From: Jefferson, Dave (djefferson@xxxxxxxxxxxx)
Date: Wed Aug 01 2001 - 10:40:19 GMT-3
Trying to use this to prevent other routers from hijacking the standby ip
address by using a higher priority. I have a vlan that is use to connect
other Business to Business connections to my enterprise. Sometimes these new
connections use the same hsrp group number as we do and can if priority is
high enough force themselve to be primary and impose a new standby ip
address for the group. Currently with testing on 11.3.6T this problem
happens regardless of the use of hsrp authentication all that happens is I
get badauth messages. Anyone have any experience with HSPR authentication?
thanks.
configs
router1#sho run
Building configuration...
Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname router1
!
boot system flash flash:c2600-i-mz.113-6.T
!
ip subnet-zero
!
!
!
interface Loopback0
ip address 10.10.10.1 255.255.255.255
no ip directed-broadcast
!
interface BRI0/0
no ip address
no ip directed-broadcast
--More-- shutdown
!
interface Ethernet0/0
ip address 10.10.7.2 255.255.255.0
no ip redirects
no ip directed-broadcast
standby priority 91
standby preempt
standby authentication cisco
standby ip 10.10.7.1
!
interface Serial0/0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
no fair-queue
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
!
ip classless
!
--More-- !
line con 0
password test
login
transport input none
line aux 0
password test
login
line vty 0 4
password test
login
!
no scheduler allocate
end
router1#sho ver
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 11.3(6)T, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Tue 06-Oct-98 18:42 by ccai
Image text-base: 0x80008084, data-base: 0x80554578
ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
router1 uptime is 24 minutes
System restarted by reload
System image file is "flash:c2600-i-mz.113-6.T", booted via flash
cisco 2610 (MPC860) processor (revision 0x202) with 24576K/8192K bytes of
memory.
Processor board ID JAB03110980 (3120737693)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
1 Ethernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
--More--
Configuration register is 0x2102
router1#sho stand
Ethernet0/0 - Group 0
Local state is Listen, priority 91, may preempt
Hellotime 3 holdtime 10
Hot standby IP address is 10.10.7.1 configured
Active router is 10.10.7.32 expires in 00:00:09
Standby router is 10.10.7.3 expires in 00:00:09
Standby virtual mac address is 0000.0c07.ac00
router1#debug
00:24:40: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.32, remote state
Activestandby
Hot standby protocol debugging is on
router1#
00:24:46: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:24:46: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:24:49: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:24:49: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:24:52: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:24:52: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:24:55: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:24:55: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:24:58: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:24:58: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:25:01: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:01: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:25:04: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:04: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:25:07: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:07: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:25:10: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:10: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.32, remote state
Active
00:25:10: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
router1#sho lo
00:25:13: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:13: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31g
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 133 messages logged
Monitor logging: level debugging, 0 messages logged
Trap logging: level informational, 71 message lines logged
Buffer logging: disabled
router1#
00:25:16: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:16: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:25:19: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:25:19: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
sho run
Building configuration...
Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname router2
!
boot system flash flash:c2600-i-mz.113-6.T
!
memory-size iomem 20
ip subnet-zero
no ip finger
!
!
!
interface Loopback0
ip address 10.10.10.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.10.7.3 255.255.255.0
--More-- no ip redirects
standby priority 101
standby preempt
standby authentication cisco
standby ip 10.10.7.1
!
interface Serial0/0
ip address 10.2.10.1 255.255.255.0
no fair-queue
clockrate 56000
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
!
ip classless
!
!
line con 0
password test
login
transport input none
line aux 0
password test
--More-- login
line vty 0 4
password test
login
!
no scheduler allocate
end
router2#sho ver
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 11.3(6)T, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Tue 06-Oct-98 18:42 by ccai
Image text-base: 0x80008084, data-base: 0x80554578
ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
router2 uptime is 23 minutes
System restarted by reload
System image file is "flash:c2600-i-mz.113-6.T", booted via flash
cisco 2610 (MPC860) processor (revision 0x202) with 32768K/8192K bytes of
memory.
Processor board ID JAD04110BWI (2023811960)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
--More--
router2#shoo standb
00:23:11: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.32, remote state
Activey
Ethernet0/0 - Group 0
Local state is Standby, priority 101, may preempt
Hellotime 3 holdtime 10
Next hello sent in 00:00:00.832
Hot standby IP address is 10.10.7.1 configured
Active router is 10.10.7.32 expires in 00:00:07
Standby router is local
Standby virtual mac address is 0000.0c07.ac00
router2#s debug standby
Hot standby protocol debugging is on
router2#
00:23:23: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:23: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:26: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:26: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:29: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:29: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:32: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:32: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:35: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:35: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:38: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:38: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:41: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:41: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.32, remote state
Active
00:23:41: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:44: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:44: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:23:47: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:47: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
router2#
00:23:50: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:50: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
router2#un
00:23:53: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:53: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31debug all
All possible debugging has been turned off
router2#
00:23:56: SB0:Ethernet0/0 Hello out 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:23:56: SB0:Ethernet0/0 Hello in 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
router2#sho log
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 381 messages logged
Monitor logging: level debugging, 0 messages logged
Trap logging: level informational, 67 message lines logged
Buffer logging: disabled
router2#
sho run
Building configuration...
Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname router3
!
!
!
!
!
interface Loopback0
ip address 10.10.10.3 255.255.255.255
!
interface Ethernet0/0
ip address 10.10.7.32 255.255.255.0
no ip redirects
no ip directed-broadcast
standby priority 111
standby preempt
--More--
00:09:37: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.3, remote state
Standby standby authentication cisco2
standby ip 10.10.7.31
!
interface Serial0/0
ip address 10.2.10.2 255.255.255.0
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
!
ip classless
!
!
line con 0
password test
login
line aux 0
password test
login
line vty 0 4
password test
login
!
no scheduler allocate
--More-- end
router3#sho ver
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 11.3(6)T, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Tue 06-Oct-98 18:42 by ccai
Image text-base: 0x80008084, data-base: 0x80554578
ROM: System Bootstrap, Version 11.3(2)XA3, PLATFORM SPECIFIC RELEASE SOFTWARE
(fc1)
router3 uptime is 9 minutes
System restarted by power-on
System image file is "flash:c2600-i-mz.113-6.T", booted via flash
cisco 2610 (MPC860) processor (revision 0x202) with 24576K/8192K bytes of
memory.
Processor board ID JAB030305PJ (2051670919)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
--More--
router3#sho stand
Ethernet0/0 - Group 0
Local state is Active, priority 111, may preempt
Hellotime 3 holdtime 10
Next hello sent in 00:00:01.341
Hot standby IP address is 10.10.7.31 configured
Active router is local
Standby router is 10.10.7.3 expires in 00:00:08
Standby virtual mac address is 0000.0c07.ac00
router3#deg bug standby
Hot standby protocol debugging is on
router3#
00:10:01: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:01: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:04: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:04: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:07: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.3, remote state
Standby
00:10:07: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:07: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:10: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:10: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:13: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:13: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:16: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:16: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:19: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:19: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:22: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:22: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:25: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:25: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:28: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:28: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
00:10:31: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:31: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31
router3#und
00:10:34: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:34: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31ebug all
00:10:37: %STANDBY-3-BADAUTH: Bad authentication from 10.10.7.3, remote state
Standby
All possible debugging has been turned off
router3#
00:10:37: SB0:Ethernet0/0 Hello in 10.10.7.3 Standby pri 101 hel 3 hol 10 ip
10.10.7.1
00:10:37: SB0:Ethernet0/0 Hello out 10.10.7.32 Active pri 111 hel 3 hol 10 ip
10.10.7.31sho log
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 56 messages logged
Monitor logging: level debugging, 0 messages logged
Trap logging: level informational, 34 message lines logged
Buffer logging: disabled
router3#
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:42 GMT-3