Solved

HSRP in Cisco 4506

Posted on 2004-09-18
13
2,005 Views
Last Modified: 2007-12-19
Hello All,

I have two Cisco Catalys 4506 switches running in HSRP mode. I have 2950s cascaded to these switches. If I am giving a continuous ping from any computer connected either directly from the 4506 or 2950 sometimes I am getting request timed out and then gets reply. I have created VLANs in 4506s and are trunked to the 2950s. (Server/client mode)

HSRP part is working fine and the other switch is able to take over if the active switch fails.
The following configurations I have done regarding VLAN :

I have made both as VTP masters.
Domain I have set for both the same (given the name DC).

VTP Version                     : 2
Configuration Revision          : 5
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 10
VTP Operating Mode              : Server
VTP Domain Name                 : DC
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled

I have given exactly the same configuration for both the switches so that if one fails other should be able to take over fully. This part works well even now except for some packet loss. Is this due the that both the swithes are configured as Master with the same domain ?

If this is the reason, How can I handle the VLAN related configurations for full redundancy and failover ?

Thanks and regards,

Binu R.
0
Comment
Question by:rbnu
  • 5
  • 3
  • 2
  • +2
13 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12091462
It would be unrelated to both switches being in server mode. This is how VTP is designed - to use multiple servers.

Your packet loss would be from something else. Look at interface error counts. Bad cables or duplex mismatches are the #1 and #2 culprits, Layer 3 routing configuration #3
0
 
LVL 2

Expert Comment

by:jgarr
ID: 12091946
Can you post the configuration for the vlan interfaces ? or better yet the whole configs for the devices ? include sho cdp nei to help with understanding topology. maybe show log as well.. (Have I been annoying enough yet?)

It would be interesting to see what HSRP is set to.


Thanks !
0
 
LVL 4

Expert Comment

by:bfarmer
ID: 12093043
You will always have some packet loss when HSRP fails over.  There is a time gap between when the active stops functioning and the standby detects this and transitions to active.

The default hello timer is 3 seconds, the default hold time is 10 seconds.

For faster failover you can lower this.  Hold time should be 3x hello time.

For example:

  Interface Vlan10
    standby 10 timer 1 4           (sets hello to 1s, hold to 3s)

If your platform / IOS supports it you can specify msec for even faster times.

Keep in mind the hello packets are multicast which will go out every port in the VLAN.  Shouldn't be too significant, as long as you use reasonable settings, but something to be aware of when playing with the timers.

0
 

Author Comment

by:rbnu
ID: 12095130

Thanks for the response. I could find out some errors in sh int output. Now I have cleared the counters and again observing for any problems.

Meanwhile the sh logging output gives some strange errors regarding vlan. Can you please let me know how it can be solved ? Some documents says to disable cdp. but is it advisable ?

DC-SW4506-CORE1#sh logging
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns)
    Console logging: level debugging, 23431 messages logged
    Monitor logging: level debugging, 0 messages logged
    Buffer logging: level debugging, 23431 messages logged
    Exception Logging: size (8192 bytes)
    Trap logging: level informational, 23435 message lines logged

Log Buffer (4096 bytes):
ISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
2w1d: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
DC-SW4506-CORE1#


Thanks and regards,

Binu R.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12095180
>ISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/1 (10), with ws10-213 GigabitEthernet0/7 (1).
Pretty self-explanitory. You are not trunking between these two switches GIG 2/1 is in VLAN 10, and the upstream switch is just plugged into it without trunking or setting up vlans on it. Its ports are all in its VLAN 1.

Turning off CDP will not fix the problem, it will just stop reporting it in the log.
0
 

Author Comment

by:rbnu
ID: 12095272
Thanks for the respose. how to solve the problem ?

Regards,
Binu R.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 79

Accepted Solution

by:
lrmoore earned 200 total points
ID: 12095299
Either
1. setup trunking and let that switch participate in VTP and assign the ports to the appropriate VLAN
2. Change the "native vlan" on the ws10-213 switch to be 10
3. ignore the error. It is not a functional error, but more cosmetic
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12280425
Are you still working on this? Can we be of any more assistance?
Can you close out this question?
0
 

Author Comment

by:rbnu
ID: 12285878
Thanks for the reply and sorry for the delay.

In fact even now at times the ping shows packet losses. The reply comes after a few seconds automatically. (I am referring to my original problem)

Another point I noted is that when I do a ping to a vlan gateway (HSRP), the reply is not uniform. Just notice the variation in time.

Reply from 172.16.14.254: bytes=32 time=2ms TTL=255
Reply from 172.16.14.254: bytes=32 time=1ms TTL=255
Reply from 172.16.14.254: bytes=32 time=1ms TTL=255
Reply from 172.16.14.254: bytes=32 time=4ms TTL=255
Reply from 172.16.14.254: bytes=32 time=3ms TTL=255
Reply from 172.16.14.254: bytes=32 time=3ms TTL=255
Reply from 172.16.14.254: bytes=32 time=2ms TTL=255
Reply from 172.16.14.254: bytes=32 time=2ms TTL=255
Reply from 172.16.14.254: bytes=32 time=1ms TTL=255
Reply from 172.16.14.254: bytes=32 time=4ms TTL=255
Reply from 172.16.14.254: bytes=32 time=3ms TTL=255
Reply from 172.16.14.254: bytes=32 time=3ms TTL=255

But when I tried a ping to another machine in the same vlan or in another vlan, the ping reply is stable !!. I have checked up all the interfaces of all the switches and could not find any packet errors.

What else could be the problem ? The loss does not happen always, only once in a while.

Thanks and regards,

Binu R.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 15941213
No comment has been added to this question in more than 21 days, so it is now classified as abandoned. I will leave the following recommendation for this question in the Cleanup topic area:

Delete - Refund points

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

donjohnston
EE Cleanup Volunteer
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 15945972
Can I get at least partial credit for providing information to solve the error regarding native vlan mismatch....
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 15946195
I figured that since the original question was about packet loss in HSRP and that was a black hole as far as a question/answer that it was a delete-refund. But on review, the VLAN mismatch does have some value.

Change to:

200 points for lrmoore.

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

donjohnston
EE Cleanup Volunteer
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

709 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now