From: Greg Wendel (gwendel@gmail.com)
Date: Wed Apr 11 2007 - 14:48:53 ART
Can you try to do this to force the secondary standby group to use a
different mack?
Rack1R1(config-if)#int f0/0
Rack1R1(config-if)#standby 111 mac-address abc.abc.abc
Rack1R1(config-if)#
On 4/11/07, Jian Gu <guxiaojian@gmail.com> wrote:
>
> Can't you simply turn on debug arp and clear arp to see what are those
> hosts
> are sending ARP requests to physical IP adderess?
>
> On 4/11/07, Ian Blaney <ian.blaney@gmail.com> wrote:
> >
> > Karl
> >
> > An ACL on the IP address of the HSRP physical/virtual will not work as
> the
> > destination address will always be the same and will never be the actual
> > HSRP IP address. For example if I do a ping from a remote subnet to a
> > machine that I am trying to find the default gateway of. The icmp reply
> > Layer 3 IP header will always have the IP address of the remote
> > destination
> > so it will never be matched on the ACL. Its only the layer 2 headers
> that
> > changes. Someone correct me here if I am talking out my ar*e.
> >
> > Saying the layer 2 header changes my initial question was not quite
> > correct.
> > This is a sample of the config
> >
> > interface Vlan122
> > ip address 10.10.10.251 255.255.255.0
> > standby 2 ip 10.10.10.254
> > standby 2 ip 10.10.10.253 secondary
> > standby 2 priority 200
> > standby 2 preempt
> >
> > As a temporary workaround the line "standby 2 ip 10.10.10.253 secondary"
> > was
> > added as some hosts had the wrong default gateway of 10.10.10.253instead
> > of
> > 10.10.10.254. The company want to take this out now but before they want
> > to
> > find all hosts with the wrong IP address ie .253. The problem is when I
> do
> > a
> > show ip arp
> >
> > TestLab#sh ip arp vlan 122
> > Protocol Address Age (min) Hardware Addr Type Interface
> > Internet 10.10.10.100 35 000a.e4b9.c78b ARPA Vlan122
> > Internet 10.10.10.251 - 0050.80ce.d200 ARPA Vlan122
> > Internet 10.10.10.253 - 0000.0c07.ac02 ARPA Vlan122 <---
> > Internet 10.10.10.254 - 0000.0c07.ac02 ARPA Vlan122 <---
> >
> > You see that both .253 and .254 have the same mac address ie reserved
> HSRP
> > mac address 00-00-0c-07-ac-xx where xx is the standby group number. I
> > cannot
> > even sniff and filter on mac address as they have the same mac address.
> >
> > Anyone have any ideas.
> >
> > Ian
> >
> > PS It would be great if we could use DHCP but there are some really old
> > specialized machines where DHCP is not available and the only option is
> to
> > statically configure the IP information
> >
> >
> >
> > On 4/11/07, Karl Brenner <karl.brenner@morenet.biz> wrote:
> > >
> > > Hi Ian,
> > >
> > > I've to recall my previous mail. You can't get the info you're after
> > > with an ACL. I can't think of anything else than sniffing for the arp
> > > requests. Don't you use a DHCP server for the subnet to manage IP
> > > addressing centrally?
> > >
> > > Karl
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
-- Gregory Wendel Springfield VA, 22153
This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:35 ART