🧑🤝🧑
HSRP の練習
本エントリについて
Dynagen、Dynamips、vpcs を使って、HSRP を練習します。
Dynagen、Dynamips、vpcs の利用環境はすでに整っているものとします。
参考サイト
基本設定
https://zenn.dev/mnod/articles/895119218f52fe の練習をした環境を利用します。
hsrp 有効化 (VLAN10)
debug standby events を有効にして作業しています。
sw01
まずは sw01 で hsrp を有効化してみます。
sw01(config)#interface vlan 10
sw01(config-if)#standby 10 ip 10.2.0.254
Dec 28 21:03:23.813: HSRP: Vl10 Starting minimum interface delay (1 secs)
Dec 28 21:03:23.813: HSRP: Vl10 Grp 10 Set group MAC 0000.0000.0000 -> 0000.0c07.ac0a
Dec 28 21:03:23.813: HSRP: Vl10 MAC entry 0000.0c07.ac0a created
Dec 28 21:03:23.813: HSRP: Vl10 MAC entry 0000.0c07.ac0a, Added Vl10 Grp 10 to list
Dec 28 21:03:23.813: HSRP: Vl10 Added 10.2.0.254 to hash table
Dec 28 21:03:23.813: HSRP: Vl10 Grp 10 Disabled -> Init
Dec 28 21:03:23.813: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Disabled -> Init
Dec 28 21:03:23.813: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" added
Dec 28 21:03:23.813: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Disabled -> Init
Dec 28 21:03:24.813: HSRP: Vl10 Interface min delay expired
Dec 28 21:03:24.817: HSRP: Vl10 Grp 10 Init: a/HSRP enabled
Dec 28 21:03:24.817: HSRP: Vl10 Grp 10 Init -> Listen
Dec 28 21:03:24.821: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Init -> Backup
Dec 28 21:03:24.821: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Init -> Backup
Dec 28 21:03:34.817: HSRP: Vl10 Grp 10 Listen: c/Active timer expired (unknown)
Dec 28 21:03:34.817: HSRP: Vl10 Grp 10 Listen -> Speak
Dec 28 21:03:34.817: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Backup -> Speak
Dec 28 21:03:34.817: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Backup -> Speak
Dec 28 21:03:44.817: HSRP: Vl10 Grp 10 Speak: d/Standby timer expired (unknown)
Dec 28 21:03:44.821: HSRP: Vl10 Grp 10 Standby router is local
Dec 28 21:03:44.821: HSRP: Vl10 Grp 10 Speak -> Standby
Dec 28 21:03:44.825: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Speak -> Standby
Dec 28 21:03:44.825: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, unknown -> local
Dec 28 21:03:44.825: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Speak -> Standby
Dec 28 21:03:45.317: HSRP: Vl10 Grp 10 Standby: c/Active timer expired (unknown)
Dec 28 21:03:45.317: HSRP: Vl10 Grp 10 Active router is local
Dec 28 21:03:45.321: HSRP: Vl10 Grp 10 Standby router is unknown, was local
Dec 28 21:03:45.325: HSRP: Vl10 Grp 10 Standby -> Active
Dec 28 21:03:45.325: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Standby -> Active
Dec 28 21:03:45.329: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Standby -> Active
Dec 28 21:03:45.337: HSRP: Vl10 Added 10.2.0.254 to ARP (0000.0c07.ac0a)
Dec 28 21:03:45.337: HSRP: Vl10 Grp 10 Activating MAC 0000.0c07.ac0a
Dec 28 21:03:45.337: HSRP: Vl10 Grp 10 Adding 0000.0c07.ac0a to MAC address filter
Dec 28 21:03:45.337: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, local -> unknown
Dec 28 21:03:45.337: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Standby -> Active
Dec 28 21:03:48.337: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Active
Dec 28 21:04:25.421: HSRP: Vl10 Allow proxy ARP, src 10.2.0.1 tgt 10.2.254.11 (soln 1) mac 0000.0c07.ac0a (grp 10)
hsrp の状態確認をします。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Speak unknown unknown 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 00:00:13
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.716 secs
Preemption disabled
Active router is local
Standby router is unknown
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
疎通を確認します。
仮想IPアドレスに対応するMACアドレスは 00:00:0c:07:ac:xx の形です。
VPCS[1]> show ip
NAME : VPCS[1]
IP/MASK : 10.2.0.2/24
GATEWAY : 10.2.0.254
DNS :
MAC : 00:50:79:66:68:00
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU: : 1500
VPCS[1]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 timeout
10.2.0.254 icmp_seq=2 ttl=255 time=0.610 ms
10.2.0.254 icmp_seq=3 ttl=255 time=1.164 ms
10.2.0.254 icmp_seq=4 ttl=255 time=5.544 ms
10.2.0.254 icmp_seq=5 ttl=255 time=1.866 ms
VPCS[1]> show arp
00:00:0c:07:ac:0a 10.2.0.254 expires in 110 seconds
VPCS[1]> ping 10.2.1.252
10.2.1.252 icmp_seq=1 ttl=255 time=5.145 ms
10.2.1.252 icmp_seq=2 ttl=255 time=1.182 ms
10.2.1.252 icmp_seq=3 ttl=255 time=1.812 ms
10.2.1.252 icmp_seq=4 ttl=255 time=6.043 ms
10.2.1.252 icmp_seq=5 ttl=255 time=5.947 ms
sw02
次に sw02 で hsrp を有効化してみます。
sw02(config)#int vlan 10
sw02(config-if)#standby 10 ip 10.2.0.254
Dec 28 21:07:08.252: HSRP: Vl10 Starting minimum interface delay (1 secs)
Dec 28 21:07:08.252: HSRP: Vl10 Grp 10 Set group MAC 0000.0000.0000 -> 0000.0c07.ac0a
Dec 28 21:07:08.256: HSRP: Vl10 MAC entry 0000.0c07.ac0a created
Dec 28 21:07:08.256: HSRP: Vl10 MAC entry 0000.0c07.ac0a, Added Vl10 Grp 10 to list
Dec 28 21:07:08.256: HSRP: Vl10 Added 10.2.0.254 to hash table
Dec 28 21:07:08.260: HSRP: Vl10 Grp 10 Disabled -> Init
Dec 28 21:07:08.260: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Disabled -> Init
Dec 28 21:07:08.264: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" added
Dec 28 21:07:08.264: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Disabled -> Init
Dec 28 21:07:09.256: HSRP: Vl10 Interface min delay expired
Dec 28 21:07:09.256: HSRP: Vl10 Grp 10 Init: a/HSRP enabled
Dec 28 21:07:09.256: HSRP: Vl10 Grp 10 Init -> Listen
Dec 28 21:07:09.260: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Init -> Backup
Dec 28 21:07:09.260: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Init -> Backup
Dec 28 21:07:09.336: HSRP: Vl10 Grp 10 Active router is 10.2.0.252
Dec 28 21:07:09.336: HSRP: Vl10 Nbr 10.2.0.252 created
Dec 28 21:07:09.340: HSRP: Vl10 Nbr 10.2.0.252 active for group 10
Dec 28 21:07:19.256: HSRP: Vl10 Grp 10 Listen: d/Standby timer expired (unknown)
Dec 28 21:07:19.260: HSRP: Vl10 Grp 10 Listen -> Speak
Dec 28 21:07:19.260: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Backup -> Speak
Dec 28 21:07:19.260: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Backup -> Speak
Dec 28 21:07:29.260: HSRP: Vl10 Grp 10 Speak: d/Standby timer expired (unknown)
Dec 28 21:07:29.264: HSRP: Vl10 Grp 10 Standby router is local
Dec 28 21:07:29.268: HSRP: Vl10 Grp 10 Speak -> Standby
Dec 28 21:07:29.268: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Speak -> Standby
Dec 28 21:07:29.272: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Speak -> Standby
Dec 28 21:07:29.272: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, unknown -> local
Dec 28 21:07:29.272: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Speak -> Standby
状態を確認します。
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Standby 10.2.0.252 local 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Standby
1 state change, last state change 00:01:03
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.020 secs
Preemption disabled
Active router is 10.2.0.252, priority 100 (expires in 7.092 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
sw01 の状態を確認します。
スタンバイルータを認識しました。
Dec 28 21:06:33.445: HSRP: Vl10 Allow proxy ARP, src 10.2.0.1 tgt 10.2.254.11 (soln 1) mac 0000.0c07.ac0a (grp 10)
Dec 28 21:07:09.261: HSRP: Vl10 Nbr 10.2.0.253 Adv in, active 0 passive 1
Dec 28 21:07:09.265: HSRP: Vl10 Nbr 10.2.0.253 created
Dec 28 21:07:09.265: HSRP: Vl10 Nbr 10.2.0.253 is passive
Dec 28 21:07:29.285: HSRP: Vl10 Grp 10 Standby router is 10.2.0.253
Dec 28 21:07:29.289: HSRP: Vl10 Nbr 10.2.0.253 is no longer passive
Dec 28 21:07:29.289: HSRP: Vl10 Nbr 10.2.0.253 standby for group 10
Dec 28 21:08:41.441: HSRP: Vl10 Allow proxy ARP, src 10.2.0.1 tgt 10.2.254.11 (soln 1) mac 0000.0c07.ac0a (grp 10)
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Active local 10.2.0.253 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 00:05:19
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.188 secs
Preemption disabled
Active router is local
Standby router is 10.2.0.253, priority 100 (expires in 7.148 sec)
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
認証設定の追加
sw01
sw01側で認証設定を追加します。
キーチェーンの作成と、hsrp への適用の二段構えの作業です。
sw01(config)#key chain ccna
sw01(config-keychain)#key 22
sw01(config-keychain-key)#key-string cisco
sw01(config-keychain-key)#int vlan 10
sw01(config-if)#standby 10 authentication md5 key-chain ccna
Dec 28 21:13:05.285: %HSRP-4-BADAUTH: Bad authentication from 10.2.0.253, group 10, remote state Standby
Dec 28 21:13:12.297: HSRP: Vl10 Grp 10 Standby router is unknown, was 10.2.0.253
Dec 28 21:13:12.297: HSRP: Vl10 Nbr 10.2.0.253 no longer standby for group 10 (Active)
Dec 28 21:13:12.297: HSRP: Vl10 Nbr 10.2.0.253 Was active or standby - start passive holddown
Dec 28 21:13:36.085: %HSRP-4-BADAUTH: Bad authentication from 10.2.0.253, group 10, remote state Active
Dec 28 21:14:06.093: %HSRP-4-BADAUTH: Bad authentication from 10.2.0.253, group 10, remote state Active
Dec 28 21:14:24.077: HSRP: Vl10 Grp 10 Hello in 10.2.0.253 Active pri 100 vIP 10.2.0.254
Dec 28 21:14:24.081: HSRP: Vl10 Grp 10 Active router is 10.2.0.253, was local
Dec 28 21:14:24.081: HSRP: Vl10 Nbr 10.2.0.253 is no longer passive
Dec 28 21:14:24.085: HSRP: Vl10 Nbr 10.2.0.253 active for group 10
Dec 28 21:14:24.089: HSRP: Vl10 Grp 10 Active: g/Hello rcvd from higher pri Active router (100/10.2.0.253)
Dec 28 21:14:24.093: HSRP: Vl10 Grp 10 Active -> Speak
Dec 28 21:14:24.093: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Active -> Speak
Dec 28 21:14:24.097: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Active -> Speak
Dec 28 21:14:24.097: HSRP: Vl10 Removed 10.2.0.254 from ARP
Dec 28 21:14:24.097: HSRP: Vl10 Grp 10 Deactivating MAC 0000.0c07.ac0a
Dec 28 21:14:24.097: HSRP: Vl10 Grp 10 Removing 0000.0c07.ac0a from MAC address filter
Dec 28 21:14:24.097: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Speak
Dec 28 21:14:34.089: HSRP: Vl10 Grp 10 Speak: d/Standby timer expired (unknown)
Dec 28 21:14:34.093: HSRP: Vl10 Grp 10 Standby router is local
Dec 28 21:14:34.093: HSRP: Vl10 Grp 10 Speak -> Standby
Dec 28 21:14:34.097: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Speak -> Standby
Dec 28 21:14:34.097: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Speak -> Standby
Dec 28 21:14:34.101: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, unknown -> local
Dec 28 21:14:34.105: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Speak -> Standby
hsrp の情報を確認します。
debug 情報にあるように、sw01 はスタンバイに移行し、sw02がアクティブになりました。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Standby 10.2.0.253 local 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Standby
4 state changes, last state change 00:03:05
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.204 secs
Authentication MD5, key-chain "ccna"
Preemption disabled
Active router is 10.2.0.253, priority 100 (expires in 9.232 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
sw02 側では以下のdebug情報が出ていました。
sw02#
Dec 28 21:13:03.344: %HSRP-4-BADAUTH: Bad authentication from 10.2.0.252, group 10, remote state Active
Dec 28 21:13:12.056: HSRP: Vl10 Grp 10 Standby: c/Active timer expired (10.2.0.252)
Dec 28 21:13:12.060: HSRP: Vl10 Grp 10 Active router is local, was 10.2.0.252
Dec 28 21:13:12.064: HSRP: Vl10 Nbr 10.2.0.252 no longer active for group 10 (Standby)
Dec 28 21:13:12.064: HSRP: Vl10 Nbr 10.2.0.252 Was active or standby - start passive holddown
Dec 28 21:13:12.068: HSRP: Vl10 Grp 10 Standby router is unknown, was local
Dec 28 21:13:12.072: HSRP: Vl10 Grp 10 Standby -> Active
Dec 28 21:13:12.072: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Standby -> Active
Dec 28 21:13:12.072: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Standby -> Active
Dec 28 21:13:12.072: HSRP: Vl10 Added 10.2.0.254 to ARP (0000.0c07.ac0a)
Dec 28 21:13:12.072: HSRP: Vl10 Grp 10 Activating MAC 0000.0c07.ac0a
Dec 28 21:13:12.072: HSRP: Vl10 Grp 10 Adding 0000.0c07.ac0a to MAC address filter
Dec 28 21:13:12.076: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, local -> unknown
Dec 28 21:13:12.076: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Standby -> Active
Dec 28 21:13:15.072: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Active
sw02
sw02側でも認証を有効化します。
sw02(config)#key chain ccna
sw02(config-keychain)#key 22
sw02(config-keychain-key)#key-string cisco
sw02(config-keychain-key)#interface vlan 10
sw02(config-if)#standby 10 authentication md5 key-chain ccna
Dec 28 21:14:24.112: HSRP: Vl10 Grp 10 Active: i/Resign rcvd (100/10.2.0.252)
Dec 28 21:14:27.116: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Active
Dec 28 21:14:34.116: HSRP: Vl10 Grp 10 Standby router is 10.2.0.252
Dec 28 21:14:34.120: HSRP: Vl10 Nbr 10.2.0.252 is no longer passive
Dec 28 21:14:34.120: HSRP: Vl10 Nbr 10.2.0.252 standby for group 10
状態を確認します。引き続き sw02 がアクティブです。
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Active local 10.2.0.252 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 00:03:59
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.292 secs
Authentication MD5, key-chain "ccna"
Preemption disabled
Active router is local
Standby router is 10.2.0.252, priority 100 (expires in 8.268 sec)
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
priority 値の変更
sw01 で priority 値を変更します。
sw01(config)#int vlan 10
sw01(config-if)#standby 10 priority 105
Dec 28 23:20:23.697: HSRP: Vl10 Grp 10 Priority 100 -> 105
状態を確認します。
priority 値は変化しましたが、sw01 は引き続きスタンバイです。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 105 Standby 10.2.0.253 local 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Standby
1 state change, last state change 00:03:02
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.392 secs
Authentication MD5, key-chain "ccna"
Preemption disabled
Active router is 10.2.0.253, priority 100 (expires in 7.096 sec)
Standby router is local
Priority 105 (configured 105)
Group name is "hsrp-Vl10-10" (default)
sw02 で確認すると、sw01 の priority 値が 105 に変化したことは認識してますが、引き続きアクティブです。
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Active local 10.2.0.252 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 02:07:30
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.192 secs
Authentication MD5, key-chain "ccna"
Preemption disabled
Active router is local
Standby router is 10.2.0.252, priority 105 (expires in 9.504 sec)
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
preemption 設定
sw01 で preemption を設定します。
sw01(config)#int vlan 10
sw01(config-if)#standby 10 preempt
Dec 28 23:22:06.245: HSRP: Vl10 Grp 10 Standby: h/Hello rcvd from lower pri Active router (100/10.2.0.253)
Dec 28 23:22:06.245: HSRP: Vl10 Grp 10 Active router is local, was 10.2.0.253
Dec 28 23:22:06.245: HSRP: Vl10 Nbr 10.2.0.253 no longer active for group 10 (Standby)
Dec 28 23:22:06.245: HSRP: Vl10 Nbr 10.2.0.253 Was active or standby - start passive holddown
Dec 28 23:22:06.245: HSRP: Vl10 Grp 10 Standby router is unknown, was local
Dec 28 23:22:06.245: HSRP: Vl10 Grp 10 Standby -> Active
Dec 28 23:22:06.245: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Standby -> Active
Dec 28 23:22:06.245: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Standby -> Active
Dec 28 23:22:06.249: HSRP: Vl10 Grp 10 Activating MAC 0000.0c07.ac0a
Dec 28 23:22:06.249: HSRP: Vl10 Grp 10 Adding 0000.0c07.ac0a to MAC address filter
Dec 28 23:22:06.253: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, local -> unknown
Dec 28 23:22:06.253: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Standby -> Active
Dec 28 23:22:09.249: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Active
Dec 28 23:22:16.289: HSRP: Vl10 Grp 10 Standby router is 10.2.0.253
Dec 28 23:22:16.293: HSRP: Vl10 Nbr 10.2.0.253 is no longer passive
Dec 28 23:22:16.293: HSRP: Vl10 Nbr 10.2.0.253 standby for group 10
Dec 28 23:22:50.325: HSRP: Vl10 Active virtual address 10.2.0.254 found in hash table
状態を確認します。sw01 がアクティブになりました。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 105 P Active local 10.2.0.253 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 00:01:08
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.364 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.0.253, priority 100 (expires in 8.380 sec)
Priority 105 (configured 105)
Group name is "hsrp-Vl10-10" (default)
sw02 では以下の debug メッセージが出ていました。
sw02#
Dec 28 23:22:06.264: HSRP: Vl10 Grp 10 Active: j/Coup rcvd from higher pri router (105/10.2.0.252)
Dec 28 23:22:06.264: HSRP: Vl10 Grp 10 Active router is 10.2.0.252, was local
Dec 28 23:22:06.264: HSRP: Vl10 Nbr 10.2.0.252 active for group 10
Dec 28 23:22:06.264: HSRP: Vl10 Grp 10 Standby router is unknown, was 10.2.0.252
Dec 28 23:22:06.264: HSRP: Vl10 Nbr 10.2.0.252 no longer standby for group 10 (Active)
Dec 28 23:22:06.264: HSRP: Vl10 Grp 10 Active -> Speak
Dec 28 23:22:06.264: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Active -> Speak
Dec 28 23:22:06.268: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Active -> Speak
Dec 28 23:22:06.268: HSRP: Vl10 Removed 10.2.0.254 from ARP
Dec 28 23:22:06.272: HSRP: Vl10 Grp 10 Deactivating MAC 0000.0c07.ac0a
Dec 28 23:22:06.272: HSRP: Vl10 Grp 10 Removing 0000.0c07.ac0a from MAC address filter
Dec 28 23:22:06.276: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Speak
Dec 28 23:22:16.264: HSRP: Vl10 Grp 10 Speak: d/Standby timer expired (unknown)
Dec 28 23:22:16.268: HSRP: Vl10 Grp 10 Standby router is local
Dec 28 23:22:16.268: HSRP: Vl10 Grp 10 Speak -> Standby
Dec 28 23:22:16.272: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Speak -> Standby
Dec 28 23:22:16.272: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Speak -> Standby
Dec 28 23:22:16.280: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, unknown -> local
Dec 28 23:22:16.280: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Speak -> Standby
sw02側の状態を確認します。問題なくスタンバイに移行しています。
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Standby 10.2.0.252 local 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Standby
4 state changes, last state change 00:01:22
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.152 secs
Authentication MD5, key-chain "ccna"
Preemption disabled
Active router is 10.2.0.252, priority 105 (expires in 9.788 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
疎通確認を実施します。
VPCS[1]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 ttl=255 time=8.904 ms
10.2.0.254 icmp_seq=2 ttl=255 time=4.996 ms
10.2.0.254 icmp_seq=3 ttl=255 time=6.715 ms
10.2.0.254 icmp_seq=4 ttl=255 time=6.722 ms
10.2.0.254 icmp_seq=5 ttl=255 time=8.984 ms
VPCS[1]> ping 10.2.1.252
10.2.1.252 icmp_seq=1 ttl=255 time=9.101 ms
10.2.1.252 icmp_seq=2 ttl=255 time=8.506 ms
10.2.1.252 icmp_seq=3 ttl=255 time=10.231 ms
10.2.1.252 icmp_seq=4 ttl=255 time=1.507 ms
10.2.1.252 icmp_seq=5 ttl=255 time=9.863 ms
VPCS[1]> ping 10.2.1.253
10.2.1.253 icmp_seq=1 timeout
10.2.1.253 icmp_seq=2 ttl=255 time=19.543 ms
10.2.1.253 icmp_seq=3 ttl=255 time=11.356 ms
10.2.1.253 icmp_seq=4 ttl=255 time=13.855 ms
10.2.1.253 icmp_seq=5 ttl=255 time=14.412 ms
インタフェーストラッキング
sw01
インタフェーストラッキングの設定を追加します。
トラックの定義、hsrp への適用という2段構えです。
sw01(config)#track 1 interface fa1/0 line-protocol
sw01(config-track)#int vlan 10
sw01(config-if)#standby 10 track 1 decrement 10
Dec 28 23:37:14.198: HSRP: Vl10 Grp 10 Track 1 add, priority decrement 10
Dec 28 23:37:14.198: HSRP: Vl10 Grp 10 Track 1 Start tracking
Dec 28 23:37:14.198: HSRP: Vl10 Grp 10 Track 1 link id 1
状態を確認します。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 105 P Active local 10.2.0.253 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 00:15:48
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.464 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.0.253, priority 100 (expires in 7.504 sec)
Priority 105 (configured 105)
Track object 1 state Up decrement 10
Group name is "hsrp-Vl10-10" (default)
sw01 でトラック対象のインタフェース fa1/0 を shutdown してみます。
sw01(config)#int fa1/0
sw01(config-if)#shut
Dec 28 23:38:43.607: %TRACKING-5-STATE: 1 interface Fa1/0 line-protocol Up->Down
Dec 28 23:38:43.607: HSRP: Vl10 Grp 10 Track 1 object changed, state Up -> Down
Dec 28 23:38:43.611: HSRP: Vl10 Grp 10 Priority 105 -> 95
Dec 28 23:38:44.099: %DTP-5-NONTRUNKPORTON: Port Fa1/0 has become non-trunk
Dec 28 23:38:45.575: %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to administratively down
Dec 28 23:38:46.575: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to down
状態を確認します。
prioity 値が減少しましたが、引き続きアクティブのままです。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 95 P Active local 10.2.0.253 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Active
2 state changes, last state change 00:17:23
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.004 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.0.253, priority 100 (expires in 9.072 sec)
Priority 95 (configured 105)
Track object 1 state Down decrement 10
Group name is "hsrp-Vl10-10" (default)
sw02 でも確認します。
sw01 側で priority 値が減少したことを認識していますが、スタンバイのままです。
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 Standby 10.2.0.252 local 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Standby
4 state changes, last state change 00:17:35
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.600 secs
Authentication MD5, key-chain "ccna"
Preemption disabled
Active router is 10.2.0.252, priority 95 (expires in 9.584 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
preemption 設定
sw02 側で preemption を設定します。
sw02(config)#int vlan 10
sw02(config-if)#standby 10 preempt
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Standby: h/Hello rcvd from lower pri Active router (95/10.2.0.252)
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Active router is local, was 10.2.0.252
Dec 28 23:40:17.761: HSRP: Vl10 Nbr 10.2.0.252 no longer active for group 10 (Standby)
Dec 28 23:40:17.761: HSRP: Vl10 Nbr 10.2.0.252 Was active or standby - start passive holddown
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Standby router is unknown, was local
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Standby -> Active
Dec 28 23:40:17.761: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Standby -> Active
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Standby -> Active
Dec 28 23:40:17.761: HSRP: Vl10 Added 10.2.0.254 to ARP (0000.0c07.ac0a)
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Activating MAC 0000.0c07.ac0a
Dec 28 23:40:17.761: HSRP: Vl10 Grp 10 Adding 0000.0c07.ac0a to MAC address filter
Dec 28 23:40:17.761: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, local -> unknown
Dec 28 23:40:17.761: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Standby -> Active
Dec 28 23:40:20.761: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Active
Dec 28 23:40:27.809: HSRP: Vl10 Grp 10 Standby router is 10.2.0.252
Dec 28 23:40:27.809: HSRP: Vl10 Nbr 10.2.0.252 is no longer passive
Dec 28 23:40:27.809: HSRP: Vl10 Nbr 10.2.0.252 standby for group 10
Dec 28 23:40:49.621: HSRP: Vl10 Active virtual address 10.2.0.254 found in hash table
状態を確認します。
sw02 側がアクティブになりました。
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 P Active local 10.2.0.252 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Active
5 state changes, last state change 00:01:03
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.416 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.0.252, priority 95 (expires in 7.472 sec)
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
sw01 側で出力されていた debug 情報です。
sw01#
Dec 28 23:40:17.779: HSRP: Vl10 Grp 10 Active: j/Coup rcvd from higher pri router (100/10.2.0.253)
Dec 28 23:40:17.783: HSRP: Vl10 Grp 10 Active router is 10.2.0.253, was local
Dec 28 23:40:17.783: HSRP: Vl10 Nbr 10.2.0.253 active for group 10
Dec 28 23:40:17.783: HSRP: Vl10 Grp 10 Standby router is unknown, was 10.2.0.253
Dec 28 23:40:17.783: HSRP: Vl10 Nbr 10.2.0.253 no longer standby for group 10 (Active)
Dec 28 23:40:17.783: HSRP: Vl10 Grp 10 Active -> Speak
Dec 28 23:40:17.783: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Active -> Speak
Dec 28 23:40:17.783: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Active -> Speak
Dec 28 23:40:17.787: HSRP: Vl10 Removed 10.2.0.254 from ARP
Dec 28 23:40:17.791: HSRP: Vl10 Grp 10 Deactivating MAC 0000.0c07.ac0a
Dec 28 23:40:17.791: HSRP: Vl10 Grp 10 Removing 0000.0c07.ac0a from MAC address filter
Dec 28 23:40:17.795: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Active -> Speak
Dec 28 23:40:27.783: HSRP: Vl10 Grp 10 Speak: d/Standby timer expired (unknown)
Dec 28 23:40:27.787: HSRP: Vl10 Grp 10 Standby router is local
Dec 28 23:40:27.787: HSRP: Vl10 Grp 10 Speak -> Standby
Dec 28 23:40:27.791: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Speak -> Standby
Dec 28 23:40:27.791: HSRP: Vl10 Grp 10 Redundancy "hsrp-Vl10-10" state Speak -> Standby
Dec 28 23:40:27.795: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" standby, unknown -> local
Dec 28 23:40:27.799: HSRP: Vl10 IP Redundancy "hsrp-Vl10-10" update, Speak -> Standby
sw01側の状態を確認します。
こちらは想定通りスタンバイに移行しています。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 95 P Standby 10.2.0.253 local 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Standby
4 state changes, last state change 00:01:20
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.408 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is 10.2.0.253, priority 100 (expires in 9.372 sec)
Standby router is local
Priority 95 (configured 105)
Track object 1 state Down decrement 10
Group name is "hsrp-Vl10-10" (default)
疎通確認を実施します。
VPCS[1]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 ttl=255 time=9.059 ms
10.2.0.254 icmp_seq=2 ttl=255 time=0.776 ms
10.2.0.254 icmp_seq=3 ttl=255 time=6.439 ms
10.2.0.254 icmp_seq=4 ttl=255 time=9.462 ms
10.2.0.254 icmp_seq=5 ttl=255 time=8.496 ms
VPCS[1]> ping 10.2.1.252
10.2.1.252 icmp_seq=1 ttl=255 time=19.937 ms
10.2.1.252 icmp_seq=2 ttl=255 time=19.227 ms
10.2.1.252 icmp_seq=3 ttl=255 time=18.640 ms
10.2.1.252 icmp_seq=4 ttl=255 time=18.160 ms
10.2.1.252 icmp_seq=5 ttl=255 time=21.702 ms
VPCS[1]> ping 10.2.1.253
10.2.1.253 icmp_seq=1 ttl=255 time=8.040 ms
10.2.1.253 icmp_seq=2 ttl=255 time=7.161 ms
10.2.1.253 icmp_seq=3 ttl=255 time=4.065 ms
10.2.1.253 icmp_seq=4 ttl=255 time=2.255 ms
10.2.1.253 icmp_seq=5 ttl=255 time=10.237 ms
トラッキング戻し
sw01 で先ほど shut したインタフェースをno shut します。
sw01(config)#int f1/0
sw01(config-if)#no shut
Dec 29 11:32:46.210: %TRACKING-5-STATE: 1 interface Fa1/0 line-protocol Down->Up
Dec 29 11:32:46.354: %DTP-5-TRUNKPORTON: Port Fa1/0 has become dot1q trunk
Dec 29 11:32:47.062: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Standby -> Active
Dec 29 11:32:48.802: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to up
状態を確認します。
sw01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 105 P Active local 10.2.0.253 10.2.0.254
sw01#show standby
Vlan10 - Group 10
State is Active
11 state changes, last state change 00:00:31
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.044 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.0.253, priority 100 (expires in 9.108 sec)
Priority 105 (configured 105)
Track object 1 state Up decrement 10
Group name is "hsrp-Vl10-10" (default)
sw02 側でも確認します。
sw02#
Dec 29 11:32:47.087: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Active -> Speak
Dec 29 11:32:57.087: %HSRP-5-STATECHANGE: Vlan10 Grp 10 state Speak -> Standby
sw02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 100 P Standby 10.2.0.252 local 10.2.0.254
sw02#show standby
Vlan10 - Group 10
State is Standby
7 state changes, last state change 00:02:38
Virtual IP address is 10.2.0.254
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.196 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is 10.2.0.252, priority 105 (expires in 9.180 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl10-10" (default)
疎通確認を実施します。
VPCS[1]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 ttl=255 time=9.183 ms
10.2.0.254 icmp_seq=2 ttl=255 time=6.797 ms
10.2.0.254 icmp_seq=3 ttl=255 time=9.594 ms
10.2.0.254 icmp_seq=4 ttl=255 time=2.796 ms
10.2.0.254 icmp_seq=5 ttl=255 time=3.896 ms
VPCS[1]> ping 10.2.1.252
10.2.1.252 icmp_seq=1 ttl=255 time=6.788 ms
10.2.1.252 icmp_seq=2 ttl=255 time=4.564 ms
10.2.1.252 icmp_seq=3 ttl=255 time=7.039 ms
10.2.1.252 icmp_seq=4 ttl=255 time=0.738 ms
10.2.1.252 icmp_seq=5 ttl=255 time=2.151 ms
VPCS[1]> ping 10.2.1.253
10.2.1.253 icmp_seq=1 ttl=255 time=11.694 ms
10.2.1.253 icmp_seq=2 ttl=255 time=19.706 ms
10.2.1.253 icmp_seq=3 ttl=255 time=19.828 ms
10.2.1.253 icmp_seq=4 ttl=255 time=18.922 ms
10.2.1.253 icmp_seq=5 ttl=255 time=17.799 ms
hsrp 有効化 (VLAN11)
以下、debug standby events は無効にしています。
sw02
まずは sw02 で hsrp を有効化していきます。
sw02(config)#int vlan 11
sw02(config-if)#standby 11 ip 10.2.1.254
sw02(config-if)#standby 11 authentication md5 key-chain ccna
sw02(config-if)#standby 11 preempt
sw02(config-if)#standby 11 priority 105
sw02(config-if)#track 1 interface fa1/0 line-protocol
sw02(config-track)#int vlan 11
sw02(config-if)#standby 11 track 1 decrement 10
ここまでのところの状態を確認します。
sw02#show standby vlan 11 brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl11 11 105 P Active local unknown 10.2.1.254
sw02#show standby vlan 11
Vlan11 - Group 11
State is Active
2 state changes, last state change 00:03:30
Virtual IP address is 10.2.1.254
Active virtual MAC address is 0000.0c07.ac0b
Local virtual MAC address is 0000.0c07.ac0b (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.096 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is unknown
Priority 105 (configured 105)
Track object 1 state Up decrement 10
Group name is "hsrp-Vl11-11" (default)
疎通確認を実施します。
VPCS[3]> ip 10.2.1.2 10.2.1.254 /24
Checking for duplicate address...
PC3 : 10.2.1.2 255.255.255.0 gateway 10.2.1.254
VPCS[3]> show ip
NAME : VPCS[3]
IP/MASK : 10.2.1.2/24
GATEWAY : 10.2.1.254
DNS :
MAC : 00:50:79:66:68:02
LPORT : 20002
RHOST:PORT : 127.0.0.1:30002
MTU: : 1500
VPCS[3]> ping 10.2.1.254
10.2.1.254 icmp_seq=1 ttl=255 time=10.515 ms
10.2.1.254 icmp_seq=2 ttl=255 time=7.385 ms
10.2.1.254 icmp_seq=3 ttl=255 time=4.067 ms
10.2.1.254 icmp_seq=4 ttl=255 time=1.476 ms
10.2.1.254 icmp_seq=5 ttl=255 time=7.937 ms
VPCS[3]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 ttl=255 time=14.960 ms
10.2.0.254 icmp_seq=2 ttl=255 time=20.262 ms
10.2.0.254 icmp_seq=3 ttl=255 time=17.898 ms
10.2.0.254 icmp_seq=4 ttl=255 time=11.892 ms
10.2.0.254 icmp_seq=5 ttl=255 time=20.247 ms
VPCS[3]> ping 10.2.0.2
10.2.0.2 icmp_seq=1 ttl=63 time=11.588 ms
10.2.0.2 icmp_seq=2 ttl=63 time=12.475 ms
10.2.0.2 icmp_seq=3 ttl=63 time=18.993 ms
10.2.0.2 icmp_seq=4 ttl=63 time=19.218 ms
10.2.0.2 icmp_seq=5 ttl=63 time=13.048 ms
sw01
次に sw01 で hsrp を有効化していきます。
sw01(config)#int vlan 11
sw01(config-if)#standby 11 ip 10.2.1.254
sw01(config-if)#standby 11 authentication md5 key-chain ccna
sw01(config-if)#standby 11 preempt
状態を確認します。
sw01#show standby vlan 11 brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl11 11 100 P Standby 10.2.1.253 local 10.2.1.254
sw01#show standby vlan 11
Vlan11 - Group 11
State is Standby
1 state change, last state change 00:00:45
Virtual IP address is 10.2.1.254
Active virtual MAC address is 0000.0c07.ac0b
Local virtual MAC address is 0000.0c07.ac0b (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.256 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is 10.2.1.253, priority 105 (expires in 9.416 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl11-11" (default)
インタフェーストラッキングのテスト
sw02 でトラッキング対象のインタフェースを shutdown してみます。
sw02(config)#int fa1/0
sw02(config-if)#shut
状態を確認します。
想定通り、スタンバイに移行しました。
sw02#show standby vlan 11 brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl11 11 95 P Standby 10.2.1.252 local 10.2.1.254
sw02#show standby vlan 11
Vlan11 - Group 11
State is Standby
4 state changes, last state change 00:00:17
Virtual IP address is 10.2.1.254
Active virtual MAC address is 0000.0c07.ac0b
Local virtual MAC address is 0000.0c07.ac0b (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.444 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is 10.2.1.252, priority 100 (expires in 9.404 sec)
Standby router is local
Priority 95 (configured 105)
Track object 1 state Down decrement 10
Group name is "hsrp-Vl11-11" (default)
sw01 の状態を確認します。
こちらはアクティブに移行しています。
sw01#show standby vlan 11 brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl11 11 100 P Active local 10.2.1.253 10.2.1.254
sw01#show standby vlan 11
Vlan11 - Group 11
State is Active
2 state changes, last state change 00:01:12
Virtual IP address is 10.2.1.254
Active virtual MAC address is 0000.0c07.ac0b
Local virtual MAC address is 0000.0c07.ac0b (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.964 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.1.253, priority 95 (expires in 8.016 sec)
Priority 100 (default 100)
Group name is "hsrp-Vl11-11" (default)
疎通確認を実施します。
VPCS[3]> ping 10.2.1.254
10.2.1.254 icmp_seq=1 ttl=255 time=2.467 ms
10.2.1.254 icmp_seq=2 ttl=255 time=9.124 ms
10.2.1.254 icmp_seq=3 ttl=255 time=1.167 ms
10.2.1.254 icmp_seq=4 ttl=255 time=4.725 ms
10.2.1.254 icmp_seq=5 ttl=255 time=5.473 ms
VPCS[3]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 ttl=255 time=19.915 ms
10.2.0.254 icmp_seq=2 ttl=255 time=6.920 ms
10.2.0.254 icmp_seq=3 ttl=255 time=7.860 ms
10.2.0.254 icmp_seq=4 ttl=255 time=25.167 ms
10.2.0.254 icmp_seq=5 ttl=255 time=9.093 ms
VPCS[3]> ping 10.2.0.2
10.2.0.2 icmp_seq=1 ttl=63 time=16.001 ms
10.2.0.2 icmp_seq=2 ttl=63 time=12.281 ms
10.2.0.2 icmp_seq=3 ttl=63 time=17.128 ms
10.2.0.2 icmp_seq=4 ttl=63 time=10.668 ms
10.2.0.2 icmp_seq=5 ttl=63 time=15.945 ms
トラッキング戻し
sw02 で先ほど shut したインタフェースをno shut します。
sw02(config)#int fa1/0
sw02(config-if)#no shut
状態を確認します。アクティブに戻っています。
sw02#show standby vlan 11 brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl11 11 105 P Active local 10.2.1.252 10.2.1.254
sw02#show standby vlan 11
Vlan11 - Group 11
State is Active
5 state changes, last state change 00:00:19
Virtual IP address is 10.2.1.254
Active virtual MAC address is 0000.0c07.ac0b
Local virtual MAC address is 0000.0c07.ac0b (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.804 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is local
Standby router is 10.2.1.252, priority 100 (expires in 9.792 sec)
Priority 105 (configured 105)
Track object 1 state Up decrement 10
Group name is "hsrp-Vl11-11" (default)
sw01 側を確認します。こちらはスタンバイになっています。
sw01#show standby vlan 11 brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl11 11 100 P Standby 10.2.1.253 local 10.2.1.254
sw01#show standby vlan 11
Vlan11 - Group 11
State is Standby
4 state changes, last state change 00:00:54
Virtual IP address is 10.2.1.254
Active virtual MAC address is 0000.0c07.ac0b
Local virtual MAC address is 0000.0c07.ac0b (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.748 secs
Authentication MD5, key-chain "ccna"
Preemption enabled
Active router is 10.2.1.253, priority 105 (expires in 8.772 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Vl11-11" (default)
疎通確認を実施します。
VPCS[3]> ping 10.2.1.254
10.2.1.254 icmp_seq=1 ttl=255 time=9.207 ms
10.2.1.254 icmp_seq=2 ttl=255 time=6.971 ms
10.2.1.254 icmp_seq=3 ttl=255 time=6.479 ms
10.2.1.254 icmp_seq=4 ttl=255 time=5.829 ms
10.2.1.254 icmp_seq=5 ttl=255 time=5.949 ms
VPCS[3]>
VPCS[3]> ping 10.2.0.254
10.2.0.254 icmp_seq=1 ttl=255 time=18.133 ms
10.2.0.254 icmp_seq=2 ttl=255 time=19.103 ms
10.2.0.254 icmp_seq=3 ttl=255 time=12.519 ms
10.2.0.254 icmp_seq=4 ttl=255 time=11.096 ms
10.2.0.254 icmp_seq=5 ttl=255 time=14.630 ms
VPCS[3]>
VPCS[3]> ping 10.2.0.2
10.2.0.2 icmp_seq=1 ttl=63 time=19.529 ms
10.2.0.2 icmp_seq=2 ttl=63 time=30.588 ms
10.2.0.2 icmp_seq=3 ttl=63 time=19.531 ms
10.2.0.2 icmp_seq=4 ttl=63 time=20.209 ms
10.2.0.2 icmp_seq=5 ttl=63 time=13.150 ms
まとめ
Dynagen、Dynamips、vpcs を使って、HSRP を練習しました。
同一モデルのスイッチを同じ箇所に揃えて設置できるならスタック構成のほうが向いているものの、そうでないなら FSRP の利用が合理的なこともあるようです。
記載が分散しているので、練習の中で実行したコマンドをここで改めてまとめておきます。
sw01 で VLAN10、VLAN11のブリッジプライオリティを指定します。
sw01(config)#spanning-tree vlan 10 root primary
sw01(config)#spanning-tree vlan 11 root secondary
sw02 で VLAN10、VLAN11のブリッジプライオリティを指定します。
sw02(config)#spanning-tree vlan 11 root primary
sw02(config)#spanning-tree vlan 10 root secondary
(上記、ブリッジプライオリティの設定は本編では実行してませんが、前提となるシナリオで投入済みです)
sw01 側の hsrp の設定です。
sw01(config)#key chain ccna
sw01(config-keychain)#key 22
sw01(config-keychain-key)#key-string cisco
sw01(config-keychain-key)#track 1 interface fa1/0 line-protocol
sw01(config-track)#int vlan 10
sw01(config-if)#standby 10 ip 10.2.0.254
sw01(config-if)#standby 10 authentication md5 key-chain ccna
sw01(config-if)#standby 10 priority 105
sw01(config-if)#standby 10 preempt
sw01(config-if)#standby 10 track 1 decrement 10
sw01(config)#int vlan 11
sw01(config-if)#standby 11 ip 10.2.1.254
sw01(config-if)#standby 11 authentication md5 key-chain ccna
sw01(config-if)#standby 11 preempt
sw02 側の hsrp の設定です。
sw02(config)#key chain ccna
sw02(config-keychain)#key 22
sw02(config-keychain-key)#key-string cisco
sw02(config-keychain-key)#track 1 interface fa1/0 line-protocol
sw02(config-track)#int vlan 10
sw02(config-if)#standby 10 ip 10.2.0.254
sw02(config-if)#standby 10 authentication md5 key-chain ccna
sw02(config-if)#standby 10 preempt
sw02(config)#int vlan 11
sw02(config-if)#standby 11 ip 10.2.1.254
sw02(config-if)#standby 11 authentication md5 key-chain ccna
sw02(config-if)#standby 11 priority 105
sw02(config-if)#standby 11 preempt
sw02(config-if)#standby 11 track 1 decrement 10
Discussion