[c-nsp] %STANDBY-3-BADAUTH log messages

Matti Saarinen mjsaarin at cc.helsinki.fi
Tue Nov 8 04:23:53 EST 2005


 [ Back to my old question ]

"Dale W. Carder" <dwcarder at doit.wisc.edu> writes:

>> $router: Oct 21 13:26:19.164: %STANDBY-3-BADAUTH: Bad authentication \ 
>> from $address, group 0, remote state Active
>
> I found that watching for HSRP messages is a good indicator of a
> network loop of some sort, be it the vlan bridged to itself, or to
> another vlan.

 Now, I've time enough to run tcpdump and found out that there is a
 leakage of HSRP packets between two vlans. Surprisingly enough, the
 leakage seems to be one way.

> ALso note that I think HSRP uses the same mac address for each
> vlan interface, 

 As Rubens Kuhl Jr pointed out, the HSRP group number defines the mac
 address used. Unfortunately, we use the same group number for every
 interface on a router. (There must be some reason why this is done,
 but I'm not aware of it.) Also, the vlans between which the leakage
 happens are way too large, so it may be that we're hitting some limit
 in some switch that has ports configured for both vlans.

 Cheers,

-- 
- Matti -


More information about the cisco-nsp mailing list