Meraki

Community

Ping fail to ISP MPLS router with HSRP

Solved
LivintheDream
Here to help
‎Jun 8 2018 6:41 AM
‎Jun 8 2018 6:41 AM

Ping fail to ISP MPLS router with HSRP

Hi all,

 

I have raised a support ticket but worth putting a question here as well in case anyone as seen this.

 

We are changing our ISP to a new MPLS provider who use HSRP (some sites we have two routers and lines so this is the preferred configuration).

 

I have created a Vlan for testing and can ping the Vlan interface, i can also ping a Windows Server in that Vlan but i am unable to ping the ISP router(s), i can see the MAC address and IP Address for both the physical and virtual interfaces of the router in the meraki dashboard when i look at the port but no ping... after a while those interfaces disappear from the clients view on the interface.

 

when i look at the ARP table i have managed to see the router physical MAC and IP but not the virtual NIC details

 

Anyone for any ideas or seen this before?

 

thanks

Mark

0 Kudos
1 Accepted Solution
In response to PhilipDAth
LivintheDream
Here to help
‎Jun 12 2018 7:57 AM
‎Jun 12 2018 7:57 AM

Hi,

 

Sorry for the "black ops mode" was away.

 

So the issue is solved and it just highlights my lack of detailed network knowledge i'm afraid.

 

I was not able to ping the ISP routers either directly connected via laptop or using a dumb unmanaged switch. Although with the dumb switch plugged in to my Meraki network i was able to ping everything else except the ISP routers.

 

When i got the configs for the ISP routers he also asked me to confirm the Native Vlan was set to 1, when i trunked the ports originally i used the native vlan as the vlan ID's i was using for testing (i.e. 110 and 111). As soon as i changed them to 1 and set the allowed vlans to the vlans we are testing - BANG, everything pings both local and across the MPLS, bit of a Grr moment but happy we can proceed.

 

Thanks for your efforts and i hope this helps anyone else falling into the same trap.

 

Mark

View solution in original post

0 Kudos
12 Replies 12
LivintheDream
Here to help
‎Jun 8 2018 6:42 AM
‎Jun 8 2018 6:42 AM

oops, forgot to mention the Meraki devices are MS225-48

0 Kudos
In response to LivintheDream
Adam
Kind of a big deal
‎Jun 8 2018 7:06 AM
‎Jun 8 2018 7:06 AM

Private MPLS circuit?

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
0 Kudos
In response to Adam
LivintheDream
Here to help
‎Jun 8 2018 7:08 AM
‎Jun 8 2018 7:08 AM

Hi Adam,

 

Yes thats right, its Private but it does have a FW at the end (which is not commissioned yet)

 

The Default route for the Meraki devices is still the current ISP (another private MPLS) with a FW and we have obviously been using for some time.

 

Thanks

Mark

0 Kudos
In response to LivintheDream
ww
Kind of a big deal
Kind of a big deal
‎Jun 8 2018 7:48 AM
‎Jun 8 2018 7:48 AM

did you provider say that it should respond to ping?

0 Kudos
In response to ww
LivintheDream
Here to help
‎Jun 8 2018 7:52 AM
‎Jun 8 2018 7:52 AM

Hi,

 

yes we was on a call for around 90 minutes trying to solve. the best i got was some entries in the ARP table showing the ISP router interface

 

I was reading up on HSRP and it looks like it needs Multicast to communicate to the other interface, the MS225 do not support Multicast but do support IGMP snooping shich i have enabled on the Vlan interface, still no luck.

0 Kudos
In response to LivintheDream
Adam
Kind of a big deal
‎Jun 8 2018 8:00 AM
‎Jun 8 2018 8:00 AM

Can you explain the topology and how you desire for this to work?  Sorry for all the questions, I'm just trying to formulate some ideas for you.  We use a lot of private MPLS links but we just failover to internet/VPN so I don't have much experience with HSRP.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
0 Kudos
In response to Adam
LivintheDream
Here to help
‎Jun 8 2018 8:23 AM
‎Jun 8 2018 8:23 AM

Hi Adam,

 

sorry i missed your post.

 

at it's most simplistic, we have a MPLS line going into a site, the router is setup with HSRP but with one interface that will connect as a trunk port into the Meraki switch (obviously with the correct network settings), our ISP said the HSRP is sort of redundant in this simple instance and will activate if we enable a 2nd interface.

 

for the more advanced sites we have two lines coming in with two separate routers for our Private MPLS network, in this instance both interfaces are live on the switch ports but the default GW for us will be the virtual interface, which will of course be active/passive mode and will failover to either router in the event of a line failure.

 

during the troubleshooting i have tried to ping physical and virtual interfaces.

 

It feels so simple that it should work... but its not

 

thanks for your ongoing efforts

Mark

0 Kudos
In response to LivintheDream
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 8 2018 4:02 PM
‎Jun 8 2018 4:02 PM

If you plug a PC directly into the MPLS circuit can you then ping the HSRP address?

0 Kudos
In response to PhilipDAth
LivintheDream
Here to help
‎Jun 12 2018 7:57 AM
‎Jun 12 2018 7:57 AM

Hi,

 

Sorry for the "black ops mode" was away.

 

So the issue is solved and it just highlights my lack of detailed network knowledge i'm afraid.

 

I was not able to ping the ISP routers either directly connected via laptop or using a dumb unmanaged switch. Although with the dumb switch plugged in to my Meraki network i was able to ping everything else except the ISP routers.

 

When i got the configs for the ISP routers he also asked me to confirm the Native Vlan was set to 1, when i trunked the ports originally i used the native vlan as the vlan ID's i was using for testing (i.e. 110 and 111). As soon as i changed them to 1 and set the allowed vlans to the vlans we are testing - BANG, everything pings both local and across the MPLS, bit of a Grr moment but happy we can proceed.

 

Thanks for your efforts and i hope this helps anyone else falling into the same trap.

 

Mark

0 Kudos
In response to LivintheDream
ww
Kind of a big deal
Kind of a big deal
‎Jun 14 2018 2:21 AM
‎Jun 14 2018 2:21 AM

if you don't have the configs you would probably expect the router to have layer3 ports.

0 Kudos
In response to LivintheDream
ww
Kind of a big deal
Kind of a big deal
‎Jun 8 2018 8:00 AM
‎Jun 8 2018 8:00 AM

you just put the two routers in the same vlan. you dont need any multicast because this traffic is only for this two routers and would not leave the vlan.

if you have the correct subnet and mask on your svi you should be able to ping the from your svi/switch.

if not then maybe default your switch once.

 

In response to ww
LivintheDream
Here to help
‎Jun 8 2018 8:12 AM
‎Jun 8 2018 8:12 AM

Hi,

 

thanks for the clarification, confirmed the Vlan ID, Subnet and mask are correct on the Cisco router and the Meraki Vlan. It is on three switches i have tested across two sites (Networks), so must be a configuration issue but just cant see it.

 

I have posted the Cisco config on my Meraki support ticket and they will have access to my Meraki configuration so will update this post when we get to the bottom of it.

 

thanks for your help

 

Mark

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.