Guest

Preview Tool

Cisco Bug: CSCvv77379 - Ping to HSRP VIP fails when traffic goes from Standby towards Active in a 4-way HSRP

Last Modified

Sep 22, 2020

Products (1)

  • Cisco Nexus 9000 Series Switches

Known Affected Releases

7.0(3)I7(7) 7.0(3)I7(9)

Description (partial)

Symptom:
Topology 

      +--------------------------------------------------------+
      |E1/2                   Trunk                         E1/3
      |                                                        |
+-----+------+               +------------+             +------+-------+  Po1     +-------------+
|            |               |            |             |              |  VPC PL  |             |
|    N3K1    +---------------+    N3K2    |             |     N9K      +----------+      N9K    |
|            |               |            |             |     Core1    +----------+      Core2  |
|            |               |            |             |              |          |             |
+------------+               +------------+             +------+-------+          +------+------+
 HSRP active                  HSRP standby                     |                         |
                                                               |                         |
                                                               |          VPC10          |
                                                               |                         |
                                                               |                         |
                                                         +-----+-------+          +------+-------+
                                                         |             |          |              |
                                                         |             +----------+              |
                                                         |    Core3    +----------+      Core4   |
                                                         |             |          |              |
                                                         +-------------+          +--------------+

1.    configure hsrp on core1,2,3,4 (priority 90,80,70,60).
2.    core1,2 is active standby.core3,4 is listen.
3.    core1,2 and core3,4 are vpc peers. (double side vpc)
4.    configure n3k1,2 as hsrp active standby (priority 120 110)
5.    Send ping from Core 2 to VLAN 10 VIP 10.1.1.1 and ADJ point to VPC peer link correctly.

CORE2(config)# show ip arp detail
Address         Age       MAC Address     Interface        Physical Interface  Flags
10.1.1.1        00:11:22  0000.0c07.ac0a  Vlan10           port-channel1      <<< point to Po1 (VPC PL)  

6.    There is no link connected btw core 1 and N3K at this time.
7.    Now start migration per customer step.
8.    E1/3 on Core1 configured as trunk and connected to N3K1.
9.    bring up the trunk port btw core 1 and N3k1, and core1,2 will become listen.
10.  change the hsrp role on N3K1,2 from 120,110 to 40,30 and core 1,2 will be become active standby.
11.  shut down the trunk port btw core 1 and n3k1.
12.  Issue was triggered and core2 will delete HSRP VIP MAC from l2fm.
13.  Ping from core 4 to HSRP VIP will be dropped on Core2.

CORE2# show ip arp detail
 
Flags: * - Adjacencies learnt on non-active FHRP router
       + - Adjacencies synced via CFSoE
       # - Adjacencies Throttled for Glean
       CP - Added via L2RIB, Control plane Adjacencies
       PS - Added via L2RIB, Peer Sync
       RO - Re-Originated Peer Sync Entry
 
IP ARP Table for context default
Total number of entries: 17
Address         Age       MAC Address     Interface        Physical Interface  F
lags
88.88.88.1      00:15:47  bc26.c75a.b237  Ethernet1/2      Ethernet1/2        
10.1.1.1        00:02:44  0000.0c07.ac0a  Vlan10                  -          <<< Problem state, Physical interface deleted
10.1.1.2        00:00:15  bc26.c75a.b237  Vlan10           port-channel1       
10.1.1.4        00:07:13  bc26.c7e3.5f11  Vlan10           port-channel10     
10.1.1.5        00:07:13  e00e.daa2.f7d9  Vlan10           port-channel10      +
 
CORE4(config)# ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1): 56 data bytes
36 bytes from 10.1.1.5: Destination Host Unreachable
Request 0 timed out
Request 1 timed out
Request 2 timed out
Request 3 timed out
Request 4 timed out

Conditions:
HW: N9K-C93180YC-EX
SW: 7.0(3)I7(7) , 7.0(3)I7(9)
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.