Solved

Cisco HSRP Question

Posted on 2016-09-06
13
43 Views
Last Modified: 2016-09-07
Hello Experts,

I have configured HSRP as shown in the attached topology. Can someone please take a look at the configs and let me know why ALSW-9 (ip address 100.1.1.3) cannot ping ALSW-10 (200.1.1.3) and vice-versa. Neither can it ping 200.1.1.2 on DLSW-5

Any thoughts will be greatly appreciated.

Cheers
CCNP-Lab-006-Topology.png
ee-alsw-9.txt
ee-alsw-10.txt
ee-dlsw-4.txt
ee-dlsw-5.txt
0
Comment
Question by:Member_2_7966113
  • 9
  • 4
13 Comments
 

Author Comment

by:Member_2_7966113
ID: 41786739
Experts,

Can I get some help with this please.

Attached is the actual lab that my lab was built on.

You will see they were able to ping between switches, in their case ALS1 and ALS2
CCNP-Lab-006-Solution_-HSRP-and-Swit.pdf
0
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41786835
The same problem as previous lab?

issue
#show ip route
on switches ALSW-9 and ALSW-10
if you have routing table then you need to configure at least default route on switches ALSW-9 and ALSW-10 or disable routing on switches by issuing
#no ip routing.
0
 

Author Comment

by:Member_2_7966113
ID: 41786870
Predrag,

Thanks for responding.

I need to be clear on this.

One step at a time.

If I issue the command #no ip routing on on ALSW-0 & ALSW-10 will I be able to ping?
0
 

Author Comment

by:Member_2_7966113
ID: 41786876
If I issue the command no ip routing on ALSW-9 & 10 what commands should I need to enable me to ping?
0
 

Author Comment

by:Member_2_7966113
ID: 41786882
if you have routing table

I do not have a routing table.
0
 

Author Comment

by:Member_2_7966113
ID: 41786887
You have been very helpful, but to TBH you're being a little cryptic..
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:Member_2_7966113
ID: 41786891
I'm assuming you've seen the configs and you will have seen there isn't any routing.. so I don't know why you're asking me if there is any routing ??
0
 
LVL 27

Accepted Solution

by:
Predrag Jovic earned 500 total points
ID: 41787179
The thing is, you should have routing on switches DSLW-4 & DSLW-5. Since there is no # ip routing command in running configurations of any device you should not be able to ping other VLANs. However, from your previous lab I remember that your switches did not show command # ip routing in configuration even if routing was working (typically command is not issued or default commands are not visible in running configuration). So, since there is no ip routing command present in any of your configurations - routing is present on every device or there is no routing on any device. To be able to ping other VLANs you must have routing on you DSLW devices. For ASLW devices you have two choices - turn off routing or add needed routes (either should work). Default gateway is not in use if routing is present on device.
0
 

Author Comment

by:Member_2_7966113
ID: 41787367
Predrag

Thanks for responding - that is an excellent answer - I totally get it now.  

I will do as you suggested.

I will let you know how I get on

Thanks man
0
 

Author Comment

by:Member_2_7966113
ID: 41787551
Predrag,

Thanks for sticking with me on this.

One more thing in relation to this. I have shut down DLSW-4.

I have removed ip routing from switch ALSW-9 and DLSW-5.

I have also removed default route and default gateway from ALSW.

But I can now ping 200.1.1.2 on DLSW-5. , see logs

Can you explain why?

Regards
11-03-55--ALSW-9-64.187.124.3-.txt
11-03-12--DLSW-5-64.187.124.3-.txt
0
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41787908
Typically that is the case of proxy ARP.
Proxy ARP can be used as replacement for routing. on many devices proxy ARP is enabled by default and it is considered security risk.
0
 

Author Closing Comment

by:Member_2_7966113
ID: 41788087
Excellent answer. Thanks Predrag
0
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41788136
You're welcome.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many useful and sometimes not well documented or forgotten IOS or ASA/PIX commands. See IPE article here , there was also one on PacketU and on Cisco Tips & Tricks. Below are my favorites. I give also a few most often used for Cisco IPS an…
This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now