Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

HSRP and VLANs on a Cisco 3750

Posted on 2007-10-15
6
Medium Priority
?
3,402 Views
Last Modified: 2012-06-27
I have  VLANs set up on 2 Cisco 3750s (3750A and 3750B). The VLANs are running HSRP.  I have two Radware switches (an active and a standby) each with a VLAN defined with 2 ports. Port 1 on the Radware master goes to port 1 on  3750A and port 2 on the same VLAN goes to port 2 on 3750B. Port 1 on the Radware backup device goes to port 1 on 3750B and port 2 goes to port 2 on 3750B.

The problem is that when I disconnect port 1 or port 2 on the Radware BACKUP device, the Cisco 3750 fails over. I think I can understand why the Cisco would fail over if the cable I pulled from the BACKUP device was actually connected to the ACTIVE Cisco device. But even when I disconnect a cable from the BACKUP Radware device from the STANDBY Cisco device, the STANDBY Cisco device takes over and becomes the ACTIVE device.

What am I missing??

Thanks in advance
0
Comment
Question by:SteveJ
  • 3
  • 2
6 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 1000 total points
ID: 20082574
>What am I missing??

Spanning Tree.

If this is all in the same VLAN and you're not using 802.1w, then it will take up to 50 seconds for the path to be re-established. By default, HSRP dead timers are 10 seconds. So when you fail a forwarding link. the HSRP dead timer expires and the route processors can't see each other. The HSRP standby route processor assumes the Active has died and takes over. Once the blocking link moves to forwarding, the route processors see each other and re-elect the Active route processor.

BTW, where are the PC's connected?

0
 
LVL 16

Author Comment

by:SteveJ
ID: 20085064
Thanks for the response, but that explains what I already understand about HSRP. I am confused about why the failover occurs in the first place . . . if I have 2 ports defined in the VLAN and one fails, where is the logic behind failing the entire VLAN? I would expect a fail over only if both ports failed. Is there some config I am missing? And the RADWARE devices don't have spanning tree, they are layer 4-7 switches.

Thanks very much for your response.

Steve
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 20085192
>And the RADWARE devices don't have spanning tree, they are layer 4-7 switches

I don't know the Radware products. Does each port of the Radware device have an IP address? Which Radware product is this?

Here's the thing: HSRP peers have to be on the same broadcast domain. If these Radware devices aren't switching at layer 2 then the HSRP hellos won't get to the other peer. Which means that if the HSRP peers can see each other then these switches are forwarding broadcasts at layer 2. Therefore, you have a layer 2 loop. Which means that spanning tree will identify and block any redundant links. When the non-blocking port fails (or is disconnected), HSRP hellos aren't passing until spanning tree converges. During that time, the two HSRP peers can't see each other.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 8

Expert Comment

by:yasirirfan
ID: 20114151
Can you please post your configuration
0
 
LVL 16

Author Comment

by:SteveJ
ID: 20116929
Ok, the Radware device is called an AppDirector and the two ports on each AppDirector are part of a VLAN and of course that VLAN has an IP address on the same network as the Cisco HSRP devices' VLAN. I also discovered that the spanning tree root port (role: root/ state: FWD) is actually attached to the backup AppDirector. After the backup AppDirector is powered off, a different port on the Cisco 3750, one that had been in BLK state, goes into root / FWD state. So if it takes time for the port to go from BLK to FWD and assume the root role, that would explain why HSRP fails over because for that brief time, the two Ciscos would not be communicating.

???

yasirirfan - - I will post the configs later.

Thanks,
Steve
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 20117638
I think you're starting to get it. ;-)

I don't know the Radware products so I don't know their configuration options. As long as the four ports on the Radware are in the same VLAN, you'll have this symptom.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question