 routers running HSRP that are
> support by our telecoms provider. The fast ethernet interface of each is
> connected into our 2950 along with a firewall.
> 
> From the switch, or firewall, I can ping either of the 'real' ip addresses
> but not the virtual address. I have used debug arp and seen the arp
> request
> go out for the virtual address (the telco has done the same and see's the
> request come in) but there is no reply. If we configure a static arp entry
> it all works fine.
> 
> Anyone ever experienced anything like this???
> 
> Many thanks
> 
> 
> Tim
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.504 / Virus Database: 302 - Release Date: 24/07/2003
>  
> 
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.504 / Virus Database: 302 - Release Date: 24/07/2003




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73172&t=73098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RES: HSRP + ARP Problem [7:73098]

[Henrique Issamu Terada]

maybe something in the switch . . . 
are both routers active , noone in standby ?

> _ 
> Henrique Issamu Terada, CCIE # 7460
> IT Support - Open Network
> CPM S.A. - Tecnologia criando valor 
> Tel.: 55 11 4196-0710
> Fax: 55 11 4196-0900
> [EMAIL PROTECTED]
> www.cpm.com.br
> --
> ---
> Esta mensagem pode conter informagco confidencial e/ou privilegiada.  Se
> vocj nco for o destinatario ou a pessoa autorizada a receber esta
> mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas
> ou tomar qualquer agco baseada nessas informagues.  Se vocj recebeu esta
> mensagem por engano, por favor avise imediatamente o remetente,
> respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. 
> 
> This message may contain confidential and/or privileged information. If
> you are not the addressee or authorized to receive this for the addressee,
> you must not use, copy,  disclose or take any action based on this message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
> 
> 
> -Mensagem original-
> De:   [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]
> Enviada em:   segunda-feira, 28 de julho de 2003 10:58
> Para: [EMAIL PROTECTED]
> Assunto:  RE: HSRP + ARP Problem [7:73098]
> 
> Try
> 
> Where they also give you an alternative to use the burned HW in-address
> instead of a virtual HW address.
> 
> http://www.cisco.com/warp/public/473/62.pdf
> 
> Martijn Jansen
> 
> 
> -Oorspronkelijk bericht-
> Van: Tim Champion [mailto:[EMAIL PROTECTED]
> Verzonden: maandag 28 juli 2003 13:35
> Aan: [EMAIL PROTECTED]
> Onderwerp: HSRP + ARP Problem [7:73098]
> 
> 
> Bit of a strange one this. We have 2 7206 routers running HSRP that are
> support by our telecoms provider. The fast ethernet interface of each is
> connected into our 2950 along with a firewall.
> 
> From the switch, or firewall, I can ping either of the 'real' ip addresses
> but not the virtual address. I have used debug arp and seen the arp
> request
> go out for the virtual address (the telco has done the same and see's the
> request come in) but there is no reply. If we configure a static arp entry
> it all works fine.
> 
> Anyone ever experienced anything like this???
> 
> Many thanks
> 
> 
> Tim
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.504 / Virus Database: 302 - Release Date: 24/07/2003
>  
> 
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.504 / Virus Database: 302 - Release Date: 24/07/2003




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73109&t=73098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP + ARP Problem [7:73098]

[[EMAIL PROTECTED]]

Could you debug HSRP for us?

Thought DEBUG STANDBY should do it.


Cisco 7200/7500 with PA-2FEISL
 HSRP gets stuck in init state on PA-2FEISL module in 7200/7500.
 CSCdr01156 (registered customers only)
 software upgrade; see bug for revision details
 Reset the interface using the shutdown and no shutdown commands
 


 
SB: Ethernet0 state Virgin -> Listen
SB: Starting up hot standby process
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB: Ethernet0 state Listen -> Speak
SB:Ethernet0 Hello out 192.168.72.20 Speak pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello out 192.168.72.20 Speak pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello out 192.168.72.20 Speak pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB: Ethernet0 state Speak -> Standby
SB:Ethernet0 Hello out 192.168.72.20 Standby pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello out 192.168.72.20 Standby pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello out 192.168.72.20 Standby pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Active pri 90 hel 3 hol 10 ip
192.168.72.29
SB: Ethernet0 Coup out 192.168.72.20 Standby pri 100 hel 3 hol 10 ip
192.168.72.29
SB: Ethernet0 state Standby -> Active
SB:Ethernet0 Hello out 192.168.72.20 Active pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Speak pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello out 192.168.72.20 Active pri 100 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello in 192.168.72.21 Speak pri 90 hel 3 hol 10 ip
192.168.72.29
SB:Ethernet0 Hello out 192.168.72.20 Active pri 100 hel 3 hol 10 ip
192.168.72.29
 

Martijn Jansen


-Oorspronkelijk bericht-
Van: Tim Champion [mailto:[EMAIL PROTECTED]
Verzonden: maandag 28 juli 2003 13:35
Aan: [EMAIL PROTECTED]
Onderwerp: HSRP + ARP Problem [7:73098]


Bit of a strange one this. We have 2 7206 routers running HSRP that are
support by our telecoms provider. The fast ethernet interface of each is
connected into our 2950 along with a firewall.

>From the switch, or firewall, I can ping either of the 'real' ip addresses
but not the virtual address. I have used debug arp and seen the arp request
go out for the virtual address (the telco has done the same and see's the
request come in) but there is no reply. If we configure a static arp entry
it all works fine.

Anyone ever experienced anything like this???

Many thanks


Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73100&t=73098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP + ARP Problem [7:73098]

[[EMAIL PROTECTED]]

Try

Where they also give you an alternative to use the burned HW in-address
instead of a virtual HW address.

http://www.cisco.com/warp/public/473/62.pdf

Martijn Jansen


-Oorspronkelijk bericht-
Van: Tim Champion [mailto:[EMAIL PROTECTED]
Verzonden: maandag 28 juli 2003 13:35
Aan: [EMAIL PROTECTED]
Onderwerp: HSRP + ARP Problem [7:73098]


Bit of a strange one this. We have 2 7206 routers running HSRP that are
support by our telecoms provider. The fast ethernet interface of each is
connected into our 2950 along with a firewall.

>From the switch, or firewall, I can ping either of the 'real' ip addresses
but not the virtual address. I have used debug arp and seen the arp request
go out for the virtual address (the telco has done the same and see's the
request come in) but there is no reply. If we configure a static arp entry
it all works fine.

Anyone ever experienced anything like this???

Many thanks


Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73101&t=73098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP + ARP Problem [7:73098]

[Tim Champion]

Bit of a strange one this. We have 2 7206 routers running HSRP that are
support by our telecoms provider. The fast ethernet interface of each is
connected into our 2950 along with a firewall.

>From the switch, or firewall, I can ping either of the 'real' ip addresses
but not the virtual address. I have used debug arp and seen the arp request
go out for the virtual address (the telco has done the same and see's the
request come in) but there is no reply. If we configure a static arp entry
it all works fine.

Anyone ever experienced anything like this???

Many thanks


Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73098&t=73098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame-relay & HSRP [7:72166]

[Salvatore De Luca]

Ahh yes.. you can do this also.. pending you have 12.0(5)T or later. The
only issue with that is you might want to modify the "frame-relay end-to-end
keepalive timer" As you stated, Within the 15 second intervals x3 you are
looking at a good 45 seconds before the WAN interface goes down down ,plus
another 10 for the HSRP holdtimer.


mccloud mike wrote:
> 
> I have seen this problem before with frame. LMI being local to
> the frame switch means the interface does not go down and
> backups routes do not kick in. One way to overcome this is to
> monitor layer 2 by using the “frame-relay end-to-end
> keepalive mode bidirectional” command within a map class
> on both sides. This command sends a keepalive every 15 seconds,
> if 3 are missed the interface will change to down/down even
> though the interface is receiving LMI from the frame switch. I
> hope this helps.
> 
> Mike 
> 
> 
> Masaru Umetsu wrote:
> > 
> > Dear all
> > 
> > I have a question about frame-relay. Network Diagram is below.
> > 
> > R1* *  *R3
> > | * FR * |
> > R2* *  *R4
> > 
> > I configured a HSRP between R1 and R2, R3 and R4.
> > R1,R3 are Active router.(R2,R4 are Standby router)
> > And I configured standby track in a Wan side of R1,R3.
> > 
> > When I disabled(shutdown the interface) the serial0/0 of R1 ,
> > then R2 became Active router. It's ok.
> > But R3 didn't detect a down of Wan side,so serial0/0 of R3 is
> > up-up.
> > Therefore,I can't send a data between R2 and R4.
> > Regarding Frame-relay configuration, I configured frame-relay
> in
> > main-interface. Is it a mechanism of Frame-relay in
> > main-interface ?
> > I don't know in detail. Should I use sub-interface &
> > point-2-point
> > definition in frame-relay to use HSRP standby track ? Please
> > explain me
> > about this problem.
> > 
> > 
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72218&t=72166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame-relay & HSRP [7:72166]

[mccloud mike]

I have seen this problem before with frame. LMI being local to the frame
switch means the interface does not go down and backups routes do not kick
in. One way to overcome this is to monitor layer 2 by using the
“frame-relay end-to-end keepalive mode bidirectional” command
within a map class on both sides. This command sends a keepalive every 15
seconds, if 3 are missed the interface will change to down/down even though
the interface is receiving LMI from the frame switch. I hope this helps.

Mike 


Masaru Umetsu wrote:
> 
> Dear all
> 
> I have a question about frame-relay. Network Diagram is below.
> 
> R1* *  *R3
> | * FR * |
> R2* *  *----R4
> 
> I configured a HSRP between R1 and R2, R3 and R4.
> R1,R3 are Active router.(R2,R4 are Standby router)
> And I configured standby track in a Wan side of R1,R3.
> 
> When I disabled(shutdown the interface) the serial0/0 of R1 ,
> then R2 became Active router. It's ok.
> But R3 didn't detect a down of Wan side,so serial0/0 of R3 is
> up-up.
> Therefore,I can't send a data between R2 and R4.
> Regarding Frame-relay configuration, I configured frame-relay in
> main-interface. Is it a mechanism of Frame-relay in
> main-interface ?
> I don't know in detail. Should I use sub-interface &
> point-2-point
> definition in frame-relay to use HSRP standby track ? Please
> explain me
> about this problem.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72214&t=72166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Re[2]: Frame-relay & HSRP [7:72166]

[Salvatore De Luca]

Masaru, 

  The main importance of the physical "main" interface configuration in
frame-relay is to set your encapsulation and or/LMI-Type if you use ANSI or
Q.933a, the default of CISCO is already set for you, and you do not need to
manually configure it either unless you have disabled inverse-arp. The
scenario I gave you resolves your issue with HSRP and the UP UP situation
for standby tracking. You want to generate a UP Down situation so you have a
true failover, which your current configuration cannot provide.. at least I
am not aware of another way. The advantage to sub-interfaces which include
scalability, dlci prioritization, and your little HSRP problem are just a
few the the added values of doing it.. You will always need the Physical
Interface configuration for Layer 2 capabilities, but the layer 3 can be
done on a sub-interface level where you will also specify your local dlci
information. In your setup you would want to use point-to-point links since
your not in a Hub-and-Spoke or Full-Mesh design, where you need multipoint
connections.If you use a subinterface.. and your link to R1 goes down, you
will generate an UP DOWN on R3's subinterface where if you track that
subinterface in HSRP, it will fail over to R4. Here is a URL that may help
anything I missed.. the Cisco DOC CD is a valuable source of information on
this kind of stuff.. You may also want to thoroughly read through Chapter 4
of Caslow/Pavlichenko's:Bridges, routers, and Switches for CCIE's. They
explain the different uses of Frame-relay pretty well.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/wan_c/wcdfrely.htm#31757

All the Best!
Sal


Masaru Umetsu wrote:
> 
> Thanks Salvatore.
> 
> As a resolution, is it only to change the configuration from
> main-interface to sub-interface p2p$B!)(B
> If it is only sub-interface p2p, when and how should I use
> main-interface frame-relay configuration ? Don't you usually
> use main-interface
> frame-relay configuration ?
> Is there any solution by using current(main-interface)
> configuration to
> resolve my problem ?
> If there's something good to see, please let me know the URL or
> book.
> 
> Thanks.
> 
> On Sat, 12 Jul 2003 02:58:51 GMT
> "Salvatore De Luca"  wrote:
> 
> nobody> When you have a FR connection, you have a dedicated
> circuit to your provider
> nobody> which then on taps into the frame cloud. So consider it
> alomost like a
> nobody> point-to-point link to your local Carrier and then from
> there you connect
> nobody> within the providers Frame Switch into their Frame
> Relay cloud. Now, when
> nobody> you shutdown R1's Wan interface your HSRP failed over
> fine. The reason that
> nobody> R3 was showing Up Up was that your circuit to your
> carrier from R3 did not
> nobody> go down and it stil exhanges LMI with R3's Physical
> interface, your PVC
> nobody> should have been showing INACTIVE at this point though.
> I would recommend
> nobody> using point-to-point subinterfaces on your FR WAN
> connections. When you do
> nobody> this and then shut down one end of the link the line
> protocol on the
> nobody> sub-interface of R3 would go "UP DOWN" and if you then
> track the
> nobody> SUB-Interface, you should have a successful failover
> for the "Standby Track"
> nobody> command on R3. Currently, you have outboud traffic
> going out R2 --->R4 and
> nobody> return traffic going to the Active HSRP router "R3"
> then dropping packets
> nobody> because your PVC is INACTIVE and you are in an UP UP
> state..
> nobody> 
> nobody> You have successfully achieved Asymetrical routing.. :(
> nobody> 
> nobody> Until your Interface Line protocol Drops in an "UP
> DOWN" state on R3's WAN
> nobody> interface.. then Standby Interface tracking wont do
> anything..
> nobody> 
> nobody> 
> nobody> Masaru Umetsu wrote:
> nobody> > 
> nobody> > Dear all
> nobody> > 
> nobody> > I have a question about frame-relay. Network Diagram
> is below.
> nobody> > 
> nobody> > R1* *  *R3
> nobody> > | * FR * |
> nobody> > R2* *  *R4
> nobody> > 
> nobody> > I configured a HSRP between R1 and R2, R3 and R4.
> nobody> > R1,R3 are Active router.(R2,R4 are Standby router)
> nobody> > And I configured standby track in a Wan side of R1,R3.
> nobody> > 
> nobody> > When I disabled(shutdown the interface) the serial0/0
> of R1 ,
> nobody> > then R2 became Active router. It's ok.
> nobody> > But R3 didn't detect a down of Wan side,so serial0/0
> o

Re[2]: Frame-relay & HSRP [7:72166]

[Masaru Umetsu]

Thanks Salvatore.

As a resolution, is it only to change the configuration from
main-interface to sub-interface p2p$B!)(B
If it is only sub-interface p2p, when and how should I use
main-interface frame-relay configuration ? Don't you usually use
main-interface
frame-relay configuration ?
Is there any solution by using current(main-interface) configuration to
resolve my problem ?
If there's something good to see, please let me know the URL or book.

Thanks.

On Sat, 12 Jul 2003 02:58:51 GMT
"Salvatore De Luca"  wrote:

nobody> When you have a FR connection, you have a dedicated circuit to your
provider
nobody> which then on taps into the frame cloud. So consider it alomost like
a
nobody> point-to-point link to your local Carrier and then from there you
connect
nobody> within the providers Frame Switch into their Frame Relay cloud. Now,
when
nobody> you shutdown R1's Wan interface your HSRP failed over fine. The
reason that
nobody> R3 was showing Up Up was that your circuit to your carrier from R3
did not
nobody> go down and it stil exhanges LMI with R3's Physical interface, your
PVC
nobody> should have been showing INACTIVE at this point though. I would
recommend
nobody> using point-to-point subinterfaces on your FR WAN connections. When
you do
nobody> this and then shut down one end of the link the line protocol on the
nobody> sub-interface of R3 would go "UP DOWN" and if you then track the
nobody> SUB-Interface, you should have a successful failover for the
"Standby Track"
nobody> command on R3. Currently, you have outboud traffic going out R2
--->R4 and
nobody> return traffic going to the Active HSRP router "R3" then dropping
packets
nobody> because your PVC is INACTIVE and you are in an UP UP state..
nobody> 
nobody> You have successfully achieved Asymetrical routing.. :(
nobody> 
nobody> Until your Interface Line protocol Drops in an "UP DOWN" state on
R3's WAN
nobody> interface.. then Standby Interface tracking wont do anything..
nobody> 
nobody> 
nobody> Masaru Umetsu wrote:
nobody> > 
nobody> > Dear all
nobody> > 
nobody> > I have a question about frame-relay. Network Diagram is below.
nobody> > 
nobody> > R1* *  *R3
nobody> > | * FR * |
nobody> > R2* *  *R4
nobody> > 
nobody> > I configured a HSRP between R1 and R2, R3 and R4.
nobody> > R1,R3 are Active router.(R2,R4 are Standby router)
nobody> > And I configured standby track in a Wan side of R1,R3.
nobody> > 
nobody> > When I disabled(shutdown the interface) the serial0/0 of R1 ,
nobody> > then R2 became Active router. It's ok.
nobody> > But R3 didn't detect a down of Wan side,so serial0/0 of R3 is
nobody> > up-up.
nobody> > Therefore,I can't send a data between R2 and R4.
nobody> > Regarding Frame-relay configuration, I configured frame-relay in
nobody> > main-interface. Is it a mechanism of Frame-relay in
nobody> > main-interface ?
nobody> > I don't know in detail. Should I use sub-interface &
nobody> > point-2-point
nobody> > definition in frame-relay to use HSRP standby track ? Please
nobody> > explain me
nobody> > about this problem.
nobody> > 
nobody> > 
nobody> 
nobody> 
nobody> 
nobody>




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72171&t=72166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame-relay & HSRP [7:72166]

[Salvatore De Luca]

When you have a FR connection, you have a dedicated circuit to your provider
which then on taps into the frame cloud. So consider it alomost like a
point-to-point link to your local Carrier and then from there you connect
within the providers Frame Switch into their Frame Relay cloud. Now, when
you shutdown R1's Wan interface your HSRP failed over fine. The reason that
R3 was showing Up Up was that your circuit to your carrier from R3 did not
go down and it stil exhanges LMI with R3's Physical interface, your PVC
should have been showing INACTIVE at this point though. I would recommend
using point-to-point subinterfaces on your FR WAN connections. When you do
this and then shut down one end of the link the line protocol on the
sub-interface of R3 would go "UP DOWN" and if you then track the
SUB-Interface, you should have a successful failover for the "Standby Track"
command on R3. Currently, you have outboud traffic going out R2 --->R4 and
return traffic going to the Active HSRP router "R3" then dropping packets
because your PVC is INACTIVE and you are in an UP UP state..

You have successfully achieved Asymetrical routing.. :(

Until your Interface Line protocol Drops in an "UP DOWN" state on R3's WAN
interface.. then Standby Interface tracking wont do anything..


Masaru Umetsu wrote:
> 
> Dear all
> 
> I have a question about frame-relay. Network Diagram is below.
> 
> R1----* *  *R3
> | * FR * |
> R2* *  *R4
> 
> I configured a HSRP between R1 and R2, R3 and R4.
> R1,R3 are Active router.(R2,R4 are Standby router)
> And I configured standby track in a Wan side of R1,R3.
> 
> When I disabled(shutdown the interface) the serial0/0 of R1 ,
> then R2 became Active router. It's ok.
> But R3 didn't detect a down of Wan side,so serial0/0 of R3 is
> up-up.
> Therefore,I can't send a data between R2 and R4.
> Regarding Frame-relay configuration, I configured frame-relay in
> main-interface. Is it a mechanism of Frame-relay in
> main-interface ?
> I don't know in detail. Should I use sub-interface &
> point-2-point
> definition in frame-relay to use HSRP standby track ? Please
> explain me
> about this problem.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72168&t=72166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Frame-relay & HSRP [7:72166]

[Masaru Umetsu]

Dear all

I have a question about frame-relay. Network Diagram is below.

R1* *  *R3
| * FR * |
R2* *  *R4

I configured a HSRP between R1 and R2, R3 and R4.
R1,R3 are Active router.(R2,R4 are Standby router)
And I configured standby track in a Wan side of R1,R3.

When I disabled(shutdown the interface) the serial0/0 of R1 ,
then R2 became Active router. It's ok.
But R3 didn't detect a down of Wan side,so serial0/0 of R3 is up-up.
Therefore,I can't send a data between R2 and R4.
Regarding Frame-relay configuration, I configured frame-relay in
main-interface. Is it a mechanism of Frame-relay in main-interface ?
I don't know in detail. Should I use sub-interface & point-2-point
definition in frame-relay to use HSRP standby track ? Please explain me
about this problem.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72166&t=72166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and IPSEC VPN [7:72034]

[MADMAN]

If router A anb B share an ethernet then sure HSRP was designed 
exactly for this scenerio

   Dave

Dain Deutschman wrote:
> Hi,
> 
> Does anyone know if HSRP would be appropriate in the following scenario?
> 
> ROUTERA with T1 to corporate office
> 
> ROUTERB with IPSEC VPN to Corporate only used as a backup path in case the
> T1 on ROUTERA fails
> 
> 
> Is there any reason that this will not work or has anyone had experience
> with this type of situation?


-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"Government can do something for the people only in proportion as it
can do something to the people." -- Thomas Jefferson




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72037&t=72034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and IPSEC VPN [7:72034]

[Dain Deutschman]

..that's what I thought...just needed a sanity check!

Thanks!


""MADMAN""  wrote in message
news:[EMAIL PROTECTED]
> If router A anb B share an ethernet then sure HSRP was designed
> exactly for this scenerio
>
>Dave
>
> Dain Deutschman wrote:
> > Hi,
> >
> > Does anyone know if HSRP would be appropriate in the following scenario?
> >
> > ROUTERA with T1 to corporate office
> >
> > ROUTERB with IPSEC VPN to Corporate only used as a backup path in case
the
> > T1 on ROUTERA fails
> >
> >
> > Is there any reason that this will not work or has anyone had experience
> > with this type of situation?
>
>
> -- 
> David Madland
> CCIE# 2016
> Sr. Network Engineer
> Qwest Communications
> 612-664-3367
>
> "Government can do something for the people only in proportion as it
> can do something to the people." -- Thomas Jefferson




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72039&t=72034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP and IPSEC VPN [7:72034]

[Dain Deutschman]

Hi,

Does anyone know if HSRP would be appropriate in the following scenario?

ROUTERA with T1 to corporate office

ROUTERB with IPSEC VPN to Corporate only used as a backup path in case the
T1 on ROUTERA fails


Is there any reason that this will not work or has anyone had experience
with this type of situation?
-- 
Dain Deutschman
CCNP, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72034&t=72034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Extended object tracking.used with HSRP... queries [7:71567]

[Divakaran Ullampuzhamana]

Hi,
  I have a query regarding Extended object tracking used in HSRP.

Scenario:- We have two IPLCs , each connected to an MGX 8850 at each end.
The MGX 8850s have a FRSM card which is connected to Cisco3745 routers
running IOS ver 12.2(15)T, by back to back DTE-DCE cable combination. We
have configured HSRP between the two routers at each end.Static routes are
used to route data between the networks.No dyanmic protocols are used due
to customer regulations.

   Router1 Router 3
- HSRP
--
  | |
  | |
  | |


|   MGX 8850  | |   MGX 8850  |


  | |
  | |
  |IPLC |IPLC
  | |
  -
|  MGX 8850 |   |   MGX 8850|
  -
  | |
  | |
  | |
--HSRP-
Router 2   Router 4








Objective:-We would like the HSRP to recognise a IPLC failure and switch to
the alternate path in case of IPLC failure.

Problems:- When we use the normal HSRP command (standby 1 track serial 0/0
) to track the serial inerface, the serial interface is unable to
recongnise that the IPLC is down. It shows both serial interface and line
protocol up even when the IPLC connected to the MGX8850 is down. So inorder
to overcome this problem we configured the extended object tracking to
track the Ip route reachability.But even after this , the track command in
unable to switch the HSRP router when the link goes down.

Show track 100
command show that
Ip reachability UP (static).

Queries:--
  Does this mean that the IP reachability tracking will not work with
static routes?

What could be other suggestions to overcome this problem.

Can we create loop back interfaces in the four routers and then enable RIP
among them, and make HSRP track the ip route reachability to the loopback
interface from the remote end?

Any inputs would be valuable...


regards
Diva.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71567&t=71567
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Routers and HSRP [7:70285]

[Ben W]

You can do HSRP with different models.  Don't need to be the same model of
router.

Robert Perez wrote:
> 
> Does anybody see an issue setting up HSRP to work with a 3725
> and 7206 rtr
> or do the routers have to be the same model?
> 
> For example,
> DS-3 pipe in the 7206 
> and
> 4 T-1's in the 3725 
> T-1's for failover with BGP on all the pipes including ds-3
> 
> or would I need either two 7206's or 3725's??
> 
> thx..
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=70286&t=70285
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Routers and HSRP [7:70285]

[Robert Perez]

Does anybody see an issue setting up HSRP to work with a 3725 and 7206 rtr
or do the routers have to be the same model?

For example,
DS-3 pipe in the 7206 
and
4 T-1's in the 3725 
T-1's for failover with BGP on all the pipes including ds-3

or would I need either two 7206's or 3725's??

thx..




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=70285&t=70285
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Gratuitous ARP and HSRP [7:65633]

[ericbrouwers]

Priscilla,

> The Gratuitous ARP fixes the MAC address tables on switches. Isn't that
> explained in any Cisco docs? It has to work that way it seems to me.
>

I think you're right. I never thought about it in this way. Neither seen an
explanation in any book.

Thanks,

Eric


- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: Wednesday, March 19, 2003 1:37 AM
Subject: Re: Gratuitous ARP and HSRP [7:65633]


> ericbrouwers wrote:
> >
> > It is indeed related to the command "use-bia". Here's a section
> > from the doc
>
> An HSRP router using Gratuitous ARP isn't just related to switches that
have
> to use a BIA. Unfortunately, most descriptions of HSRP, including ones I
> have written myself, assume two routers on a shared old-style Ethernet.
> Remember HSRP has been around for a long time!
>
> But consider this typical modern campus network design that GroupStudy
> posting software hopefully won't totally munge:
>
> R1   R2
>  |   |
>  |   |
> Sw1--Sw2
>  ||
> PC1   PC2
>
> Let's say the routers have chosen a virtual HSRP address of 10.0.0.1 for
> HSRP Group 1. The virtual MAC address is .0c07.ac01.
>
> PC1 broadcasts an ARP looking for 10.0.0.1 and R1 is the active router. R1
> sends back a unicast ARP reply.
>
> Sw1 picks up that .0c07.ac01 is reachable via the port at the top of
SW1
> in the drawing.
>
> When PC2 broadcast an ARP, the reply will travel from Sw1 to Sw2 to PC2.
So
> Sw2 picks up that the .0c07.ac01 address is reachable via the port to
> the left of Sw2 in the drawing. Sorry, if that's too confusing, but I
don't
> want to waste time doing a good drawing with port numbers that will just
get
> munged anyway.
>
> Now R2 stops hearing from R1 and takes over as the active HSRP router. R2
> must send a Gratuitous ARP broadcast so that Sw1 and Sw2 change their MAC
> address tables. Now the virtual MAC address .0c07.ac01 is reachable on
> Sw1 on its port that is shown to the right of Sw1 in the drawing.
>
> On Sw2, the .0c07.ac01 address is reachable from its port at the top
of
> the drawing.
>
> The Gratuitous ARP fixes the MAC address tables on switches. Isn't that
> explained in any Cisco docs? It has to work that way it seems to me.
>
>
> > "Hot Standby Router Protocol Features and Functionality" that
> > was suggested
> > by Daniel:
> >
> > However, the usebbia command has several disadvantages:
> > - When a router becomes active, the virtual IP address is moved
> > to a
> > different MAC address. The newly
> > active router sends a gratuitous ARP response, but not all host
> > implementations handle the gratuitous
> > ARP correctly.
>
> That may be true, but it's not meant to say that this is the only case
where
> the Gratuitous ARP is needed. It's needed for the general case too, from
> what I understand.
>
> Most host implementations do handle the Gratuitous ARP correctly, by the
> way. In fact, this is open to an infamous man-in-the-middle security
> vulnerability, sometimes misnamed as "ARP sniffing." An attacker can send
a
> Gratuitous ARP claiming to be the default gateway. Now all traffic
destined
> for another network goes to the attacker's machine! The attacker's machine
> can use the info, but also better forward the traffic, or it will also be
a
> denial-of-service attack.
>
> > > - Original Message -
> > > From: ericbrouwers
> > > Date: Tuesday, March 18, 2003 1:24 am
> > > Subject: Gratuitous ARP and HSRP [7:65633]
> > >
> > > > Hello all,
> > > >
> > > > I've read in the CCNP Switching Exam Cert. Guide that a
> > standby
> > > > router that
> > > > becomes active in an HSRP group, sends a gratuitous ARP to
> > update
> > > > the ARP
> > > > cache of the end stations with the new active MAC address...
> > > >
> > > > This is strange, since the same virtual MAC address is used
> > by
> > > > active and
> > > > standby HSRP routers.
> > > >
> > > > However, maybe Cisco's implementation has once been like
> > this,
> > > > because I've
> > > > seen instances in the field that ARP caches contained the
> > real MAC
> > > > instead of
> > > > the virtual MAC address when using HSRP.
>
> Seeing the real MAC address is probably a different problem. You could see
> it if the router was at one point using the virtual address on a real
> interface. For example,

RE: Gratuitous ARP and HSRP [7:65633]

[Priscilla Oppenheimer]

ericbrouwers wrote:
> 
> 
snip

> I've
> seen instances in the field that ARP caches contained the real
> MAC instead of
> the virtual MAC address when using HSRP.

One more comment on seeing the router's real MAC address. 

It might interest you to know that, at least on my routers, the ARP reply
from the router, after a host tries to find its default gateway (the virtual
router), does actually come from the router's real MAC address at the
data-link layer. At the ARP layer, the virtual router puts the virtual MAC
address in the ARP reply, but at the Ethernet layer it puts its real
address. This could cause the real MAC address to end up in the ARP cache,
at least temporarily.

In the following example 00:00:0C:05:3E:80 is the router's real MAC address.
Note that the router uses it as the source address. However, the ARP payload
of the frame shows the virtual MAC address, 00:00:0C:07:AC:00.

10.10.0.3 is the virtual IP. It was PC 00:00:0E:D5:C7:E7 (10.10.0.10) who
sent the ARP looking for the default gateway that resulted in this ARP reply:

Ethernet Header
  Destination:  00:00:0E:D5:C7:E7
  Source:   00:00:0C:05:3E:80
  Protocol Type:0x0806  IP ARP
ARP - Address Resolution Protocol
  Hardware: 1  Ethernet (10Mb)
  Protocol: 0x0800  IP
  Hardware Address Length:6
  Protocol Address Length:4
  Operation:2  ARP Response
  Sender Hardware Address:00:00:0C:07:AC:00
  Sender Internet Address:10.10.0.3
  Target Hardware Address:00:00:0E:D5:C7:E7
  Target Internet Address:10.10.0.10


Isn't that weird? The PC does the right thing though and sends the actual
packet (after the ARP) to 00:00:0C:07:AC:00.

A reply comes back through the router and the router uses the virtual MAC
address 00:00:0C:07:AC:00 in the source Ethernet address of that reply. Good
thing. Otherwise switches wouldn't ever pick up the port to use for
00:00:0C:07:AC:00.

HSRP is much more complicated than the simple descriptions make it sound!

Do some sniffing of it to see how it really works (and how easy it is to
hack, by the way.)
___

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com





> 
> Can someone give comments on this?
> 
> Thanks,
> 
> Eric Brouwers
> [EMAIL PROTECTED]
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65710&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Gratuitous ARP and HSRP [7:65633]

[Priscilla Oppenheimer]

So, it did munge the picture, at least in the Web posting. Please know that
R2 and PC2 are connected to Sw2.

The Web posting software changes multiple spaces to one. But I have noticed
that if you use the Quote button, the "picture" that it puts in the box has
the spaces. So you can do that to see it better. (But don't hit the Post
button unless you really have something to say. That's a mistake I make all
the time. The Quote and Post buttons are too close together for someone with
no hand-eye coordination. ;-)

Perhaps the picture didn't get munged for those of you reading it via mail
or news.

Priscilla

Priscilla Oppenheimer wrote:
> 
> ericbrouwers wrote:
> > 
> > It is indeed related to the command "use-bia". Here's a
> section
> > from the doc
> 
> An HSRP router using Gratuitous ARP isn't just related to
> switches that have to use a BIA. Unfortunately, most
> descriptions of HSRP, including ones I have written myself,
> assume two routers on a shared old-style Ethernet. Remember
> HSRP has been around for a long time!
> 
> But consider this typical modern campus network design that
> GroupStudy posting software hopefully won't totally munge:
> 
> R1   R2
>  |   |
>  |   |
> Sw1--Sw2
>  ||
> PC1   PC2
> 
> Let's say the routers have chosen a virtual HSRP address of
> 10.0.0.1 for HSRP Group 1. The virtual MAC address is
> .0c07.ac01.
> 
> PC1 broadcasts an ARP looking for 10.0.0.1 and R1 is the active
> router. R1 sends back a unicast ARP reply.
> 
> Sw1 picks up that .0c07.ac01 is reachable via the port at
> the top of SW1 in the drawing.
> 
> When PC2 broadcast an ARP, the reply will travel from Sw1 to
> Sw2 to PC2. So Sw2 picks up that the .0c07.ac01 address is
> reachable via the port to the left of Sw2 in the drawing.
> Sorry, if that's too confusing, but I don't want to waste time
> doing a good drawing with port numbers that will just get
> munged anyway.
> 
> Now R2 stops hearing from R1 and takes over as the active HSRP
> router. R2 must send a Gratuitous ARP broadcast so that Sw1 and
> Sw2 change their MAC address tables. Now the virtual MAC
> address .0c07.ac01 is reachable on Sw1 on its port that is
> shown to the right of Sw1 in the drawing.
> 
> On Sw2, the .0c07.ac01 address is reachable from its port
> at the top of the drawing.
> 
> The Gratuitous ARP fixes the MAC address tables on switches.
> Isn't that explained in any Cisco docs? It has to work that way
> it seems to me.
> 
> 
> > "Hot Standby Router Protocol Features and Functionality" that
> > was suggested
> > by Daniel:
> > 
> > However, the usebbia command has several disadvantages:
> > - When a router becomes active, the virtual IP address is
> moved
> > to a
> > different MAC address. The newly
> > active router sends a gratuitous ARP response, but not all
> host
> > implementations handle the gratuitous
> > ARP correctly.
> 
> That may be true, but it's not meant to say that this is the
> only case where the Gratuitous ARP is needed. It's needed for
> the general case too, from what I understand.
> 
> Most host implementations do handle the Gratuitous ARP
> correctly, by the way. In fact, this is open to an infamous
> man-in-the-middle security vulnerability, sometimes misnamed as
> "ARP sniffing." An attacker can send a Gratuitous ARP claiming
> to be the default gateway. Now all traffic destined for another
> network goes to the attacker's machine! The attacker's machine
> can use the info, but also better forward the traffic, or it
> will also be a denial-of-service attack.
> 
> > > - Original Message -
> > > From: ericbrouwers
> > > Date: Tuesday, March 18, 2003 1:24 am
> > > Subject: Gratuitous ARP and HSRP [7:65633]
> > >
> > > > Hello all,
> > > >
> > > > I've read in the CCNP Switching Exam Cert. Guide that a
> > standby
> > > > router that
> > > > becomes active in an HSRP group, sends a gratuitous ARP to
> > update
> > > > the ARP
> > > > cache of the end stations with the new active MAC
> address...
> > > >
> > > > This is strange, since the same virtual MAC address is
> used
> > by
> > > > active and
> > > > standby HSRP routers.
> > > >
> > > > However, maybe Cisco's implementation has once been like
> > this,
> > > > because I've
> > > > seen instances in the field that ARP caches cont

Re: Gratuitous ARP and HSRP [7:65633]

[Priscilla Oppenheimer]

ericbrouwers wrote:
> 
> It is indeed related to the command "use-bia". Here's a section
> from the doc

An HSRP router using Gratuitous ARP isn't just related to switches that have
to use a BIA. Unfortunately, most descriptions of HSRP, including ones I
have written myself, assume two routers on a shared old-style Ethernet.
Remember HSRP has been around for a long time!

But consider this typical modern campus network design that GroupStudy
posting software hopefully won't totally munge:

R1   R2
 |   |
 |   |
Sw1--Sw2
 ||
PC1   PC2

Let's say the routers have chosen a virtual HSRP address of 10.0.0.1 for
HSRP Group 1. The virtual MAC address is .0c07.ac01.

PC1 broadcasts an ARP looking for 10.0.0.1 and R1 is the active router. R1
sends back a unicast ARP reply.

Sw1 picks up that .0c07.ac01 is reachable via the port at the top of SW1
in the drawing.

When PC2 broadcast an ARP, the reply will travel from Sw1 to Sw2 to PC2. So
Sw2 picks up that the .0c07.ac01 address is reachable via the port to
the left of Sw2 in the drawing. Sorry, if that's too confusing, but I don't
want to waste time doing a good drawing with port numbers that will just get
munged anyway.

Now R2 stops hearing from R1 and takes over as the active HSRP router. R2
must send a Gratuitous ARP broadcast so that Sw1 and Sw2 change their MAC
address tables. Now the virtual MAC address .0c07.ac01 is reachable on
Sw1 on its port that is shown to the right of Sw1 in the drawing.

On Sw2, the .0c07.ac01 address is reachable from its port at the top of
the drawing.

The Gratuitous ARP fixes the MAC address tables on switches. Isn't that
explained in any Cisco docs? It has to work that way it seems to me.


> "Hot Standby Router Protocol Features and Functionality" that
> was suggested
> by Daniel:
> 
> However, the usebbia command has several disadvantages:
> - When a router becomes active, the virtual IP address is moved
> to a
> different MAC address. The newly
> active router sends a gratuitous ARP response, but not all host
> implementations handle the gratuitous
> ARP correctly.

That may be true, but it's not meant to say that this is the only case where
the Gratuitous ARP is needed. It's needed for the general case too, from
what I understand.

Most host implementations do handle the Gratuitous ARP correctly, by the
way. In fact, this is open to an infamous man-in-the-middle security
vulnerability, sometimes misnamed as "ARP sniffing." An attacker can send a
Gratuitous ARP claiming to be the default gateway. Now all traffic destined
for another network goes to the attacker's machine! The attacker's machine
can use the info, but also better forward the traffic, or it will also be a
denial-of-service attack.

> > - Original Message -
> > From: ericbrouwers
> > Date: Tuesday, March 18, 2003 1:24 am
> > Subject: Gratuitous ARP and HSRP [7:65633]
> >
> > > Hello all,
> > >
> > > I've read in the CCNP Switching Exam Cert. Guide that a
> standby
> > > router that
> > > becomes active in an HSRP group, sends a gratuitous ARP to
> update
> > > the ARP
> > > cache of the end stations with the new active MAC address...
> > >
> > > This is strange, since the same virtual MAC address is used
> by
> > > active and
> > > standby HSRP routers.
> > >
> > > However, maybe Cisco's implementation has once been like
> this,
> > > because I've
> > > seen instances in the field that ARP caches contained the
> real MAC
> > > instead of
> > > the virtual MAC address when using HSRP.

Seeing the real MAC address is probably a different problem. You could see
it if the router was at one point using the virtual address on a real
interface. For example, when you first get HSRP up and running, you may move
Ethernet1's IP address to the virtual address and assign a new real address
to Ethernet1.

The hosts will still have in their ARP cache the previous mapping. You can
clear their cache. Or just wait a couple minutes if it's Windows and the
users aren't doing anything. On Windows entries stay in the ARP cache for
only 2 minutes.


Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com

> > >
> > > Can someone give comments on this?
> > >
> > > Thanks,
> > >
> > > Eric Brouwers
> > > [EMAIL PROTECTED]
> > > Nondisclosure violations to [EMAIL PROTECTED]
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65704&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Gratuitous ARP and HSRP [7:65633]

[Karen E Young]

Eric,

The gratuitous ARP is just to let the switch or bridge know that the port
that the virtual MAC is attached to has changed.

If an existing router is converted to HSRP, then the end stations will
continue to track the real MAC address, not the virtual one. You have to
reboot the end stations or otherwise clear their ARP caches to get them to
use the virtual MAC.

Help any?
Karen

*** REPLY SEPARATOR  ***

On 3/18/2003 at 6:24 AM ericbrouwers wrote:

>Hello all,
>
>I've read in the CCNP Switching Exam Cert. Guide that a standby router that
>becomes active in an HSRP group, sends a gratuitous ARP to update the ARP
>cache of the end stations with the new active MAC address...
>
>This is strange, since the same virtual MAC address is used by active and
>standby HSRP routers.
>
>However, maybe Cisco's implementation has once been like this, because I've
>seen instances in the field that ARP caches contained the real MAC instead
>of
>the virtual MAC address when using HSRP.
>
>Can someone give comments on this?
>
>Thanks,
>
>Eric Brouwers
>[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65699&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Gratuitous ARP and HSRP [7:65633]

[ericbrouwers]

It is indeed related to the command "use-bia". Here's a section from the doc
"Hot Standby Router Protocol Features and Functionality" that was suggested
by Daniel:

However, the usebbia command has several disadvantages:
- When a router becomes active, the virtual IP address is moved to a
different MAC address. The newly
active router sends a gratuitous ARP response, but not all host
implementations handle the gratuitous
ARP correctly.
- Proxy ARP breaks when usebbia is configured. A atandby router cannot
cover
for the lost proxy ARP
database of a failed router.
- Prior to Cisco IOS release 12.0(3.4)T, only one HSRP group is allowed if
usebbia is configured.

Thanks guys,

Eric

- Original Message -
From: "garrett allen" 
To: 
Sent: Tuesday, March 18, 2003 6:06 PM
Subject: Re: Gratuitous ARP and HSRP [7:65633]


> eric,
>
> i can only comment in a limited way and only based on what i have
> read.  the lower end cisco products (like the 2500's i've been
> deploying in remote offices) can only associate one virtual mac address
> to an interface and so can only belong to a single hsrp group.  if you
> have a need to support more than one hsrp group on an interface one way
> around that limitation it is to use the bia of the interface as the
> virtual address and to issue a gratuitous arp whenever the interface
> takes over - the command is "standby use-bia" i recall.  higher end
> products don't have the limitation and some end stations don't really
> respond well to it.
>
> i haven't actually used this before for money, so there is the
> possibility of being wrong and your mileage may vary will use.  but it
> should start the ball rolling to hear from others.
>
> cheers.
> garrett
>
> - Original Message -
> From: ericbrouwers
> Date: Tuesday, March 18, 2003 1:24 am
> Subject: Gratuitous ARP and HSRP [7:65633]
>
> > Hello all,
> >
> > I've read in the CCNP Switching Exam Cert. Guide that a standby
> > router that
> > becomes active in an HSRP group, sends a gratuitous ARP to update
> > the ARP
> > cache of the end stations with the new active MAC address...
> >
> > This is strange, since the same virtual MAC address is used by
> > active and
> > standby HSRP routers.
> >
> > However, maybe Cisco's implementation has once been like this,
> > because I've
> > seen instances in the field that ARP caches contained the real MAC
> > instead of
> > the virtual MAC address when using HSRP.
> >
> > Can someone give comments on this?
> >
> > Thanks,
> >
> > Eric Brouwers
> > [EMAIL PROTECTED]
> > Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65695&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Gratuitous ARP and HSRP [7:65633]

[garrett allen]

eric,

i can only comment in a limited way and only based on what i have 
read.  the lower end cisco products (like the 2500's i've been 
deploying in remote offices) can only associate one virtual mac address 
to an interface and so can only belong to a single hsrp group.  if you 
have a need to support more than one hsrp group on an interface one way 
around that limitation it is to use the bia of the interface as the 
virtual address and to issue a gratuitous arp whenever the interface 
takes over - the command is "standby use-bia" i recall.  higher end 
products don't have the limitation and some end stations don't really 
respond well to it.

i haven't actually used this before for money, so there is the 
possibility of being wrong and your mileage may vary will use.  but it 
should start the ball rolling to hear from others.

cheers.
garrett

- Original Message -
From: ericbrouwers 
Date: Tuesday, March 18, 2003 1:24 am
Subject: Gratuitous ARP and HSRP [7:65633]

> Hello all,
> 
> I've read in the CCNP Switching Exam Cert. Guide that a standby 
> router that
> becomes active in an HSRP group, sends a gratuitous ARP to update 
> the ARP
> cache of the end stations with the new active MAC address...
> 
> This is strange, since the same virtual MAC address is used by 
> active and
> standby HSRP routers.
> 
> However, maybe Cisco's implementation has once been like this, 
> because I've
> seen instances in the field that ARP caches contained the real MAC 
> instead of
> the virtual MAC address when using HSRP.
> 
> Can someone give comments on this?
> 
> Thanks,
> 
> Eric Brouwers
> [EMAIL PROTECTED]
> Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65673&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Gratuitous ARP and HSRP [7:65633]

[Daniel Cotts]

On CCO check out under IP Routing Protocols the doc "Hot Standby Router
Protocol Features and Functionality"
www.cisco.com/en/US/tech/tk648/tk365/technologies_tech_note09186a0080094a91.
shtml

> -Original Message-
> From: ericbrouwers [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 18, 2003 12:25 AM
> To: [EMAIL PROTECTED]
> Subject: Gratuitous ARP and HSRP [7:65633]
> 
> 
> Hello all,
> 
> I've read in the CCNP Switching Exam Cert. Guide that a 
> standby router that
> becomes active in an HSRP group, sends a gratuitous ARP to 
> update the ARP
> cache of the end stations with the new active MAC address...
> 
> This is strange, since the same virtual MAC address is used 
> by active and
> standby HSRP routers.
> 
> However, maybe Cisco's implementation has once been like 
> this, because I've
> seen instances in the field that ARP caches contained the 
> real MAC instead of
> the virtual MAC address when using HSRP.
> 
> Can someone give comments on this?
> 
> Thanks,
> 
> Eric Brouwers
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65664&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Gratuitous ARP and HSRP [7:65633]

[ericbrouwers]

Hello all,

I've read in the CCNP Switching Exam Cert. Guide that a standby router that
becomes active in an HSRP group, sends a gratuitous ARP to update the ARP
cache of the end stations with the new active MAC address...

This is strange, since the same virtual MAC address is used by active and
standby HSRP routers.

However, maybe Cisco's implementation has once been like this, because I've
seen instances in the field that ARP caches contained the real MAC instead of
the virtual MAC address when using HSRP.

Can someone give comments on this?

Thanks,

Eric Brouwers
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65633&t=65633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP timer dispute [7:64658]

[Kirankumar Patel]

Vajira

If time dealy during change over is not an issue, then use the default.

Kiran


>From: "Vajira Wijesinghe" 
>Reply-To: "Vajira Wijesinghe" 
>To: [EMAIL PROTECTED]
>Subject: HSRP timer dispute [7:64658]
>Date: Thu, 6 Mar 2003 22:47:39 GMT
>
>Hi group,
>
>Let me apologise first for forwarding this stupid question as a
>networking engineer. But i need you guy's answers just to show to my
>client who doesnot believe what i'm saying.
>
>We have two 6509's connected by 4-gig etherchannel and configured HSRP
>groups in them for the default gateway redundancy of each VLAN.
>As you all know, default hello time is 3 sec and hold time is 10 sec.
>
>I have reconfigured these timers to hello 1 sec and hold 4 sec.
>
>Now client is unhappy because effectively I have increased the rate of
>hello packet sending by 3 times. He is worrying about the amount of
>hello traffic I have infused to this gigabit network.
>
>Does any one of you have any comment?
>Thanks
>- (on postoffice)
>
>The information contained in this email is confidential and is meant to be
>read only by the person to whom it is addressed.Please visit
>http://www.millenniumit.com/legal/email.htm to read the entire
>confidentiality clause.
>
>-
_
Cricket World Cup 2003- News, Views and Match Reports. 
http://server1.msn.co.in/msnspecials/worldcup03/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64693&t=64658
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP timer dispute [7:64658]

[Sam Sneed]

The overall bandwidth used by hello packets is negligible. The only thing
I'd worry about is if the routers are really busy you may have premature
failovers.This is probably not very likely but would be the only valid
argument I could see against changing timers default value.
""Vajira Wijesinghe""  wrote in message
news:[EMAIL PROTECTED]
> Hi group,
>
> Let me apologise first for forwarding this stupid question as a
> networking engineer. But i need you guy's answers just to show to my
> client who doesnot believe what i'm saying.
>
> We have two 6509's connected by 4-gig etherchannel and configured HSRP
> groups in them for the default gateway redundancy of each VLAN.
> As you all know, default hello time is 3 sec and hold time is 10 sec.
>
> I have reconfigured these timers to hello 1 sec and hold 4 sec.
>
> Now client is unhappy because effectively I have increased the rate of
> hello packet sending by 3 times. He is worrying about the amount of
> hello traffic I have infused to this gigabit network.
>
> Does any one of you have any comment?
> Thanks
> - (on postoffice)
>
> The information contained in this email is confidential and is meant to be
> read only by the person to whom it is addressed.Please visit
> http://www.millenniumit.com/legal/email.htm to read the entire
> confidentiality clause.
>
> -




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64659&t=64658
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP timer dispute [7:64658]

[Vajira Wijesinghe]

Hi group,

Let me apologise first for forwarding this stupid question as a 
networking engineer. But i need you guy's answers just to show to my 
client who doesnot believe what i'm saying.

We have two 6509's connected by 4-gig etherchannel and configured HSRP 
groups in them for the default gateway redundancy of each VLAN.
As you all know, default hello time is 3 sec and hold time is 10 sec.

I have reconfigured these timers to hello 1 sec and hold 4 sec.

Now client is unhappy because effectively I have increased the rate of 
hello packet sending by 3 times. He is worrying about the amount of 
hello traffic I have infused to this gigabit network. 

Does any one of you have any comment?
Thanks
- (on postoffice)

The information contained in this email is confidential and is meant to be
read only by the person to whom it is addressed.Please visit
http://www.millenniumit.com/legal/email.htm to read the entire
confidentiality clause.

-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64658&t=64658
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SUPERVISOR ENGINE 2 for 6513 cat HSRP "PAIN" [7:64082]

[MADMAN]

Why do you require all the groups  I generally only define groups 
when doing load balancing and HSRP otherwise the default works just fine.

   Dave

rau ren wrote:
> I am configuring HSRP groups in the MSFCs of this SUP2.  I am only being
> allowed by the MFSC to configure 16 hsrp groups.  this SUP2 is an upgrade
> for the MFSC SUP1s we have.  in the SUP1s I have configured a total of 50
> vlans, each with its own HSRP group. That is 50 HSRP groups
> 
> Here is my dilema.. SUP2 only limits me to create and use 16 HSRP groups. 
I
> have been told, and i`ved researched for an upgrade on the ios none
> avail.
> 
> ANY IDEAS? below is the info on the device
> 
> Mod Slot Ports Module-Type   Model   Sub Status
> ---  - - --- --- 
> 1   12 1000BaseX Supervisor  WS-X6K-SUP2-2GE yes ok
> 
> Cisco Internetwork Operating System Software
> IOS (tm) MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(13)E3, EARLY
> DEPLOYMENT RE
> LEASE SOFTWARE (fc1)
> TAC Support: http://www.cisco.com/tac
> Copyright (c) 1986-2002 by cisco Systems, Inc.
> Compiled Sat 21-Dec-02 05:49 by hqluong
> Image text-base: 0x40008C00, data-base: 0x41B76000
> 
> ROM: System Bootstrap, Version 12.1(11r)E1, RELEASE SOFTWARE (fc1)
> BOOTLDR: MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(13)E3, EARLY
> DEPLOYMENT RE
> LEASE SOFTWARE (fc1)
> 
> Router uptime is 2 weeks, 17 hours, 15 minutes
> System returned to ROM by power-on
> System image file is "bootflash:c6msfc2-jsv-mz.121-13.E3.bin"
> 
> cisco Cat6k-MSFC2 (R7000) processor with 491520K/32768K bytes of memory.
> 
> 
> Raul Renteria (CCNA,CCDA,CCNP)
> DJ1Integration. NY,NY. 10016
> 
> 
> -
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, and more
-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"You don't make the poor richer by making the rich poorer." --Winston
Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64110&t=64082
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SUPERVISOR ENGINE 2 for 6513 cat HSRP "PAIN" [7:64082]

[Larry Letterman]

you are correct. The msfc-2 only allows 16 different hsrp groups.
We ran into that when we deployed sup-2/msfc-2 blades in our BB
and data Center gateways. Functionally it works fine having the
same group number..

Larry Letterman
Network Engineer
Cisco Systems


  - Original Message -
  From: rau ren
  To: [EMAIL PROTECTED]
  Sent: Friday, February 28, 2003 6:51 AM
  Subject: SUPERVISOR ENGINE 2 for 6513 cat HSRP "PAIN" [7:64082]


  I am configuring HSRP groups in the MSFCs of this SUP2.  I am only being
  allowed by the MFSC to configure 16 hsrp groups.  this SUP2 is an upgrade
  for the MFSC SUP1s we have.  in the SUP1s I have configured a total of 50
  vlans, each with its own HSRP group. That is 50 HSRP groups

  Here is my dilema.. SUP2 only limits me to create and use 16 HSRP groups.
I
  have been told, and i`ved researched for an upgrade on the ios none
  avail.

  ANY IDEAS? below is the info on the device

  Mod Slot Ports Module-Type   Model   Sub Status
  ---  - - --- --- 
  1   12 1000BaseX Supervisor  WS-X6K-SUP2-2GE yes ok

  Cisco Internetwork Operating System Software
  IOS (tm) MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(13)E3, EARLY
  DEPLOYMENT RE
  LEASE SOFTWARE (fc1)
  TAC Support: http://www.cisco.com/tac
  Copyright (c) 1986-2002 by cisco Systems, Inc.
  Compiled Sat 21-Dec-02 05:49 by hqluong
  Image text-base: 0x40008C00, data-base: 0x41B76000

  ROM: System Bootstrap, Version 12.1(11r)E1, RELEASE SOFTWARE (fc1)
  BOOTLDR: MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(13)E3, EARLY
  DEPLOYMENT RE
  LEASE SOFTWARE (fc1)

  Router uptime is 2 weeks, 17 hours, 15 minutes
  System returned to ROM by power-on
  System image file is "bootflash:c6msfc2-jsv-mz.121-13.E3.bin"

  cisco Cat6k-MSFC2 (R7000) processor with 491520K/32768K bytes of memory.


  Raul Renteria (CCNA,CCDA,CCNP)
  DJ1Integration. NY,NY. 10016


  -
  Do you Yahoo!?
  Yahoo! Tax Center - forms, calculators, tips, and more




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64098&t=64082
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

SUPERVISOR ENGINE 2 for 6513 cat HSRP "PAIN" [7:64082]

[rau ren]

I am configuring HSRP groups in the MSFCs of this SUP2.  I am only being
allowed by the MFSC to configure 16 hsrp groups.  this SUP2 is an upgrade
for the MFSC SUP1s we have.  in the SUP1s I have configured a total of 50
vlans, each with its own HSRP group. That is 50 HSRP groups

Here is my dilema.. SUP2 only limits me to create and use 16 HSRP groups.  I
have been told, and i`ved researched for an upgrade on the ios none
avail.

ANY IDEAS? below is the info on the device

Mod Slot Ports Module-Type   Model   Sub Status
---  - - --- --- 
1   12 1000BaseX Supervisor  WS-X6K-SUP2-2GE yes ok

Cisco Internetwork Operating System Software
IOS (tm) MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(13)E3, EARLY
DEPLOYMENT RE
LEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sat 21-Dec-02 05:49 by hqluong
Image text-base: 0x40008C00, data-base: 0x41B76000

ROM: System Bootstrap, Version 12.1(11r)E1, RELEASE SOFTWARE (fc1)
BOOTLDR: MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(13)E3, EARLY
DEPLOYMENT RE
LEASE SOFTWARE (fc1)

Router uptime is 2 weeks, 17 hours, 15 minutes
System returned to ROM by power-on
System image file is "bootflash:c6msfc2-jsv-mz.121-13.E3.bin"

cisco Cat6k-MSFC2 (R7000) processor with 491520K/32768K bytes of memory.


Raul Renteria (CCNA,CCDA,CCNP)
DJ1Integration. NY,NY. 10016


-
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, and more




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64082&t=64082
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP or switch issue? [7:63768]

[John Neiberger]

I know it's pretty basic, but can we see sanitized versions of the
relevant portions of your configs?  What IOS are you running on your
routers?  Are there other devices hanging off of the switch that are in
the same subnet as the routers? If so, what are they?

John

>>> "John Starta"  2/25/03 12:11:53 PM >>>
I'm currently experiencing an oddity with multicast traffic like HSRP
that 
I'm looking for some ideas on. For simplicity the network design
consists 
of 2 Cisco 3640 routers running HSRP between them connected to a single

Extreme [Black Diamond] switch. Basically...

extreme switch
  |   |
  |   |
 rtr1rtr2

Normally everything works just fine, but periodically -- in time, not 
quantity -- HSRP indicates via the %HSRP-4-DUPADDR message that I have
a 
duplicate [IP] address. (The quantity of the messages indicating the 
duplicate IP address ranges from half dozen to nearly a hundred. The
time 
between messages closely matches the HSRP HELLO interval.)

When I receive these messages, on the active HSRP router for instance,
they 
indicate the duplicate address as being the physical interface IP
address 
of the active HSRP router with the source MAC address as the virtual
MAC 
[address] of the active HSRP router. Receipt of these %HSRP-4-DUPADDR 
messages indicating the duplicate as itself suggests an issue with 
multicast -- a loop of sorts whereby the switch copies the multicast 
announcement [back] to the same switch port it originated. Keep in mind

that there are no interface or HSRP state changes so the messages
probably 
aren't coming from the standby HSRP router. (Especially since the
indicated 
duplicate IP address is that of the physical interface on the active
HSRP 
router, not the virtual IP.)

I did some poking around on Extreme's web site and they indicate an
issue 
with HSRP in an earlier version of code, but that is/was fixed in the 
version being used.

Have anybody run into this before? Ideas regarding cause? I don't have

access to the switch since it belongs to the customer.

.,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63788&t=63768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP or switch issue? [7:63768]

[Daniel Cotts]

You might want to look up the following document on CCO:
Avoiding HSRP Instability in a Switching Environment with Various Routing
Platforms.
Looks like www.cisco.com/warp/public/619/8.shtml


> -Original Message-
> From: John Starta [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 25, 2003 1:12 PM
> To: [EMAIL PROTECTED]
> Subject: HSRP or switch issue? [7:63768]
> 
> 
> I'm currently experiencing an oddity with multicast traffic 
> like HSRP that 
> I'm looking for some ideas on. For simplicity the network 
> design consists 
> of 2 Cisco 3640 routers running HSRP between them connected 
> to a single 
> Extreme [Black Diamond] switch. Basically...
> 
> extreme switch
>   |   |
>   |   |
>  rtr1rtr2
> 
> Normally everything works just fine, but periodically -- in time, not 
> quantity -- HSRP indicates via the %HSRP-4-DUPADDR message 
> that I have a 
> duplicate [IP] address. (The quantity of the messages indicating the 
> duplicate IP address ranges from half dozen to nearly a 
> hundred. The time 
> between messages closely matches the HSRP HELLO interval.)
> 
> When I receive these messages, on the active HSRP router for 
> instance, they 
> indicate the duplicate address as being the physical 
> interface IP address 
> of the active HSRP router with the source MAC address as the 
> virtual MAC 
> [address] of the active HSRP router. Receipt of these %HSRP-4-DUPADDR 
> messages indicating the duplicate as itself suggests an issue with 
> multicast -- a loop of sorts whereby the switch copies the multicast 
> announcement [back] to the same switch port it originated. 
> Keep in mind 
> that there are no interface or HSRP state changes so the 
> messages probably 
> aren't coming from the standby HSRP router. (Especially since 
> the indicated 
> duplicate IP address is that of the physical interface on the 
> active HSRP 
> router, not the virtual IP.)
> 
> I did some poking around on Extreme's web site and they 
> indicate an issue 
> with HSRP in an earlier version of code, but that is/was fixed in the 
> version being used.
> 
> Have anybody run into this before? Ideas regarding cause? I 
> don't have 
> access to the switch since it belongs to the customer.
> 
> .,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63784&t=63768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP or switch issue? [7:63768]

[John Starta]

I'm currently experiencing an oddity with multicast traffic like HSRP that 
I'm looking for some ideas on. For simplicity the network design consists 
of 2 Cisco 3640 routers running HSRP between them connected to a single 
Extreme [Black Diamond] switch. Basically...

extreme switch
  |   |
  |   |
 rtr1rtr2

Normally everything works just fine, but periodically -- in time, not 
quantity -- HSRP indicates via the %HSRP-4-DUPADDR message that I have a 
duplicate [IP] address. (The quantity of the messages indicating the 
duplicate IP address ranges from half dozen to nearly a hundred. The time 
between messages closely matches the HSRP HELLO interval.)

When I receive these messages, on the active HSRP router for instance, they 
indicate the duplicate address as being the physical interface IP address 
of the active HSRP router with the source MAC address as the virtual MAC 
[address] of the active HSRP router. Receipt of these %HSRP-4-DUPADDR 
messages indicating the duplicate as itself suggests an issue with 
multicast -- a loop of sorts whereby the switch copies the multicast 
announcement [back] to the same switch port it originated. Keep in mind 
that there are no interface or HSRP state changes so the messages probably 
aren't coming from the standby HSRP router. (Especially since the indicated 
duplicate IP address is that of the physical interface on the active HSRP 
router, not the virtual IP.)

I did some poking around on Extreme's web site and they indicate an issue 
with HSRP in an earlier version of code, but that is/was fixed in the 
version being used.

Have anybody run into this before? Ideas regarding cause? I don't have 
access to the switch since it belongs to the customer.

.,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63768&t=63768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SRB & HSRP [7:62660]

[Simon Watson]

Thanks Dave

>From: MADMAN >Reply-To: [EMAIL PROTECTED] >To: Simon Watson >CC:
[EMAIL PROTECTED], [EMAIL PROTECTED] >Subject: Re: SRB & HSRP
[7:62660] >Date: Fri, 07 Feb 2003 15:34:50 -0600 > > > Hi, > > I would
have to look at the DLSW redundancy configs to give you a >diffinitive
answer, (I can't memorize all this stuff:), but I can >promise you that
you can't have two differant ring numbers on a >single token ring. You
will bring the ring down. > > Dave > > take a look at this, it sounds
like what you want to do, you need >to change your bridge number though
as they should not match. >
>http://www.cisco.com/en/US/customer/tech/tk331/tk336/technologies_tech_note09186a0080094548.shtml
> > >Simon Watson wrote: >>Hi Madman >> >> >> >>Are you recommending me
to configure both Token-Ring HSRP >>interfaces with the same SRB
statement ? i.e "source-bridge 101 2 >>300". >> >> >> >>Thanks >> >> >>
>>Simon. >> >> >> >> >> >> >> >> >> >> >From: MADMAN >> >Reply-To:
[EMAIL PROTECTED] >> >To: Simon Watson >> >CC: [EMAIL PROTECTED] >>
>Subject: Re: SRB & HSRP [7:62660] >> >Date: Fri, 07 Feb 2003 14:49:06
-0600 >> > >> > >> > I have configured HSRP in SRB environments, they are
two >>seperate >> >things. What I wouldn't do is connect a secondary
router to this >> >token ring with a differant ring number!!! >> > >> >
Dave >> > >> >Simon Watson wrote: >> >>Hi Guys I'm going to install a
secondary router on a Token-Ring >> >>Source >> >>Route Bridge Network,
and use HSRP between the two routers for >> >>redundancy. On the current
router the SRB config on the Token >>Ring >> >>Interface is:
"source-bridge 101 2 300". On the secondary >>router's >> >>Token-Ring
interface is it ok to use for example "source-bridge >>102 >> >>2 >>
>>300" In other words is there any issues of using HSRP on >>interfaces
>> >>that >> >>have SRB configured. Thanks Simon. >> >> >> >>
>>
>> >> >> >>It's fast, it's easy and it's free! Click here to download MSN
archives, and subscription info: >>
>>http://www.groupstudy.com/list/cisco.html >> >>Report misconduct and
Nondisclosure violations to >> >>[EMAIL PROTECTED] >> >> >> >> >> > >>
> >> >-- >> >David Madland >> >CCIE# 2016 >> >Sr. Network Engineer >>
>Qwest Communications >> >612-664-3367 >> > >> >"You don't make the poor
richer by making the rich poorer." >> >--Winston >> >Churchill >>
>>
>>Add photos to your messages with MSN 8. More info here. >> > > >--
>David Madland >CCIE# 2016 >Sr. Network Engineer >Qwest Communications
>612-664-3367 > >"You don't make the poor richer by making the rich
poorer." >--Winston >Churchill



Chat with friends online - download MSN Messenger today.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63413&t=62660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: FW: HSRP question [7:62941]

[Vicky Mair]

i was about to suggest using sub-interface but anyway you guys had
reasons in doing so as you said.




regards,
/vicky

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Larry Letterman
Sent: Thursday, February 13, 2003 10:26 AM
To: [EMAIL PROTECTED]
Subject: Re: FW: HSRP question [7:62941]


in the example I gave, from a 7500 router, I believe at the
time isl was the only
vlan sub-interface mode supported. That was why we did
secondary ip's on
the interfaces for the ip phoneselsewhere on the campus
we use aux vlans and vlan interface
with trunks...

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: "MADMAN"
To:
Sent: Thursday, February 13, 2003 9:36 AM
Subject: Re: FW: HSRP question [7:62941]


> Vicky Mair wrote:
> > true enoughi can just image in the event of a storm
(mcast, bcast or
> spt
> > loop) what would happen on that segment, specially
running ip phones ;-)
> > then again what you guys are doing could be (a)
politically driven (b)
> > transition phase. what about using auxvlan if indeed you
guys are using ip
> > phones.
> >
> > if my memory serves me correct aren't packets process
switched between
> > primary and secondaries ?
>
>Yes by default packets are process switched between
secondaries. got
> that call a few times, CPU is really busy, only to see all
these
> secondaries.  "ip route-cache same-interface" helps a lot.
>
>Yes secondaries are often driven by layer 8 issues,
networks that
> grew out of control, cheezy ways to implement "VLANS"
etc...
>
>Auxvlans are switch specific, at least I'm pretty sure.
>
>Dave
>
>
> >
> > thinking out loud :)
> >
> >
> > regards,
> > /vicky
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
> > Larry Letterman
> > Sent: Wednesday, February 12, 2003 10:38 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: HSRP question [7:62941]
> >
> >
> > Issues I have with secondary ip address's :
> >
> > In the sh ip int br command, the 10.x.x.x secondary on
the below interface
> > does not show up
> >
> > The dhcp request for that interface will advertise out
the primary
> interface
> > not the secondary address, so it is extremely difficult
to get the
> secondary
> > ip address's a dhcp address
> >
> > It adds a lot of overhead to the interface connection
tables and hsrp can
> > act
> > strange
> > on certain routers, especially older routers with
resource limits...
> >
> > interface FastEthernet1/0
> >  description 590 Brennan St.
> >  ip address 10.17.212.2 255.255.255.0 secondary
> >  ip address 171.70.34.3 255.255.255.0
> >  no ip redirects
> >  arp timeout 1740
> >  standby priority 105 preempt
> >  standby ip 171.70.34.1
> >  standby track Se6/0/0
> >  standby 2 priority 105 preempt
> >  standby 2 ip 10.17.212.1
> >  standby 2 track Se6/0/0
> >  hold-queue 150 in
> >
> >
> > sjbrn-gw1#sh ip int br
> > Ethernet0/0192.168.54.131  YES NVRAM  up
> > up
> > FastEthernet1/0171.70.34.3 YES NVRAM  up
> > up
> > Serial6/0/0171.68.2.22 YES NVRAM  up
> > up
> >
> >
> >
> >
> >
> >
> >
> >
> > Larry Letterman
> > Network Engineer
> > Cisco Systems
> >
> >
> > - Original Message -
> > From: "Kelly Cobean"
> > To: "Larry Letterman" ; "Cisco groupstudy"
> >
> > Sent: Wednesday, February 12, 2003 7:01 PM
> > Subject: RE: HSRP question
> >
> >
> >
> >>Larry,
> >>Care to elaborate a little on the downside to doing
this?  We're doing
> >>it in our network but I'd love to present some reasons
why we shouldn't
> >
> > and
> >
> >>start looking at some proper VLAN config's.  Right now
we have something
> >>like 6 class-c networks configured on a single interface
of each of our
> >>routers.  I know it creates a really overpopulated
broadcast domain...What
> >>else should I be considering?  Thanks.
> >>
> >>Kelly Cobean
> >>
> >>-Original Message-
> >>From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
> >>Larry Letterman
> >>Sent: Wednesday, February 12, 2003 7:31 PM
> >>To: MADMAN; CCIE FUN
> >>Cc: [EMAIL PROTECTED]
> >>Subject: Re: HSR

RE: FW: HSRP question [7:62941]

[Vicky Mair]

comments in-line:

-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 9:36 AM
To: Vicky Mair
Cc: [EMAIL PROTECTED]
Subject: Re: FW: HSRP question [7:62941]





Vicky Mair wrote:
> true enoughi can just image in the event of a storm (mcast, bcast or
spt
> loop) what would happen on that segment, specially running ip phones ;-)
> then again what you guys are doing could be (a) politically driven (b)
> transition phase. what about using auxvlan if indeed you guys are using ip
> phones.
>
> if my memory serves me correct aren't packets process switched between
> primary and secondaries ?

   Yes by default packets are process switched between secondaries. got
that call a few times, CPU is really busy, only to see all these
secondaries.  "ip route-cache same-interface" helps a lot.
--
yikes!


   Yes secondaries are often driven by layer 8 issues, networks that
grew out of control, cheezy ways to implement "VLANS" etc...
-
amen to that


   Auxvlans are switch specific, at least I'm pretty sure.
--
my auxvlan comment was directed more towards c6k/catos...native ios does
not supports voice (t1/fxs...etc) at least the last time we looked at
itin our case we run hybrid on dist and non-l2 on core. we keep it
simple.



/vicky

   Dave


>
> thinking out loud :)
>
>
> regards,
> /vicky
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Larry Letterman
> Sent: Wednesday, February 12, 2003 10:38 PM
> To: [EMAIL PROTECTED]
> Subject: Re: HSRP question [7:62941]
>
>
> Issues I have with secondary ip address's :
>
> In the sh ip int br command, the 10.x.x.x secondary on the below interface
> does not show up
>
> The dhcp request for that interface will advertise out the primary
interface
> not the secondary address, so it is extremely difficult to get the
secondary
> ip address's a dhcp address
>
> It adds a lot of overhead to the interface connection tables and hsrp can
> act
> strange
> on certain routers, especially older routers with resource limits...
>
> interface FastEthernet1/0
>  description 590 Brennan St.
>  ip address 10.17.212.2 255.255.255.0 secondary
>  ip address 171.70.34.3 255.255.255.0
>  no ip redirects
>  arp timeout 1740
>  standby priority 105 preempt
>  standby ip 171.70.34.1
>  standby track Se6/0/0
>  standby 2 priority 105 preempt
>  standby 2 ip 10.17.212.1
>  standby 2 track Se6/0/0
>  hold-queue 150 in
>
>
> sjbrn-gw1#sh ip int br
> Ethernet0/0192.168.54.131  YES NVRAM  up
> up
> FastEthernet1/0171.70.34.3 YES NVRAM  up
> up
> Serial6/0/0171.68.2.22 YES NVRAM  up
> up
>
>
>
>
>
>
>
>
> Larry Letterman
> Network Engineer
> Cisco Systems
>
>
> - Original Message -
> From: "Kelly Cobean"
> To: "Larry Letterman" ; "Cisco groupstudy"
>
> Sent: Wednesday, February 12, 2003 7:01 PM
> Subject: RE: HSRP question
>
>
>
>>Larry,
>>Care to elaborate a little on the downside to doing this?  We're doing
>>it in our network but I'd love to present some reasons why we shouldn't
>
> and
>
>>start looking at some proper VLAN config's.  Right now we have something
>>like 6 class-c networks configured on a single interface of each of our
>>routers.  I know it creates a really overpopulated broadcast domain...What
>>else should I be considering?  Thanks.
>>
>>Kelly Cobean
>>
>>-Original Message-
>>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>>Larry Letterman
>>Sent: Wednesday, February 12, 2003 7:31 PM
>>To: MADMAN; CCIE FUN
>>Cc: [EMAIL PROTECTED]
>>Subject: Re: HSRP question
>>
>>
>>I have run hsrp on primary and secondary address's and it
>>works..
>>However , I support Dave's thoughts that I dont like to do
>>it for prduction
>>networks or for long periods of time...
>>
>>Larry Letterman
>>Network Engineer
>>Cisco Systems
>>
>>
>>- Original Message -
>>From: "MADMAN"
>>To: "CCIE FUN"
>>Cc:
>>Sent: Wednesday, February 12, 2003 3:29 PM
>>Subject: Re: HSRP question
>>
>>
>>
>>>   Yes you can do this but I wouldn't design a network
>>
>>with secondaries.
>>
>>>  Just because you can doesn't mean you should.
>>
>>Secondaries should be
>>
>>>used only for temporary situa

Re: FW: HSRP question [7:62941]

[Larry Letterman]

in the example I gave, from a 7500 router, I believe at the
time isl was the only
vlan sub-interface mode supported. That was why we did
secondary ip's on
the interfaces for the ip phoneselsewhere on the campus
we use aux vlans and vlan interface
with trunks...

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: "MADMAN" 
To: 
Sent: Thursday, February 13, 2003 9:36 AM
Subject: Re: FW: HSRP question [7:62941]


> Vicky Mair wrote:
> > true enoughi can just image in the event of a storm
(mcast, bcast or
> spt
> > loop) what would happen on that segment, specially
running ip phones ;-)
> > then again what you guys are doing could be (a)
politically driven (b)
> > transition phase. what about using auxvlan if indeed you
guys are using ip
> > phones.
> >
> > if my memory serves me correct aren't packets process
switched between
> > primary and secondaries ?
>
>Yes by default packets are process switched between
secondaries. got
> that call a few times, CPU is really busy, only to see all
these
> secondaries.  "ip route-cache same-interface" helps a lot.
>
>Yes secondaries are often driven by layer 8 issues,
networks that
> grew out of control, cheezy ways to implement "VLANS"
etc...
>
>Auxvlans are switch specific, at least I'm pretty sure.
>
>Dave
>
>
> >
> > thinking out loud :)
> >
> >
> > regards,
> > /vicky
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
> > Larry Letterman
> > Sent: Wednesday, February 12, 2003 10:38 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: HSRP question [7:62941]
> >
> >
> > Issues I have with secondary ip address's :
> >
> > In the sh ip int br command, the 10.x.x.x secondary on
the below interface
> > does not show up
> >
> > The dhcp request for that interface will advertise out
the primary
> interface
> > not the secondary address, so it is extremely difficult
to get the
> secondary
> > ip address's a dhcp address
> >
> > It adds a lot of overhead to the interface connection
tables and hsrp can
> > act
> > strange
> > on certain routers, especially older routers with
resource limits...
> >
> > interface FastEthernet1/0
> >  description 590 Brennan St.
> >  ip address 10.17.212.2 255.255.255.0 secondary
> >  ip address 171.70.34.3 255.255.255.0
> >  no ip redirects
> >  arp timeout 1740
> >  standby priority 105 preempt
> >  standby ip 171.70.34.1
> >  standby track Se6/0/0
> >  standby 2 priority 105 preempt
> >  standby 2 ip 10.17.212.1
> >  standby 2 track Se6/0/0
> >  hold-queue 150 in
> >
> >
> > sjbrn-gw1#sh ip int br
> > Ethernet0/0192.168.54.131  YES NVRAM  up
> > up
> > FastEthernet1/0171.70.34.3 YES NVRAM  up
> > up
> > Serial6/0/0171.68.2.22 YES NVRAM  up
> > up
> >
> >
> >
> >
> >
> >
> >
> >
> > Larry Letterman
> > Network Engineer
> > Cisco Systems
> >
> >
> > - Original Message -
> > From: "Kelly Cobean"
> > To: "Larry Letterman" ; "Cisco groupstudy"
> >
> > Sent: Wednesday, February 12, 2003 7:01 PM
> > Subject: RE: HSRP question
> >
> >
> >
> >>Larry,
> >>Care to elaborate a little on the downside to doing
this?  We're doing
> >>it in our network but I'd love to present some reasons
why we shouldn't
> >
> > and
> >
> >>start looking at some proper VLAN config's.  Right now
we have something
> >>like 6 class-c networks configured on a single interface
of each of our
> >>routers.  I know it creates a really overpopulated
broadcast domain...What
> >>else should I be considering?  Thanks.
> >>
> >>Kelly Cobean
> >>
> >>-Original Message-
> >>From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
> >>Larry Letterman
> >>Sent: Wednesday, February 12, 2003 7:31 PM
> >>To: MADMAN; CCIE FUN
> >>Cc: [EMAIL PROTECTED]
> >>Subject: Re: HSRP question
> >>
> >>
> >>I have run hsrp on primary and secondary address's and
it
> >>works..
> >>However , I support Dave's thoughts that I dont like to
do
> >>it for prduction
> >>networks or for long periods of time...
> >>
> >>Larry Lett

Re: FW: HSRP question [7:62941]

[MADMAN]

Vicky Mair wrote:
> true enoughi can just image in the event of a storm (mcast, bcast or
spt
> loop) what would happen on that segment, specially running ip phones ;-)
> then again what you guys are doing could be (a) politically driven (b)
> transition phase. what about using auxvlan if indeed you guys are using ip
> phones.
> 
> if my memory serves me correct aren't packets process switched between
> primary and secondaries ?

   Yes by default packets are process switched between secondaries. got 
that call a few times, CPU is really busy, only to see all these 
secondaries.  "ip route-cache same-interface" helps a lot.

   Yes secondaries are often driven by layer 8 issues, networks that 
grew out of control, cheezy ways to implement "VLANS" etc...

   Auxvlans are switch specific, at least I'm pretty sure.

   Dave


> 
> thinking out loud :)
> 
> 
> regards,
> /vicky
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Larry Letterman
> Sent: Wednesday, February 12, 2003 10:38 PM
> To: [EMAIL PROTECTED]
> Subject: Re: HSRP question [7:62941]
> 
> 
> Issues I have with secondary ip address's :
> 
> In the sh ip int br command, the 10.x.x.x secondary on the below interface
> does not show up
> 
> The dhcp request for that interface will advertise out the primary
interface
> not the secondary address, so it is extremely difficult to get the
secondary
> ip address's a dhcp address
> 
> It adds a lot of overhead to the interface connection tables and hsrp can
> act
> strange
> on certain routers, especially older routers with resource limits...
> 
> interface FastEthernet1/0
>  description 590 Brennan St.
>  ip address 10.17.212.2 255.255.255.0 secondary
>  ip address 171.70.34.3 255.255.255.0
>  no ip redirects
>  arp timeout 1740
>  standby priority 105 preempt
>  standby ip 171.70.34.1
>  standby track Se6/0/0
>  standby 2 priority 105 preempt
>  standby 2 ip 10.17.212.1
>  standby 2 track Se6/0/0
>  hold-queue 150 in
> 
> 
> sjbrn-gw1#sh ip int br
> Ethernet0/0192.168.54.131  YES NVRAM  up
> up
> FastEthernet1/0171.70.34.3 YES NVRAM  up
> up
> Serial6/0/0171.68.2.22 YES NVRAM  up
> up
> 
> 
> 
> 
> 
> 
> 
> 
> Larry Letterman
> Network Engineer
> Cisco Systems
> 
> 
> - Original Message -
> From: "Kelly Cobean"
> To: "Larry Letterman" ; "Cisco groupstudy"
> 
> Sent: Wednesday, February 12, 2003 7:01 PM
> Subject: RE: HSRP question
> 
> 
> 
>>Larry,
>>Care to elaborate a little on the downside to doing this?  We're doing
>>it in our network but I'd love to present some reasons why we shouldn't
> 
> and
> 
>>start looking at some proper VLAN config's.  Right now we have something
>>like 6 class-c networks configured on a single interface of each of our
>>routers.  I know it creates a really overpopulated broadcast domain...What
>>else should I be considering?  Thanks.
>>
>>Kelly Cobean
>>
>>-Original Message-
>>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>>Larry Letterman
>>Sent: Wednesday, February 12, 2003 7:31 PM
>>To: MADMAN; CCIE FUN
>>Cc: [EMAIL PROTECTED]
>>Subject: Re: HSRP question
>>
>>
>>I have run hsrp on primary and secondary address's and it
>>works..
>>However , I support Dave's thoughts that I dont like to do
>>it for prduction
>>networks or for long periods of time...
>>
>>Larry Letterman
>>Network Engineer
>>Cisco Systems
>>
>>
>>- Original Message -
>>From: "MADMAN"
>>To: "CCIE FUN"
>>Cc:
>>Sent: Wednesday, February 12, 2003 3:29 PM
>>Subject: Re: HSRP question
>>
>>
>>
>>>   Yes you can do this but I wouldn't design a network
>>
>>with secondaries.
>>
>>>  Just because you can doesn't mean you should.
>>
>>Secondaries should be
>>
>>>used only for temporary situations, converting ip
>>
>>addresses for example.
>>
>>>   have fun
>>>
>>>   Dave
>>>
>>>CCIE FUN wrote:
>>>
>>>>Hi all
>>>>I have two routers running HSRP for a network subnet
>>>>lets say for e.g 1.1.1.0/24 on E0 of both the routers.
>>>>
>>>>now can i add secondary address to these routers on
>>>>Interface E0 and also run HSRP for these secondary
>&g

FW: HSRP question [7:62941]

[Vicky Mair]

true enoughi can just image in the event of a storm (mcast, bcast or spt
loop) what would happen on that segment, specially running ip phones ;-)
then again what you guys are doing could be (a) politically driven (b)
transition phase. what about using auxvlan if indeed you guys are using ip
phones.

if my memory serves me correct aren't packets process switched between
primary and secondaries ?

thinking out loud :)


regards,
/vicky


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Larry Letterman
Sent: Wednesday, February 12, 2003 10:38 PM
To: [EMAIL PROTECTED]
Subject: Re: HSRP question [7:62941]


Issues I have with secondary ip address's :

In the sh ip int br command, the 10.x.x.x secondary on the below interface
does not show up

The dhcp request for that interface will advertise out the primary interface
not the secondary address, so it is extremely difficult to get the secondary
ip address's a dhcp address

It adds a lot of overhead to the interface connection tables and hsrp can
act
strange
on certain routers, especially older routers with resource limits...

interface FastEthernet1/0
 description 590 Brennan St.
 ip address 10.17.212.2 255.255.255.0 secondary
 ip address 171.70.34.3 255.255.255.0
 no ip redirects
 arp timeout 1740
 standby priority 105 preempt
 standby ip 171.70.34.1
 standby track Se6/0/0
 standby 2 priority 105 preempt
 standby 2 ip 10.17.212.1
 standby 2 track Se6/0/0
 hold-queue 150 in


sjbrn-gw1#sh ip int br
Ethernet0/0192.168.54.131  YES NVRAM  up
up
FastEthernet1/0171.70.34.3 YES NVRAM  up
up
Serial6/0/0171.68.2.22 YES NVRAM  up
up








Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: "Kelly Cobean"
To: "Larry Letterman" ; "Cisco groupstudy"

Sent: Wednesday, February 12, 2003 7:01 PM
Subject: RE: HSRP question


> Larry,
> Care to elaborate a little on the downside to doing this?  We're doing
> it in our network but I'd love to present some reasons why we shouldn't
and
> start looking at some proper VLAN config's.  Right now we have something
> like 6 class-c networks configured on a single interface of each of our
> routers.  I know it creates a really overpopulated broadcast domain...What
> else should I be considering?  Thanks.
>
> Kelly Cobean
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Larry Letterman
> Sent: Wednesday, February 12, 2003 7:31 PM
> To: MADMAN; CCIE FUN
> Cc: [EMAIL PROTECTED]
> Subject: Re: HSRP question
>
>
> I have run hsrp on primary and secondary address's and it
> works..
> However , I support Dave's thoughts that I dont like to do
> it for prduction
> networks or for long periods of time...
>
> Larry Letterman
> Network Engineer
> Cisco Systems
>
>
> - Original Message -
> From: "MADMAN"
> To: "CCIE FUN"
> Cc:
> Sent: Wednesday, February 12, 2003 3:29 PM
> Subject: Re: HSRP question
>
>
> >Yes you can do this but I wouldn't design a network
> with secondaries.
> >   Just because you can doesn't mean you should.
> Secondaries should be
> > used only for temporary situations, converting ip
> addresses for example.
> >
> >have fun
> >
> >Dave
> >
> > CCIE FUN wrote:
> > > Hi all
> > > I have two routers running HSRP for a network subnet
> > > lets say for e.g 1.1.1.0/24 on E0 of both the routers.
> > >
> > > now can i add secondary address to these routers on
> > > Interface E0 and also run HSRP for these secondary
> > > address.
> > > I want to add about 10 secondary address.
> > > how will the HSRP config be. Can i run HSRP for
> > > multiple secondary addresses on these routers.
> > >
> > > thanks
> > >
> > >
> > >
> > > __
> > > Do you Yahoo!?
> > > Yahoo! Shopping - Send Flowers for Valentine's Day
> > > http://shopping.yahoo.com
> > > .
> > --
> > David Madland
> > CCIE# 2016
> > Sr. Network Engineer
> > Qwest Communications
> > 612-664-3367
> >
> > "You don't make the poor richer by making the rich
> poorer." --Winston
> > Churchill
> > .
> >
> 
> .




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62969&t=62941
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP question [7:62941]

[Larry Letterman]

Issues I have with secondary ip address's :

In the sh ip int br command, the 10.x.x.x secondary on the below interface
does not show up

The dhcp request for that interface will advertise out the primary interface
not the secondary address, so it is extremely difficult to get the secondary
ip address's a dhcp address

It adds a lot of overhead to the interface connection tables and hsrp can act
strange
on certain routers, especially older routers with resource limits...

interface FastEthernet1/0
 description 590 Brennan St.
 ip address 10.17.212.2 255.255.255.0 secondary
 ip address 171.70.34.3 255.255.255.0
 no ip redirects
 arp timeout 1740
 standby priority 105 preempt
 standby ip 171.70.34.1
 standby track Se6/0/0
 standby 2 priority 105 preempt
 standby 2 ip 10.17.212.1
 standby 2 track Se6/0/0
 hold-queue 150 in


sjbrn-gw1#sh ip int br
Ethernet0/0192.168.54.131  YES NVRAM  up
up
FastEthernet1/0171.70.34.3 YES NVRAM  up
up
Serial6/0/0171.68.2.22 YES NVRAM  up
up








Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: "Kelly Cobean" 
To: "Larry Letterman" ; "Cisco groupstudy"

Sent: Wednesday, February 12, 2003 7:01 PM
Subject: RE: HSRP question


> Larry,
> Care to elaborate a little on the downside to doing this?  We're doing
> it in our network but I'd love to present some reasons why we shouldn't and
> start looking at some proper VLAN config's.  Right now we have something
> like 6 class-c networks configured on a single interface of each of our
> routers.  I know it creates a really overpopulated broadcast domain...What
> else should I be considering?  Thanks.
>
> Kelly Cobean
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Larry Letterman
> Sent: Wednesday, February 12, 2003 7:31 PM
> To: MADMAN; CCIE FUN
> Cc: [EMAIL PROTECTED]
> Subject: Re: HSRP question
>
>
> I have run hsrp on primary and secondary address's and it
> works..
> However , I support Dave's thoughts that I dont like to do
> it for prduction
> networks or for long periods of time...
>
> Larry Letterman
> Network Engineer
> Cisco Systems
>
>
> - Original Message -
> From: "MADMAN" 
> To: "CCIE FUN" 
> Cc: 
> Sent: Wednesday, February 12, 2003 3:29 PM
> Subject: Re: HSRP question
>
>
> >Yes you can do this but I wouldn't design a network
> with secondaries.
> >   Just because you can doesn't mean you should.
> Secondaries should be
> > used only for temporary situations, converting ip
> addresses for example.
> >
> >have fun
> >
> >    Dave
> >
> > CCIE FUN wrote:
> > > Hi all
> > > I have two routers running HSRP for a network subnet
> > > lets say for e.g 1.1.1.0/24 on E0 of both the routers.
> > >
> > > now can i add secondary address to these routers on
> > > Interface E0 and also run HSRP for these secondary
> > > address.
> > > I want to add about 10 secondary address.
> > > how will the HSRP config be. Can i run HSRP for
> > > multiple secondary addresses on these routers.
> > >
> > > thanks
> > >
> > >
> > >
> > > __
> > > Do you Yahoo!?
> > > Yahoo! Shopping - Send Flowers for Valentine's Day
> > > http://shopping.yahoo.com
> > > .
> > --
> > David Madland
> > CCIE# 2016
> > Sr. Network Engineer
> > Qwest Communications
> > 612-664-3367
> >
> > "You don't make the poor richer by making the rich
> poorer." --Winston
> > Churchill
> > .
> >
> 
> .




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62941&t=62941
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP question [7:62931]

[Kelly Cobean]

Larry,
Care to elaborate a little on the downside to doing this?  We're doing
it in our network but I'd love to present some reasons why we shouldn't and
start looking at some proper VLAN config's.  Right now we have something
like 6 class-c networks configured on a single interface of each of our
routers.  I know it creates a really overpopulated broadcast domain...What
else should I be considering?  Thanks.

Kelly Cobean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Larry Letterman
Sent: Wednesday, February 12, 2003 7:31 PM
To: MADMAN; CCIE FUN
Cc: [EMAIL PROTECTED]
Subject: Re: HSRP question


I have run hsrp on primary and secondary address's and it
works..
However , I support Dave's thoughts that I dont like to do
it for prduction
networks or for long periods of time...

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: "MADMAN" 
To: "CCIE FUN" 
Cc: 
Sent: Wednesday, February 12, 2003 3:29 PM
Subject: Re: HSRP question


>Yes you can do this but I wouldn't design a network
with secondaries.
>   Just because you can doesn't mean you should.
Secondaries should be
> used only for temporary situations, converting ip
addresses for example.
>
>have fun
>
>Dave
>
> CCIE FUN wrote:
> > Hi all
> > I have two routers running HSRP for a network subnet
> > lets say for e.g 1.1.1.0/24 on E0 of both the routers.
> >
> > now can i add secondary address to these routers on
> > Interface E0 and also run HSRP for these secondary
> > address.
> > I want to add about 10 secondary address.
> > how will the HSRP config be. Can i run HSRP for
> > multiple secondary addresses on these routers.
> >
> > thanks
> >
> >
> >
> > __
> > Do you Yahoo!?
> > Yahoo! Shopping - Send Flowers for Valentine's Day
> > http://shopping.yahoo.com
> > .
> --
> David Madland
> CCIE# 2016
> Sr. Network Engineer
> Qwest Communications
> 612-664-3367
>
> "You don't make the poor richer by making the rich
poorer." --Winston
> Churchill
> .
>

FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SRB & HSRP [7:62660]

[Priscilla Oppenheimer]

MADMAN wrote:
> 
> Hi,
> 
>   I would have to look at the DLSW redundancy configs to give
> you a
> diffinitive answer, (I can't memorize all this stuff:), but I
> can
> promise you that you can't have two differant ring numbers on a
> single
> token ring.  You will bring the ring down.

Maybe the two routers really are on different rings. The original poster
needs to figure this out.

Regardless, HSRP should work across the bridged rings. It would be like two
routers doing HSRP even though they are on different switched LANs. That
works (most of the time. ;-)

The HSRP routers communicate with each other using a multicast address.
Assuming the Token Ring bridges (or Ethernet switches in the case of
Ethernet) aren't filtering multicasts, it should work. In the generic case,
multicasts flow across a bridged network without problems.

Now, Token Ring still has that old issue of not really supporting multicast
addresses. Instead it uses functional addresses. But Cisco must have solved
that since, as you say, HSRP works on SRB usually.

Priscilla



> 
>Dave
> 
>take a look at this, it sounds like what you want to do, you
> need to
> change your bridge number though as they should not match.
> 
>
http://www.cisco.com/en/US/customer/tech/tk331/tk336/technologies_tech_note09186a0080094548.shtml
> 
> 
> Simon Watson wrote:
> > Hi Madman
> > 
> >  
> > 
> > Are you recommending me to configure both Token-Ring HSRP
> interfaces
> > with the same SRB statement ? i.e "source-bridge 101 2 300".
> > 
> >  
> > 
> > Thanks
> > 
> >  
> > 
> > Simon.
> > 
> >  
> > 
> >  
> > 
> > 
> > 
> >  
> > 
> >  >From: MADMAN
> >  >Reply-To: [EMAIL PROTECTED]
> >  >To: Simon Watson
> >  >CC: [EMAIL PROTECTED]
> >  >Subject: Re: SRB & HSRP [7:62660]
> >  >Date: Fri, 07 Feb 2003 14:49:06 -0600
> >  >
> >  >
> >  > I have configured HSRP in SRB environments, they are two
> seperate
> >  >things. What I wouldn't do is connect a secondary router to
> this
> >  >token ring with a differant ring number!!!
> >  >
> >  > Dave
> >  >
> >  >Simon Watson wrote:
> >  >>Hi Guys I'm going to install a secondary router on a
> Token-Ring
> >  >>Source
> >  >>Route Bridge Network, and use HSRP between the two routers
> for
> >  >>redundancy. On the current router the SRB config on the
> Token Ring
> >  >>Interface is: "source-bridge 101 2 300". On the secondary
> router's
> >  >>Token-Ring interface is it ok to use for example
> "source-bridge 102
> >  >>2
> >  >>300" In other words is there any issues of using HSRP on
> interfaces
> >  >>that
> >  >>have SRB configured. Thanks Simon.
> >  >>
> > 
> >>
> >  >>
> >  >>It's fast, it's easy and it's free! Click here to download
> MSN
> >  >>Messenger
> >  >>[EMAIL PROTECTED]
> >  >>
> >  >>
> >  >
> >  >
> >  >--
> >  >David Madland
> >  >CCIE# 2016
> >  >Sr. Network Engineer
> >  >Qwest Communications
> >  >612-664-3367
> >  >
> >  >"You don't make the poor richer by making the rich poorer."
> >  >--Winston
> >  >Churchill
> > 
> >
> 
> > Add photos to your messages with MSN 8. More info here. 
> > 
> 
> 
> -- 
> David Madland
> CCIE# 2016
> Sr. Network Engineer
> Qwest Communications
> 612-664-3367
> 
> "You don't make the poor richer by making the rich poorer."
> --Winston
> Churchill
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62680&t=62660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SRB & HSRP [7:62660]

[MADMAN]

Hi,

  I would have to look at the DLSW redundancy configs to give you a 
diffinitive answer, (I can't memorize all this stuff:), but I can 
promise you that you can't have two differant ring numbers on a single 
token ring.  You will bring the ring down.

   Dave

   take a look at this, it sounds like what you want to do, you need to 
change your bridge number though as they should not match.

http://www.cisco.com/en/US/customer/tech/tk331/tk336/technologies_tech_note09186a0080094548.shtml


Simon Watson wrote:
> Hi Madman
> 
>  
> 
> Are you recommending me to configure both Token-Ring HSRP interfaces 
> with the same SRB statement ? i.e "source-bridge 101 2 300".
> 
>  
> 
> Thanks
> 
>  
> 
> Simon.
> 
>  
> 
>  
> 
> 
> 
>  
> 
>  >From: MADMAN
>  >Reply-To: [EMAIL PROTECTED]
>  >To: Simon Watson
>  >CC: [EMAIL PROTECTED]
>  >Subject: Re: SRB & HSRP [7:62660]
>  >Date: Fri, 07 Feb 2003 14:49:06 -0600
>  >
>  >
>  > I have configured HSRP in SRB environments, they are two seperate
>  >things. What I wouldn't do is connect a secondary router to this
>  >token ring with a differant ring number!!!
>  >
>  > Dave
>  >
>  >Simon Watson wrote:
>  >>Hi Guys I'm going to install a secondary router on a Token-Ring
>  >>Source
>  >>Route Bridge Network, and use HSRP between the two routers for
>  >>redundancy. On the current router the SRB config on the Token Ring
>  >>Interface is: "source-bridge 101 2 300". On the secondary router's
>  >>Token-Ring interface is it ok to use for example "source-bridge 102
>  >>2
>  >>300" In other words is there any issues of using HSRP on interfaces
>  >>that
>  >>have SRB configured. Thanks Simon.
>  >>
>  >>
>  >>
>  >>It's fast, it's easy and it's free! Click here to download MSN
>  >>Messenger
>  >>[EMAIL PROTECTED]
>  >>
>  >>
>  >
>  >
>  >--
>  >David Madland
>  >CCIE# 2016
>  >Sr. Network Engineer
>  >Qwest Communications
>  >612-664-3367
>  >
>  >"You don't make the poor richer by making the rich poorer."
>  >--Winston
>  >Churchill
> 
> 
> Add photos to your messages with MSN 8. More info here. 
> 


-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"You don't make the poor richer by making the rich poorer." --Winston
Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62670&t=62660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SRB & HSRP [7:62660]

[Simon Watson]

Hi Madman

 

Are you recommending me to configure both Token-Ring HSRP interfaces with
the same SRB statement ? i.e "source-bridge 101 2 300".

 

Thanks

 

Simon.

 

 

 

>From: MADMAN >Reply-To: [EMAIL PROTECTED] >To: Simon Watson >CC:
[EMAIL PROTECTED] >Subject: Re: SRB & HSRP [7:62660] >Date: Fri, 07
Feb 2003 14:49:06 -0600 > > > I have configured HSRP in SRB environments,
they are two seperate >things. What I wouldn't do is connect a secondary
router to this >token ring with a differant ring number!!! > > Dave >
>Simon Watson wrote: >>Hi Guys I'm going to install a secondary router on
a Token-Ring >>Source >>Route Bridge Network, and use HSRP between the
two routers for >>redundancy. On the current router the SRB config on the
Token Ring >>Interface is: "source-bridge 101 2 300". On the secondary
router's >>Token-Ring interface is it ok to use for example
"source-bridge 102 >>2 >>300" In other words is there any issues of using
HSRP on interfaces >>that >>have SRB configured. Thanks Simon. >>
>>
>> >>It's fast, it's easy and it's free! Click here to download MSN
archives, and subscription info:
>>http://www.groupstudy.com/list/cisco.html >>Report misconduct and
Nondisclosure violations to >>[EMAIL PROTECTED] >> >> > > >-- >David
Madland >CCIE# 2016 >Sr. Network Engineer >Qwest Communications
>612-664-3367 > >"You don't make the poor richer by making the rich
poorer." >--Winston >Churchill



Add photos to your messages with MSN 8. More info here.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62669&t=62660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SRB & HSRP [7:62660]

[MADMAN]

I have configured HSRP in SRB environments, they are two seperate 
things.  What I wouldn't do is connect a secondary router to this token 
ring with a differant ring number!!!

   Dave

Simon Watson wrote:
> Hi Guys I'm going to install a secondary router on a Token-Ring Source
> Route Bridge Network, and use HSRP between the two routers for
> redundancy. On the current router the SRB config on the Token Ring
> Interface is: "source-bridge 101 2 300". On the secondary router's
> Token-Ring interface is it ok to use for example "source-bridge 102 2
> 300" In other words is there any issues of using HSRP on interfaces that
> have SRB configured. Thanks Simon.
> 
> 
> 
> It's fast, it's easy and it's free! Click here to download MSN Messenger
-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"You don't make the poor richer by making the rich poorer." --Winston
Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62667&t=62660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

SRB & HSRP [7:62660]

[Simon Watson]

Hi Guys I'm going to install a secondary router on a Token-Ring Source
Route Bridge Network, and use HSRP between the two routers for
redundancy. On the current router the SRB config on the Token Ring
Interface is: "source-bridge 101 2 300". On the secondary router's
Token-Ring interface is it ok to use for example "source-bridge 102 2
300" In other words is there any issues of using HSRP on interfaces that
have SRB configured. Thanks Simon.



It's fast, it's easy and it's free! Click here to download MSN Messenger




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62660&t=62660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP Virtual Address as an RP? [7:62289]

[s vermill]

I have a multicast server cluster in a VLAN behind a pair of 6509s with
MSFC2s.  The pair of MSFCs is running HSRP.  The default gateway for the
mcast cluster controller is the HSRP address.  Everything works fine.  It
dawned on me today that I might be able to reference the HSRP address as the
RP on all other routers that will be sending mcast joins.  As it is now, for
test and turn-up, I have a only two audio/video pairs being sourced by VCRs
which are attached to mcast servers.  So I have:

'ip pim rp-address a.b.c.d 1'
'ip pim rp-address e.f.g.h 2'

'access-list 1 permit 239.1.1.1'
'access-list 1 permit 239.1.1.2'

'access-list 2 permit 239.1.2.1'
'access-list 2 permit 239.1.2.2'

where a.b.c.d and e.f.g.h are loopback addresses of the two HSRP-speaking
routers.  The first access list specifies that one audio/video pair have
router A as an RP and the other pair the router B as an RP.  Not very
scalable for the long term.  I initially though about splitting the
239.0.0.0 network between the two RPs.  That would be psuedo load
balancing.  However, I don't seem to be able to influence how the cluster
controller assigns mcast IPs (nor do I want the administrator that this will
ultimately be turned over to to have to statically assign mcast IPs to every
channel's audio and video).  I can only specify a range (e.g. 239.0.0.0 -
239.255.255.255) from which the cluster controller randomly (apparently)
grabs addresses.  So the audio and video might end up in different halves of
the 239.0.0.0 network, making the RP different between the two.  Not really
a big deal, but not really clean either.  So what if I:

'ip pim rp-address i.j.k.l'

where i.j.k.l is the HSRP virtual IP?

Will it work or will it break?  I can't get to the client site until next
week to find out for myself.  What do ya'll think?

Thanks much and happy weekend!

Scott




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62289&t=62289
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: URGENT HSRP PROBLEM [7:62064]

[Claudio Spescha]

hi 
this is a strange thing.
If the routers are connected via a switch make sure that port security is
disabled because the actice router has 2 MAC Adresses for the HSRP interface.

see you




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62136&t=62064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: URGENT HSRP PROBLEM [7:62064]

[Michael Williams]

I have seen times where if you connect the two routers through a switch,
that spanning-tree can disrupt the HSPR Hellos, and cause problems.  If you
are connecting these two routers through a switch (or a swicthed
environment), make sure to use spanning-tree portfast on those ports so that
spanning-tree won't interfere.

Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62113&t=62064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP PROBLEM [7:62057]

[Andrew Larkins]

the routers send hellp packets using a multicast address - check that this
is not being blocked somewhere.

-Original Message-
From: . [mailto:[EMAIL PROTECTED]]
Sent: 28 January 2003 22:46
To: [EMAIL PROTECTED]
Subject: HSRP PROBLEM [7:62057]


HSRP PROBLEM

x.x.x.36 and x.x.x.37 are two routers.


x.x.x.x.36 config:
standby 1 ip x.x.x.35
standby 1 priority 150
standby 1 preempt delay minimum 2
standby 1 track serial0 10


x.x.x.x.37 config:
standby 1 ip x.x.x.35
standby 1 priority 140
standby 1 prempt
standby 1 track serial0 20


Problem:

Both routers keep switching roles. The serial interface ain't that bad at
all. It hardly goes down on both the routers.

What can be the problem? Any possible solutions to test out?

Thank You




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62082&t=62057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: URGENT HSRP PROBLEM [7:62064]

[Daniel Cotts]

Sorry, I don't have time to look into your problem. Try the Cisco article
"Avoiding HSRP Instability in a Switching Environment with Various Router
Platforms". It might apply to your situation.

> -Original Message-
> From: Raj [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 28, 2003 4:04 PM
> To: [EMAIL PROTECTED]
> Subject: URGENT HSRP PROBLEM [7:62064]
> 
> 
> HSRP PROBLEM
> 
> x.x.x.36 and x.x.x.37 are two routers.
> 
> 
> f0 interface config:
> x.x.x.x.36 config:
> standby 1 ip x.x.x.35
> standby 1 priority 150
> standby 1 preempt delay minimum 2
> standby 1 track serial0 15
> 
> 
> f0 interface config:
> x.x.x.x.37 config:
> standby 1 ip x.x.x.35
> standby 1 priority 140
> standby 1 prempt
> standby 1 track serial0 20
> 
> 
> Problem:
> 
> Both routers keep switching roles. The serial interfaces and links are
> perfect. They never go down.
> I have disabled f0 on .37 router and when i enable it, it 
> seems to be stuck
> in speak state and even takes over as active but the .36 router never
> registers any changes in its state during this time.
> Access-lists,etc arent a problem..
> 
> Thank You




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62068&t=62064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: URGENT HSRP PROBLEM [7:62064]

[Larry Letterman]

what are the routers connected too that allows the routers
to talk hsrp to each other...?

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: "Raj" 
To: 
Sent: Tuesday, January 28, 2003 2:03 PM
Subject: URGENT HSRP PROBLEM [7:62064]


> HSRP PROBLEM
>
> x.x.x.36 and x.x.x.37 are two routers.
>
>
> f0 interface config:
> x.x.x.x.36 config:
> standby 1 ip x.x.x.35
> standby 1 priority 150
> standby 1 preempt delay minimum 2
> standby 1 track serial0 15
>
>
> f0 interface config:
> x.x.x.x.37 config:
> standby 1 ip x.x.x.35
> standby 1 priority 140
> standby 1 prempt
> standby 1 track serial0 20
>
>
> Problem:
>
> Both routers keep switching roles. The serial interfaces
and links are
> perfect. They never go down.
> I have disabled f0 on .37 router and when i enable it, it
seems to be stuck
> in speak state and even takes over as active but the .36
router never
> registers any changes in its state during this time.
> Access-lists,etc arent a problem..
>
> Thank You
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62067&t=62064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

URGENT HSRP PROBLEM [7:62064]

[Raj]

HSRP PROBLEM

x.x.x.36 and x.x.x.37 are two routers.


f0 interface config:
x.x.x.x.36 config:
standby 1 ip x.x.x.35
standby 1 priority 150
standby 1 preempt delay minimum 2
standby 1 track serial0 15


f0 interface config:
x.x.x.x.37 config:
standby 1 ip x.x.x.35
standby 1 priority 140
standby 1 prempt
standby 1 track serial0 20


Problem:

Both routers keep switching roles. The serial interfaces and links are
perfect. They never go down.
I have disabled f0 on .37 router and when i enable it, it seems to be stuck
in speak state and even takes over as active but the .36 router never
registers any changes in its state during this time.
Access-lists,etc arent a problem..

Thank You




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62064&t=62064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP PROBLEM [7:62057]

[.]

HSRP PROBLEM

x.x.x.36 and x.x.x.37 are two routers.


x.x.x.x.36 config:
standby 1 ip x.x.x.35
standby 1 priority 150
standby 1 preempt delay minimum 2
standby 1 track serial0 10


x.x.x.x.37 config:
standby 1 ip x.x.x.35
standby 1 priority 140
standby 1 prempt
standby 1 track serial0 20


Problem:

Both routers keep switching roles. The serial interface ain't that bad at
all. It hardly goes down on both the routers.

What can be the problem? Any possible solutions to test out?

Thank You




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62057&t=62057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token Ring/HSRP Question [7:61359]

[mjans001]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Seems that after 11.3(9) they fixed a few bugs regarding HSRP.

You can try it.


http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/rn113m/rn113mnt.htm#xtocid25

.2eu c

MArtijn

- -Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Simon Watson
Verzonden: maandag 20 januari 2003 11:08
Aan: [EMAIL PROTECTED]
Onderwerp: Token Ring/HSRP Question [7:61359]


Hi Guys I'm going to a client's site that has a 2513 router with
11.3(11a) IOS (image is  c2500-ds-l_113-11a.bin). 2 things: I'm looking to
set up HSRP on the router, should I have any issues with that level of
software ?Also are there an issues I should be aware of when configuring
HSRP on token ring routers ??  Thanks in advance Simon.

- 

Help STOP SPAM: Try the new MSN 8 and get 2 months FREE*
Version: PGP 8.0

iQA/AwUBPi3HR3dq56XWk+VyEQJSSwCgoyJ1D/+pXgdipbJ+6xW4DiiwIj0AoO8m
n9jRny4WKcn+HQ+oy4vM5jyy
=3WHB
-END PGP SIGNATURE-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61517&t=61359
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Can't ping an HSRP address from a 3550-12G [7:61264]

[Ross McCormick]

Symon

Things to check:
-  are there any access lists or firewalling software preventing multicast
traffic between the routers and "disconnected" switch?
-  are any of the switches "stacked"?  If so, ensure software versions are
compatable.
-  are there any duplex issues between switches.  In particular, check that
gig ports are set to auto-speed, auto-duplex at both ends of the link.

Hope this helps.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61440&t=61264
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Token Ring/HSRP Question [7:61359]

[Michael W. Oliver]

On Monday 20 January 2003 03:12 pm, Priscilla Oppenheimer wrote:
> HSRP has been supported for a long time, even on Token Ring. It was
> supported in 11.3, I think in all varieties, but you would have to check
> for sure in the Release Notes to see if your particular image supports
> it, but I bet it does.
>
> You can find documentation for Cisco's older versions of IOS rather
> readily (at least on the old site).
>
> Start here:
>
> http://www.cisco.com/univercd/home/home.htm
>
> Use the pull-down menu to the right under Product Documentation to get
> the docs for 11.3. The Master Index will help, as will the Release Notes.
>
> To learn about configuring HSRP on that vintage router, go to
> Configuration Guides and Command References.
>
> Go to:
>
> P1C: Network Protocols Configuration Guide, Part 1
>
> Then go to:
>
> Configuring IP Services
>
> That document contains a section called "Configure the Hot Standby Router
> Protocol."
>
> Don't search on HSRP because the document doesn't use the acronym! Hey,
> they couldn't make it easy, could they?
>
> HTH
>
> ___
>
> Priscilla Oppenheimer
> www.troubleshootingnetworks.com
> www.priscilla.com
>
> Simon Watson wrote:
> > Hi Guys I'm going to a client's site that has a 2513 router with
> > 11.3(11a) IOS (image is  c2500-ds-l_113-11a.bin). 2 things: I'm
> > looking
> > to set up HSRP on the router, should I have any issues with
> > that level of
> > software ?Also are there an issues I should be aware of when
> > configuring
> > HSRP on token ring routers ??  Thanks in advance Simon.
> >
> > ---
> >-
> >
> > Help STOP SPAM: Try the new MSN 8 and get 2 months FREE*
> Nondisclosure violations to [EMAIL PROTECTED]

http://www.cisco.com/warp/public/619/hsrpguide2.html

Pay particular attention to the number of groups that are available when 
configuring HSRP on Token Ring networks.

HTH

-- 

   Michael W. Oliver, CCNP | 
 IPv6 & FreeBSD mizark | "The tree of liberty must be refreshed
[EMAIL PROTECTED] |   from time to time with the blood of
http://michael.gargantuan.com/ |   patriots and tyrants."
   (via IPv4 and IPv6) | - President Thomas Jefferson
IPv6 ASPathTree, Looking Glass |





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61402&t=61359
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token Ring/HSRP Question [7:61359]

[Priscilla Oppenheimer]

HSRP has been supported for a long time, even on Token Ring. It was
supported in 11.3, I think in all varieties, but you would have to check for
sure in the Release Notes to see if your particular image supports it, but I
bet it does.

You can find documentation for Cisco's older versions of IOS rather readily
(at least on the old site).

Start here:

http://www.cisco.com/univercd/home/home.htm

Use the pull-down menu to the right under Product Documentation to get the
docs for 11.3. The Master Index will help, as will the Release Notes.

To learn about configuring HSRP on that vintage router, go to Configuration
Guides and Command References.

Go to:

P1C: Network Protocols Configuration Guide, Part 1 

Then go to:

Configuring IP Services 

That document contains a section called "Configure the Hot Standby Router
Protocol."

Don't search on HSRP because the document doesn't use the acronym! Hey, they
couldn't make it easy, could they?

HTH

___

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com


Simon Watson wrote:
> 
> Hi Guys I'm going to a client's site that has a 2513 router with
> 11.3(11a) IOS (image is  c2500-ds-l_113-11a.bin). 2 things: I'm
> looking
> to set up HSRP on the router, should I have any issues with
> that level of
> software ?Also are there an issues I should be aware of when
> configuring
> HSRP on token ring routers ??  Thanks in advance Simon.
> 
> 
> 
> Help STOP SPAM: Try the new MSN 8 and get 2 months FREE*
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61400&t=61359
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Token Ring/HSRP Question [7:61359]

[Simon Watson]

Hi Guys I'm going to a client's site that has a 2513 router with
11.3(11a) IOS (image is  c2500-ds-l_113-11a.bin). 2 things: I'm looking
to set up HSRP on the router, should I have any issues with that level of
software ?Also are there an issues I should be aware of when configuring
HSRP on token ring routers ??  Thanks in advance Simon.



Help STOP SPAM: Try the new MSN 8 and get 2 months FREE*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61359&t=61359
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Token Ring/HSRP Question [7:61344]

[Simon Watson]

Hi Guys I'm going to a client's site that has a 2513 router with
11.3(11a) IOS (image is  c2500-ds-l_113-11a.bin). 2 things: I'm looking
to set up HSRP on the router, should I have any issues with that level of
software ?Also is there an issues I should be aware of when configuring
HSRP on token ring routers ??  Thanks in advance Simon.



Protect your PC - Click here for McAfee.com VirusScan Online




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61344&t=61344
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Can't ping an HSRP address from a 3550-12G [7:61264]

[Symon Thurlow]

Hi guys,

I have a 3550-12G that is connected to 5 switches.

There are also a 3640 and a 2600, that share an HSRP address, and both
of these routers are connected to one of the switches hanging off the
3550-12G..

>From the 3550-12G I can't ping the HSRP address, but can ping the
physical address of each participating interface.

I though it was quite odd, as the other 5 switches connected to the
3550-12G can ping the HSRP address (2 x 3548's, 1 x 3524 and 2 x
3550-48's).

I haven't done any in depth analysis yet (packet captures etc) but
wondered if anyone else had come across it.

Symon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61264&t=61264
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

17X0 HSRP bug [7:60197]

[William Pearch]

Those of you that have 1700 series routers in your labs, take a look at bug
CSCdz64230.  It had me chasing my tail a while this evening.  The net net is
you get a flapping link, and nearly constant hsrp state changes and spanning
tree action.
TTFN,
Bill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=60197&t=60197
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP and BGP [7:59735]

[Ivan Yip]

Dear All,

Thanks all useful information.
Merry Christmas and Happy New Year!!!

rgds,
ivan


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59777&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and BGP [7:59735]

[chris kane]

While several of us have mentioned splitting up the netblocks that you
advertise to your ISP would help spread the usage across the T1's there is
something to keep in mind. If there is only 1 or so hosts that are most
often the destination for traffic inbound to your site, you are still going
to get more utilization across the link that advertises the network that
contains that particular host/s.

I mention this because I've had clients in the past split netblock
assignments in an effort to get better utilization of their multiple T1
setups. But we've often found that they have 1 host providing more service
than the others, that particular network will see more traffic, hence, that
particular link seeing more utilization.

There can be a need to be very granular about how you advertise networks and
about how you have your network set up. You may have to play with moving
hosts around on different netblocks if you are truly looking to get
something near even traffic on each T1. You can use your interface stats to
routinely check load, or better, use something like MRTG that will poll your
interfaces and graph utilization over longer periods of time.

Sorry if this is long winded, but you need to keep in mind what your trying
to do. How to best use the resources you have and perhaps most importantly,
to know how to measure it accurately to see if you've achieved the results
you were looking for.

-chris

- Original Message -
From: "YASSER ALY" 
To: 
Sent: Monday, December 23, 2002 11:43 AM
Subject: Re: HSRP and BGP [7:59735]


> In your scenario advertising same block over both links to your provider
> will not help in load sharing. Redundancy is acheived but not sharing
> because your ISP will receive two advertisments to the same block and BGP
> only chooses the best route.
>
>  You can overcome this in many ways, for example you if you have a /22
> block. Devide it into 8 /24 blocks. Start advertising 4 /24s through the
> 1st router, advertise the remaining /24s through the 2nd router. Like
> this you acheived load-balance as your ISP will receive 1/2 of the routes
> via one link and the rest through the other.
>
>  You are not done yet as this will provide load-sharing but not
> redundancy. For example if Link1 fails this means that 1/2 of your blocks
> will not be advertised and will stop receiving traffic for them. To avoid
> this, advertise through both routers an aggregate route for the whole
> /22. Like this your ISP will always use the more specific route and in a
> way balance the traffic over both links. When one of the links/routers
> fail, your ISP will use the aggregate route advertised from your other
> router to route all the traffic back to you.
>
>  Another way, is to ask your provider to accept not just 1 route for the
> /24 but accept both by setting the maximum accepted routes to 2 instead
> to 1. 1 is the default and ISPs normally don't accept changing this
> default value.
>
> HTH,
>
> Yasser
>
> >From: "Ivan Yip" >Hi All, > >Thanks all your response. > >Now two
> routers adverise same block /24 to the isp. I found that they are >'load
> shared' in this sense. Only 1 link is the active for Inbound. For
> >example, if I download files from outside, inbound is using say link1
> and >link2 is idle and no packet coming in. Some time later, I ftp again
> and this >time is using link2 and link1 is idle. > >Is it normal? > >TIA.
> misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> 
>
> Protect your PC - Click here for McAfee.com VirusScan Online




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59759&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and BGP [7:59735]

[YASSER ALY]

In your scenario advertising same block over both links to your provider
will not help in load sharing. Redundancy is acheived but not sharing
because your ISP will receive two advertisments to the same block and BGP
only chooses the best route.

 You can overcome this in many ways, for example you if you have a /22
block. Devide it into 8 /24 blocks. Start advertising 4 /24s through the
1st router, advertise the remaining /24s through the 2nd router. Like
this you acheived load-balance as your ISP will receive 1/2 of the routes
via one link and the rest through the other.

 You are not done yet as this will provide load-sharing but not
redundancy. For example if Link1 fails this means that 1/2 of your blocks
will not be advertised and will stop receiving traffic for them. To avoid
this, advertise through both routers an aggregate route for the whole
/22. Like this your ISP will always use the more specific route and in a
way balance the traffic over both links. When one of the links/routers
fail, your ISP will use the aggregate route advertised from your other
router to route all the traffic back to you.

 Another way, is to ask your provider to accept not just 1 route for the
/24 but accept both by setting the maximum accepted routes to 2 instead
to 1. 1 is the default and ISPs normally don't accept changing this
default value.

HTH,

Yasser

>From: "Ivan Yip" >Hi All, > >Thanks all your response. > >Now two
routers adverise same block /24 to the isp. I found that they are >'load
shared' in this sense. Only 1 link is the active for Inbound. For
>example, if I download files from outside, inbound is using say link1
and >link2 is idle and no packet coming in. Some time later, I ftp again
and this >time is using link2 and link1 is idle. > >Is it normal? > >TIA.
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Protect your PC - Click here for McAfee.com VirusScan Online




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59753&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and BGP [7:59735]

[The Long and Winding Road]

""Ivan Yip""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All,
>
> Thanks all your response.
>
> Now two routers adverise same block /24 to the isp. I found that they are
> 'load shared' in this sense. Only 1 link is the active for Inbound. For
> example, if I download files from outside, inbound is using say link1 and
> link2 is idle and no packet coming in. Some time later, I ftp again and
this
> time is using link2 and link1 is idle.
>
> Is it normal?


depends - per packet load sharing versus per conversation load sharing.

with per packet load sharing set up correctly, each packet might take a
different path.

with per conversation load sharing, it is quite easy for this to happen.
lets say that the router to microsoft.com is on your router's route cache
for one link. any traffic to microsoft would take that one link, no matter
how many other links to the internet you may have. later, you go to
redhat.com. the route is not in the route cache, lookups are made, and the
router chooses a different path.

you really need to look at this in detail both on your side and with regards
to what your ISP is doing.



>
> TIA.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59741&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and BGP [7:59735]

[Ivan Yip]

Hi All,

Thanks all your response. 

Now two routers adverise same block /24 to the isp. I found that they are
'load shared' in this sense. Only 1 link is the active for Inbound. For
example, if I download files from outside, inbound is using say link1 and
link2 is idle and no packet coming in. Some time later, I ftp again and this
time is using link2 and link1 is idle.

Is it normal?

TIA.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59740&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and BGP [7:59735]

[chris kane]

> Hi,
>
> I have 2 routers configured with HSRP and running BGP with single ISP. For
> outbound traffic, it will go through the Active HSRP router.
>
> How about Inbound traffic? Can the Inbound traffic be 'load shared'? (The
> ISP already make the same preference on our route advertised)
>
> Or the Inbound traffic can only route back to active router link?
>

You get back what you advertise out. So if you want some traffic to take one
link and other traffic to take the other link, then you need to advertise it
that way. Let's say you have a /24 netblock. You can advertise the first
half of addresses (/25) out router A and the back half (/25) out router B.
Then, take it a step further by also advertising the whole /24 block out
both. This way, should one link fail, the other will pick up the traffic
initially destined for the failed link. This based off of the longest-match
rule.

Please note - my example uses a /24 split into 2 /25s. Most providers won't
accept (more specifically, won't advertise to their peers) any block smaller
than a /24. There are some exceptions (such as having leased your netblock
from that provider). Ask your provider what their policy is.

Either way, work with your provider to get the advertisements setup
correctly. This is the beauty of BGP. It has all the knobs you need for such
requirements.

HTH,
-chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59739&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP and BGP [7:59735]

[Simmi Singla]

Hi,
inbound traffic has nothing to do with HSRP.It all depends how your isp is
routing back traffic through bgp.so it means u can load balance on the two
links.
Ivan Yip wrote:
> 
> Hi,
> 
> I have 2 routers configured with HSRP and running BGP with
> single ISP. For outbound traffic, it will go through the Active
> HSRP router.
> 
> How about Inbound traffic? Can the Inbound traffic be 'load
> shared'? (The ISP already make the same preference on our route
> advertised)
> 
> Or the Inbound traffic can only route back to active router
> link?
> 
> TIA.
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59738&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP and BGP [7:59735]

[Simmi Singla]

Hi,
inbound traffic has nothing to do with HSRP.It all depends how your isp is
routing back traffic through bgp.so it means u can load balance on the two
links.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59737&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and BGP [7:59735]

[Brian]

Usually if you want to distribute inbound traffic between two links with the
SAME isp, you attach both of those links to the same router, create a
loopback ip on that router, and have your provider peer with that loopback
ip.  Putting them on different routers will give you redundancy as opposed
to load sharing.

Brian

- Original Message -
From: "Ivan Yip" 
To: 
Sent: Sunday, December 22, 2002 6:18 PM
Subject: HSRP and BGP [7:59735]


> Hi,
>
> I have 2 routers configured with HSRP and running BGP with single ISP. For
> outbound traffic, it will go through the Active HSRP router.
>
> How about Inbound traffic? Can the Inbound traffic be 'load shared'? (The
> ISP already make the same preference on our route advertised)
>
> Or the Inbound traffic can only route back to active router link?
>
> TIA.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59736&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP and BGP [7:59735]

[Ivan Yip]

Hi,

I have 2 routers configured with HSRP and running BGP with single ISP. For
outbound traffic, it will go through the Active HSRP router.

How about Inbound traffic? Can the Inbound traffic be 'load shared'? (The
ISP already make the same preference on our route advertised)

Or the Inbound traffic can only route back to active router link?

TIA.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59735&t=59735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP [7:59148]

[Edward Sohn]

ughh...that picture didn't work...the diagonal lines in the 1st pic are
supposed to come from the HQ LAN and Branch LAN, respectively.  the 2nd
picture should have the lines come from the outside interfaces of R1 and
R2, respectively.

send me an email if you need clarification...

thanks,

eddie

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Edward Sohn
Sent: Thursday, December 12, 2002 5:59 PM
To: [EMAIL PROTECTED]
Subject: HSRP [7:59148]


I have an HQ-to-Branch Office configuration with two separate VPN
connections like the following:

HQ LAN-- R1
---PIX1-INTERNETPIX2R2---Branch LAN
   \
/
 \
/
 
--R3-PIX3-INTERNET--PIX4-R4


The network uses EIGRP, so I know that EIGRP will just choose the best
route, which is fine.  

My question is: is the best practice to use HSRP between R1-R3 and R2-R4
as the LAN default gateway on the respective site?  Or should I just
choose one router as the gateway and let EIGRP choose the best path?

Also, if I used two separate GRE tunnels for either path on only ONE
router on each site (with only one ethernet interface) as shown below,
what would be my potential problems, if any?  Obviously, I know there
would be better hardware redundancy with two routers at each site, but
is it even recommended to do such a configuration?  I have to  consider
every possibly option to save money for my customer (this config would
save the customer one router on each end).


HQ LAN-- R1
---PIX1--INTERNETPIX2R2---Branch LAN
\
/
  \
/
 
PIX3-INTERNET--PIX4---

Please email me directly.

Thanks,

Ed




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59152&t=59148
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP [7:59148]

[Edward Sohn]

I have an HQ-to-Branch Office configuration with two separate VPN
connections like the following:

HQ LAN-- R1
---PIX1-INTERNETPIX2R2---Branch LAN
   \
/
 \
/
 
--R3-PIX3-INTERNET--PIX4-R4


The network uses EIGRP, so I know that EIGRP will just choose the best
route, which is fine.  

My question is: is the best practice to use HSRP between R1-R3 and R2-R4
as the LAN default gateway on the respective site?  Or should I just
choose one router as the gateway and let EIGRP choose the best path?

Also, if I used two separate GRE tunnels for either path on only ONE
router on each site (with only one ethernet interface) as shown below,
what would be my potential problems, if any?  Obviously, I know there
would be better hardware redundancy with two routers at each site, but
is it even recommended to do such a configuration?  I have to  consider
every possibly option to save money for my customer (this config would
save the customer one router on each end).


HQ LAN-- R1
---PIX1--INTERNETPIX2R2---Branch LAN
\
/
  \
/
 
PIX3-INTERNET--PIX4---

Please email me directly.

Thanks,

Ed




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59148&t=59148
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can I configure BGP neighbor using HSRP VIP ip address of [7:58938]

[Peter van Oene]

At 07:15 PM 12/10/2002 +, Kim Seng wrote:
>r1
> |
> |
> -
> |   |
> |   |
> r2  r3
>
>In the above configuration, r2 and r3 are configured
>with HSRP.
>I need to configure iBGP between r1, r2 and R3. Can I
>configure neighbor from r1 to r2 and r3 using the HSRP
>virtual ip address? or I need to use r2, r3 real ip
>address or using peer-group?

BGP runs on TCP and you won't find stateful TCP failover as part of the 
HSRP spec.  Hence, this won't work, nor do you really want it to.  For 
policy reasons, peer with both upstreams and you'll have more control.






>Thanks.
>
>Kim.
>
>
>__
>Do you Yahoo!?
>Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
>http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58938&t=58938
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Can I configure BGP neighbor using HSRP VIP ip add [7:58908]

[Xueyan Liu]

I ran into this problem before and figured out I had to peer with the real
addresses. That worked out fine.

Xueyan


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58910&t=58908
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Can I configure BGP neighbor using HSRP VIP ip address of [7:58908]

[Kim Seng]

r1
|
|
-
|   |
|   |
r2  r3

In the above configuration, r2 and r3 are configured
with HSRP.
I need to configure iBGP between r1, r2 and R3. Can I
configure neighbor from r1 to r2 and r3 using the HSRP
virtual ip address? or I need to use r2, r3 real ip
address or using peer-group?


Thanks.

Kim.


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58908&t=58908
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP using HSRP virtual ip address? [7:58907]

[Kim Seng]

__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58907&t=58907
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: hsrp & isl trunking [7:57896]

[s vermill]

Dennis,

Just a little different perspective below...

dennis cherry wrote:
> 
> The way we have it is 2 routers connected to the 4000 switch
> with 4 vlans on the switch. Have set up 4 subinterfaces on each
> router, 1 for each van. Each with a separate ip address
> corresponding to the vlan number. We have 2 HSRP groups set up
> with 2 vlans in each group. 

That's one way of looking at it.  But it might help to keep things clear in
your mind if you consider that there really are four HSRP groups.  You're
simply using each group number (and, as has been pointed out, the same
virtual MAC) twice.

> 1 router will be the active for 1 
> group (2 of the vlans) and the other router will be the active
> for the other group (2 vlans). On each subinterface for each
> router for each vlan, it has a unique virtual HSRP IP address.
> I originally thought that all would use the same virtual HSRP
> IP address. 

Did you mean that all VLANs in a group would use the same virtual address? 
If so, you really need to consider looking at things the way I described
above.  Think about it.  One VLAN per subnet, right?  (yes you can have more
than one subnet per VLAN but you can't have more than one VLAN per subnet) 
So how would a host in VLAN 10 use the virtual IP of VLAN 12 as a gateway
(or vice versa)?  Even if the VLANs/subnets are in the "same group," they're
still in different networks.  How could a host with ip address 10.1.1.50/24
use a virtual IP of 10.1.2.1/24 as a gateway?  The host would need a gateway
to reach the gateway since they're in different layer 3 networks.

> You are saying that there should be 4 groups (1 for
> each vlan) instead of the 2 groups that we have?? Or is it OK
> with 2 groups and the 4 unique virtual HSRP IP addresses on
> each router??

It's OK.  But to the extent possible, at least in a real network, I'd think
you would want to have a 1:1 ratio between HSRP groups and VLANs.

> 
> This type of setup wasn't covered together in our class, just
> vlans and HSRP seperately. But in this lab we have Vlans
> running thru HSRP router doing ISL trunking and the routers are
> also running BGP and EIGRP to connect to a remote router. AHHH!
> 
> Thanks for your help.


Regards,

Scott



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58316&t=57896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hsrp & isl trunking [7:58144]

[Chuck Church]

I think the 'use-bia' may have been a fix for the problem as well.  It's
been a while since it happened.  For all I know it might have been a problem
with the CatOS on the switch.

Chuck Church
CCIE #8776, MCNE, MCSE


- Original Message -
From: "Larry Letterman" 
To: "Chuck Church" 
Cc: 
Sent: Tuesday, November 26, 2002 6:36 PM
Subject: Re: hsrp & isl trunking [7:58144]


> And..
> on the new msfc-2 you only get 16 hsrp groups
> supposedly the issue that chuck states below is
> not an issue with the new msfc-2 for the 6509's
>
> Chuck Church wrote:
>
> >Dennis,
> >
> >It's better to have a unique HSRP group for each VLAN.  Cisco bases
the
> >virtual MAC address on the group.  If you reuse the group number, you'll
have
> >duplicate MAC addresses.  Granted, they're on seperate VLANs and
shouldn't
> >matter, but I had a Cat4000 that didn't like it at all, and gave me lots
of
> >logged messages about MACs moving around.
> >
> >Chuck Church
> >CCIE #8776, MCNE, MCSE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58153&t=58144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hsrp & isl trunking [7:58144]

[Larry Letterman]

And..
on the new msfc-2 you only get 16 hsrp groups
supposedly the issue that chuck states below is
not an issue with the new msfc-2 for the 6509's

Chuck Church wrote:

>Dennis,
>
>It's better to have a unique HSRP group for each VLAN.  Cisco bases the
>virtual MAC address on the group.  If you reuse the group number, you'll
have
>duplicate MAC addresses.  Granted, they're on seperate VLANs and shouldn't
>matter, but I had a Cat4000 that didn't like it at all, and gave me lots of
>logged messages about MACs moving around.
>
>Chuck Church
>CCIE #8776, MCNE, MCSE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58151&t=58144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hsrp & isl trunking [7:58144]

[Chuck Church]

Dennis,

It's better to have a unique HSRP group for each VLAN.  Cisco bases the
virtual MAC address on the group.  If you reuse the group number, you'll have
duplicate MAC addresses.  Granted, they're on seperate VLANs and shouldn't
matter, but I had a Cat4000 that didn't like it at all, and gave me lots of
logged messages about MACs moving around.

Chuck Church
CCIE #8776, MCNE, MCSE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58144&t=58144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: hsrp & isl trunking [7:57896]

[dennis cherry]

The way we have it is 2 routers connected to the 4000 switch with 4 vlans on
the switch. Have set up 4 subinterfaces on each router, 1 for each van. Each
with a separate ip address corresponding to the vlan number. We have 2 HSRP
groups set up with 2 vlans in each group. 1 router will be the active for 1
group (2 of the vlans) and the other router will be the active for the other
group (2 vlans). On each subinterface for each router for each vlan, it has
a unique virtual HSRP IP address. I originally thought that all would use
the same virtual HSRP IP address. You are saying that there should be 4
groups (1 for each vlan) instead of the 2 groups that we have?? Or is it OK
with 2 groups and the 4 unique virtual HSRP IP addresses on each router??

This type of setup wasn't covered together in our class, just vlans and HSRP
seperately. But in this lab we have Vlans running thru HSRP router doing ISL
trunking and the routers are also running BGP and EIGRP to connect to a
remote router. AHHH!

Thanks for your help.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58138&t=57896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: hsrp & isl trunking [7:57896]

[Elwood P. Suggins]

Your instructor is right.  We have a pretty big Vlanned network  (3000
nodes).  The only way for the traffic originating from one subnet to get to
another subnet is to go through a router.  Therefore, each Vlan (or subnet)
needs an individual gateway (router) to  get to other subnets.  That is why
you need a standby HSRP group for each subnet.

Side note - Cisco recommends that Vlan correspond to subnets - it is easier
to keep track of things. Hope this helps

Elwood P. Suggins
CCNP


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58102&t=57896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: hsrp & isl trunking [7:57896]

[dennis cherry]

Come on, anyone??


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58093&t=57896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]