VRRP : I am unable to ping the virtual address, I can only ping thebackup addresses.

Discussion in 'Cisco' started by ATM, Nov 12, 2008.

  1. ATM

    ATM Guest

    I have two vlans and two VRRPs on a layer2/3 switch.

    Switch 1 |
    Switch 2
    ---------------------------------------------------------------------|----------------------------------------------------------------------
    Master VRRP 1
    IP Backup

    vlan 11 ] 10.199.9.32 --------| 10.199.9.50 | ----------------|
    10.199.9.50 |------10.199.9.33 [ Vlan 21

    Master VRRP 2 IP

    vlan 12 ] 10.199.77.32 --------| 10.199.77.50 |--------------|
    10.199.77.50|-----10.199.77.33 [ Vlan 22

    ---------------------------------------------------------------------|----------------------------------------------------------------------

    I can consistently ping only the back up vlan ip ( 10.199.9.33 or
    10.199.77.33 )
    But I can never ping the virtual IPs ( 10.199.9.50 or 10.199.77.50)
    and the IPs of the master ( 10.199.9.32/10.199.77.32)

    All interfaces and VRRP interconnects are untagged mode.
    Am i missing something ?

    Thanks a lot
    Arvind
     
    ATM, Nov 12, 2008
    #1
    1. Advertisements

  2. ATM

    Trendkill Guest

    I can't speak to this directly, but here is a related link.

    http://www.ciscoblog.com/archives/2006/04/hsrp_vs_vrrp_vs.html
    Do a control-F for 'through' and you'll see some posts about pings
    failing to group IP after failover.

    I would recommend doing some show arps and show cam/macs on the
    network gear to see exactly what is going on.
     
    Trendkill, Nov 13, 2008
    #2
    1. Advertisements

  3. ATM

    Stephen Guest

    VRRP standard explicitly says the software should do wierd things for
    the "master" IP address which dont apply to backup, so you may be
    stumbling over this.

    the issue was about the owner MAC address and ping responses (only a
    master will reply, which was something about knowing when backup is
    active) - sounds like the opposite of what you are getting.

    it was much easier for diags if each physical interface has its own
    address and the VRRP floating address(es) are separate (and your NMS
    may prefer this as well for consistent polling).

    1 way around this on other systems (Bay / Nortel routers) was to use 2
    different backup priorities and not configure a master at all.
    note from someone setting it up, who seems to have had similar issues.
    http://www.ciscoblog.com/archives/2006/04/hsrp_vs_vrrp_vs.html
     
    Stephen, Nov 13, 2008
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.