Lets try a ping: H1 is unable to ping H2. And besides, please elaborate when you mean "router totally down". 2023 Cisco and/or its affiliates. Line protocol is down on Cisco Router / IOS 12.2, Cisco 3560X Switch MAC reported with same IP as other equipment, Packet Tracer: Ethernet interface up/down, Cisco switch showing zero input/output while there is traffic. No, it is point-to-point at layer-3. Lets check if all interfaces are up: This is what we are looking for. VLAN trunking between Juniper EX -> Cisco Catalyst -> and Cisco Router. CN router also shows the interface going up/down when disconnected and reconnected 542), How Intuit democratizes AI development across teams through reusability, We've added a "Necessary cookies only" option to the cookie consent popup. Hi Rene, thanks for the lessons. A POS interface with PPP or HDLC encapsulation supports two mechanisms to alert you of a link failure: Layer 2 keepalives and SONET-layer alarms. Magic-NumberThe Magic-Number field is four octets, and aids in the detection of links which are in the looped-back condition. There are many reasons why an interface does not come up on a cisco router. Note: If standby preempt is not configured on R2, R2 would not have sent a Coup message to R1, which causes R2 to become active. Find answers to your questions by entering keywords or phrases in the Search bar above. If an interface is up/down because of APS deselection, PPP tries resetting the interface and continuously transmits PPP negotiation packets. In my case, use different prefix length can cause this problem. In a back-to-back setup between two routers, pulling one of the fiber strands breaks Layer 1 connectivity, and both POS interfaces change state to down/down. 10:55 PM The autostate feature notifies a switch or routing module VLAN interface (Layer 3 (L3) interface) to transition to up/up status when at least one Layer 2 (L2) port becomes active in that VLAN. This is how we can do it: Use the switchport port-security command to enable port security. If you are working in a live network, ensure that you understand the potential impact of any command before using it. At least one L2 port is in spanning-tree forwarding state on this VLAN. Aug 4 14:48:36.323 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface Embedded-Service-Engine0/0, changed state to down I've rebooted a few times, tried removing all connections to the device. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. - edited The line protocol is down because the interface is in the transition state (listening->learning to forwarding). Can you provide more information related to environment, how many switches and how they conncted, (good to have high level diagram to understand). By default, there is no limit to the number of MAC addresses a switch can learn on an interface, and all MAC addresses are allowed. Another card inserted in the same slot experiences this problem. Thus, you see the line protocol come up briefly on a periodic basis when there is a sustained problem, even when the fiber is removed. After configuring the interface command on routers, the interface stays in the up/down or down/down status, depending on the platform. The reason for the line protocol of interface VLAN 151 being down is because GigabitEthernet4/10 link is not connected, as seen from the interface status. The protocol line state for the VLAN interfaces will come up when the first switchport belonging to the corresponding VLAN link comes up and is in spanning-tree forwarding state. Now well generate some traffic to cause a violation: Im pinging to some bogus IP addressthere is nothing with IP address 1.2.3.4; I just want to generate some traffic. Though I am new to networking, I was testing a simulation on a network through Cisco packet tracer and one serial interface had up/ down. Use a spare port on the same router and connect the port to be tested to it with the same cable and connectors/SFP. In the question, the interface is layer-1, and the line protocol is layer-2. When you were hired, the organization was small, and only a single switch and router were required to support your users. On MSFC, issue the show int vlan command. Check to make sure that VLAN 151 exists in the VLAN database and is active. Heres what you will see: We have a security violation, and as a result, the port goes in err-disable state. Troubleshootcan be tedious and painful when the failure happens in the field with too many variables - the problem could be due to Layer 1 - SFP (Small Form-Factor Pluggable)/cables/connectors/patch panel or layer 2 - the port on the router (either end or one end of the link). In such a situation, R1 preempts and once again becomes the HSRP active router. POS interfaces support PPP in High-Level Data Link Control (HDLC)-like framing, as specified in RFC 1662 , for data encapsulation at Layer 2. Asking for help, clarification, or responding to other answers. Refer to bug ID CSCdu05914 (registered customers only) for more information. For example, on switch interface configure an IP address 192.0.2.0/31 and on server interface configure 192.0.2.1/24. According to point 3 as I understand I miss the valuable information because at that time i have panic and directly t restart my router, btw thanks for your advice. You should see a path alarm indication signal (P-AIS) on router 7507a and a path remote defect indication (P-RDI) on 7507b. Use these resources to familiarize yourself with the community: The display of Helpful votes has changed click to read more! Interface FastEthernet0/0, changed state to up *Mar 1 00:07:24.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0 . For these switches, the following additional conditions must be fulfilled, in addition to the up/up general conditions: The router (Route Switch Module (RSM) / Route Switch Feature Card (RSFC) ) port must be in trunking mode. Start by replacing the cable connected to the port with a new one. Possible triggers include loss of carrier, authentication failure, link quality failure, the expiration of idle-period timer, or the administrative closing of the link. Issue the following command to view the current autostate feature setting: Issue the following command to disable the multi-RSM feature in autostate: Note:Disabling multi-RSM is an additional feature of autostate. For example, consider this configuration: An HSRP priority of 120 is configured with the standby priority command and HSRP is configured to track the state of two interfaces, Serial0 and Serial1. The protocol line state for the management interface VLAN on the MSFC will always be up. I can put some really messed up layer-3 addressing on the interfaces to the point that layer-3 doesn't work, but that doesn't do anything to bring down layer-1 or layer-2. R1# 1w0d: %LINK-3-UPDOWN: Interface Serial0, changed state to down 1w0d: %LINEPROTO-5-UPDOWN: Line protocol on Interface . The value in this field identifies the datagram encapsulated in the Information field of the packet. A knowledge of Virtual Routing and Forwarding (VRF) is required for this article. Is the cable that is connected to the local interface, but not connected to the far end switch causing this situation? Refer toCisco Technical Tips Conventions for more information on document conventions. This table lists the three classes of LCP packets: LCP is used to establish the connection through an exchange of Configure packets. Maybe the Rapid-PVST+ wanted to be the root for the CST? Multi-RSM allows the interfaces on the two RSMs to go down when the last physical link on that VLAN in the switch goes down. who is the root bridge here ? Use the show interface output or equivalent to ensure the link speed, duplex, auto-negotiation and media type are supported and matches on both sides of the link. when HSRP failing - this could be low reasons. RFC 2615 specifies the use of PPP encapsulation over SONET or SDH links. The data may consist of any binary value. Change the cables and SFP. This is sample output from the debug serial interface command for an HDLC connection when the remote interface is shut and the local interface misses more than three keepalives. Troubleshoot. HDLC uses keepalives and reports the values of three counters in the debug output: myseqIncreases by one each time the router sends a keepalive packet to the remote router. Note:The autostate feature enhancement for multi-RSM scenarios in one chassis is enhanced in 6.1.2. How is the "active partition" determined when using GPT? Check the status of interface gig 4/10 assigned to VLAN 151. Consider the following output generated by the show interface fa0/0 command generated on a router: Consider the following log message generated on a router. On the RSM, issue the show int command. However, although closely related, PPP and HDLC are not the same, and different debug commands are used to troubleshoot line protocol problems. Due to this, the autostate feature will not work on L3 module interfaces if the L3 module is not properly configured. Shutting the interface after a security violation is a good idea (security-wise), but the problem is that the interface will stay in err-disable state. The interfaces that Im working with are both showing up/up. To use this feature, autostate must be enabled. The examples are pulled for an ethernet link on ASR1000 router. Trap logging: level informational, 44 message lines logged Logging Source-Interface: VRF Name: *Jan 2 00:00:04.247: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c2900 Next reboot level = ipbasek9 and License = ipbasek9*Jan 2 00:00:04.451: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c2900 Next reboot level = securityk9 and License = securityk9*Jun 15 01:31:55.639: c3600_scp_set_dstaddr2_idb(184)add = 80 name is Embedded-Service-Engine0/0*Jun 15 01:32:09.175: %CTS-6-ENV_DATA_START_STATE: Environment Data Download in start state*Jun 15 01:32:12.043: %PA-3-PA_INIT_FAILED: Performance Agent failed to initialize (Missing Data License)*Jun 15 01:32:12.067: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Initialized *Jun 15 01:32:12.071: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Enabled *Jun 15 01:32:16.803: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up*Jun 15 01:32:16.803: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to up*Jun 15 01:32:17.619: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down*Jun 15 01:32:17.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up*Jun 15 01:32:17.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up*Jun 15 01:32:18.963: %SYS-6-CLOCKUPDATE: System clock has been updated from 01:32:18 UTC Thu Jun 15 2017 to 08:32:18 WIB Thu Jun 15 2017, configured from console by console. Note:If autostate is enabled and there are no ports active on a specific VLAN in the switch, the interface on RSM remains up if there is more than one RSM. HDLC is the default encapsulation type on a POS router interface. When the difference in the values in the myseq and mineseen fields exceeds three, the line goes down and the interface is reset. Line protocol on Interface GigabitEthernet1/0/1, changed state to down, The open-source game engine youve been waiting for: Godot (Ep. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. The open-source game engine youve been waiting for: Godot (Ep. Use the switchport port-security mac-address command to define the MAC address that you want to allow. Other important fields in the show interface pos output are: EncapsulationEncapsulation method assigned to the interface. VLAN interface exists on the router and is not administratively down. Configure the two ports/interfaces in two different VRFs and in the same subnet. When one side is unplugged, both LEDs go green. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language. To learn more, see our tips on writing great answers. Is quantile regression a maximum likelihood method? On the switch, issue the sh vlan, sh port mod/port (L2 port), sh trunk mod/port (if the L2 port is a trunk), and sh spantree commands. Learn more about Stack Overflow the company, and our products. Lets take a look at the following situation: In the topology above, someone connected a cheap (unmanaged) switch that they brought from home to the FastEthernet 0/1 interface of our Cisco switch. (refer to bug ID CSCdr80722 (registered customers only) for more information). Can you please tell me where did you discussed this topic. Refer to Cisco bug IDCSCdp72834 for more information. Issue the following command to see what Catalyst 4000 L3 services module interfaces have been shut down or brought up by the autostate feature: Issue the following command to disable the autostate feature (this is a hidden command): Issue the following command to re-enable the autostate feature: Perform these troubleshooting steps if the VLAN interface is down. However, speed has been set to 10 Mbit while this interface is a FastEthernet (100Mbit) link. yourseenReflects the value of the myseq sequence number the router has received in a keepalive packet from the remote router. Here is why: Hi, your lessons are very interesting. Session into the MSFC and verify the status of the VLAN interface again. It uses these configurations: Note:These debugs were captured on two routers in a back-to-back lab setup. The line protocol on an interface configured with PPP comes up only when all LCP and NCP sessions are negotiated successfully. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. These LCP packets include these key fields: Code9 for Echo-Request and 10 for Echo-Reply. The sc0 should always be up after the switch boots. If this is the case contact Cisco TAC to troubleshoot it further. Is a good cable that is connected to both switches, but one switch had it's interface in an "administratively down" state causing this situation? The autostate feature is not synchronized with the STP state. Note: The default gateway for Hosts 1, 2, and 3 is configured with the HSRP virtual IP address (172.16.6.100, in this case). Thank you for your response , this is my complete log that i have, =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2017.06.15 08:47:58 =~=~=~=~=~=~=~=~=~=~=~=sh loh gSyslog logging: enabled (0 messages dropped, 3 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled), Console logging: level debugging, 41 messages logged, xml disabled, filtering disabled Monitor logging: level debugging, 0 messages logged, xml disabled, filtering disabled Buffer logging: level debugging, 41 messages logged, xml disabled, filtering disabled Exception Logging: size (4096 bytes) Count and timestamp logging messages: disabled Persistent logging: disabled. Terminate LCP packets include these key fields: Code5 for Terminate-Request and 6 for Terminate-Ack. This means that another HSRP router with higher priority can become the active router if that router has the standby preempt enabled. This problem is resolved in Cisco bug ID CSCdp86387 (registered customers only) . When R2 becomes the active router all the traffic from the hosts to the servers is routed through R2. Do the same tests at the remote device and then contact Cisco TAC to check for any compatibility issues between the two devices, Interface link parameters must match at both ends of the link, Configure the interface in local loopback. You should explain/justify your conclusion. Ping from one VRF to the other VRF. Corgon-6000# Mar 11 12:11:23.406: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan151, changed state to up. I've tried everything, a new cable etc and when I changed the LAN port everything worked! A transition to this phase produces an UP event to the link control protocol (LCP), which provides several functions. The standby track command allows you to specify another interface on the router for the HSRP process to monitor in order to alter the HSRP priority for a given group. Regarding to the second question: What if the cable is good? The end of the field is indicated by the Length. At this point the R2 HSRP priority is higher than R1, and R2 takes over as the active router. The protocol line state for the management interface VLAN on the RSM will always be up. - Hire additional resources to help monitor and manage your network infrastructure. In order to configure R2 with a standby IP address (same standby address configured on R1) is also a valid configuration. This probably means another call to the helpdesk and you bringing the interface back to the land of the living! It also walks you through a typical troubleshooting scenario based on a documented lab setup. Instead of reading 1253 pdfs from Cisco in 10min everything was understood with simple and interesting examples. I'm using a Cisco Catalyst 2960-X Series. All rights reserved. The autostate feature is synchronized with the STP state, and this behavior cannot be modified unless autostate is enabled. Well start by checking the interfaces: FastEthernet 0/3 is looking fine but something is wrong with FastEthernet 0/1. Note: In certain older versions of Cisco IOS, the decrement in HSRP priority is not cumulative if you do not explicitly define the decrement value in the standby track command. If the R1 Serial 0 interface goes down, the R1 HSRP priority is decreased by 10. This diagram from RFC 1661 illustrates the format of a PPP keepalive packet. ASR 1000 Series Aggregation Services Routers. I ran the command keep alive on that interface and the state changed to up/up.. Did any answer help you? There are no specific prerequisites for this document. Transport IP packets and provide a method for receivers to determine the precise type of packet inside the arriving frame. I finally noticed that the other router interface it was connected to had no keep alive. So I have a good intuition that the issues comes from here. You can see the violation mode is shutdown and that the last violation was caused by MAC address 0090.cc0e.5023 (H1). Lets take a closer look at it: Hmm it says err-disabled. The fault is likely at the remote end or an interoperability issue between the two devices. At least we now know that there are no cable, speed or duplex errors. Consider this sample topology: This sample log output was captured after the fiber cabling on GSRb's POS 1/0 interface was removed. If you are lucky you might get a duplex message through CDP that tells you that there is a duplex mismatch. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Start by replacing the cable connected to the port with a new one. *Mar 1 01:54:39.699: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up. At least one L2 (access port or trunk) port exists and has a link up on this VLAN. Stack Exchange network consists of 181 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. I have configured port security, so only one MAC address is allowed. Let's take a closer look at port security: Also note the changes in open shortest path first (OSPF) adjacency states. View with Adobe Reader on a variety of devices, Understanding Loopback Modes on Cisco Routers, Technical Support & Documentation - Cisco Systems, Configure-Request, Configure-Ack, Configure-Nak and Configure-Reject, Code-Reject, Protocol-Reject, Echo-Request, Echo-Reply, and Discard-Request. The information in this document is based on these software and hardware versions: The information in this document was created from the devices in a specific lab environment. Can you post the configuration and spanning-tree config ? Line Protocol Is Down With PPP RFC 1661 defines PPP as a protocol. If the Ping fails, it points to a cable or SFP problem. Consider the following log message generated by a router: *Aug 8 11:18:12.081: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down . what are input errors on the CISCO switch? Standby Preempt and Standby Track Configuration. - Use a remote access utility such as SSH to access router and switch consoles remotely. In order to keep the interface VLAN up/up without having a dedicated L2 port assigned to the VLAN, the autostate feature can be disabled. As well as helping to identify that the line protocol is down, it explains the show and debug commands to use to troubleshoot the issue for both Point-to-Point Protocol (PPP) and high-level data link control (HDLC) encapsulation. *Jan 2 00:00:04.247: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c2900 Next reboot level = ipbasek9 and License = ipbasek9*Jan 2 00:00:04.451: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c2900 Next reboot level = securityk9 and License = securityk9*Jun 15 01:31:55.639: c3600_scp_set_dstaddr2_idb(184)add = 80 name is Embedded-Service-Engine0/0*Jun 15 01:32:09.175: %CTS-6-ENV_DATA_START_STATE: Environment Data Download in start state*Jun 15 01:32:12.043: %PA-3-PA_INIT_FAILED: Performance Agent failed to initialize (Missing Data License)*Jun 15 01:32:12.067: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Initialized *Jun 15 01:32:12.071: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State changed to: Enabled *Jun 15 01:32:16.803: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up*Jun 15 01:32:16.803: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to up*Jun 15 01:32:17.619: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down*Jun 15 01:32:17.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up*Jun 15 01:32:17.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up*Jun 15 01:32:18.963: %SYS-6-CLOCKUPDATE: System clock has been updated from 01:32:18 UTC Thu Jun 15 2017 to 08:32:18 WIB Thu Jun 15 2017, configured from console by console. The information presented in this document was created from devices in a specific lab environment. Gongratulations Ren, here it is a very useful lesson. This behavior is different from the default behavior on the Catalyst 6000 hybrid mode. Line protocol on Interface Vlan changed state to up. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. This could indicate a layer 1 problem like a broken cable, wrong cable (crossover instead of straight-through) or maybe a bad NIC. Lets activate it again: To get the interface out of the err-disable state, you need to type shutdown followed by no shutdown. Only typing no shutdown is not enough! The best answers are voted up and rise to the top, Not the answer you're looking for? New here? Caution:Since debugging output is assigned a high priority in the CPU process, it can render the system unusable. Note that this interface is running in half duplex. Spanning-tree port status on the L2 port is forwarding. *Jun 15 01:32:17.619: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down *Jun 15 01:32:17.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up . Thanks Lus! Refer to Troubleshooting Serial Line Problems for more information. Perform a local loop test first, and then a remote test. By clicking Post Your Answer, you agree to our terms of service, privacy policy and cookie policy. Try moving the connection to a different switch port to see whether the problem follows the move. Learn more about how Cisco is using Inclusive Language. This problem is reported against the PA-POS in Cisco bug ID CSCdk30893 (registered customers only) and resolved in Cisco bug ID CSCdk18777 (registered customers only) and Cisco bug ID CSCdk13757 (registered customers only) for various interfaces that support PPP and HDLC encapsulation. debug ppp errorsShows PPP errors (such as illegal or malformed frames) associated with PPP connection negotiation and operation. Line protocol on Interface Vlan613, changed state to down *Jun 15 01:32:21.115: %LINK-5-CHANGED: Interface Embedded-Service-Engine0/ . When R1 is the active router all the traffic from the hosts (Host 1, 2, 3) to the servers is routed through R1. Define a minimum and maximum packet length. Protocol field values in the "0***" to "3***" range identify the network-layer protocol of specific packets, and values in the "8***" to "b***" range identify packets belonging to the associated Network Control Protocols (NCPs), if any. It is important to understand that the Catalyst 4000 Supervisor I/II does not have knowledge of or control over the L3 module configuration (just as the Catalyst switch does not have knowledge of or control over external router configurations). If you are unlucky its possible that your interface goes down. Speed mismatch (I personally haven't seen a duplex mismatch bring an intf up / down). RFC 1661 defines PPP as a protocol. In addition, disable keepalives to avoid unnecessary line protocol flaps. What can cause "FastEthernet is up, line protocol is down" on a Cisco Switch? However the interface exists even if the module isn't present. Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up. Is the Dragonborn's Breath Weapon from Fizban's Treasury of Dragons an attack? Symptom: Dec 30 03:34:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to down Dec 30 03:35:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to up Dec 30 03:49:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/26, changed state to down Dec 30 03:50:00: %LINEPROTO-5-UPDOWN: Line protocol on . Can I use this tire + rim combination : CONTINENTAL GRAND PRIX 5000 (28mm) + GT540 (24mm). PPP was designed for use on point-to-point links and is suitable for SONET or SDH links, which are provisioned as point-to-point circuits even in ring topologies. View with Adobe Reader on a variety of devices, View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone, View on Kindle device or Kindle app on multiple devices, Technical Support & Documentation - Cisco Systems. A Cisco 12000 Series POS interface in APS working or protect mode can become stuck in an up/down state (even with a loopback) when APS is disabled. All of the devices used in this document started with a cleared (default) configuration. On reception of an Echo-Request in the LCP Opened state, an Echo-Reply must be transmitted. LCP uses Terminate packets to close the link. from 2960 to 3750 to Core ? This is the symptom of a VLAN interface on the MSFC being down/down. This exchange is complete, and the LCP Opened state entered, once a Configure-Ack packet has been both sent and received. as in example? Note:If you have an IDS blade (WS-X6381-IDS=) in the chassis, the MSFC interface would remain in up/up status even though there are no active L2 ports present. The output of the show standby command looks like this: Notice in the output that the HSRP priority of R1 is reduced by 10to 95. Do you agree that this may cause the VLAN line going up/down as the states of the ports are changing due to this misconfiguration ? This should ring a couple of alarm bells (at least it means we are onto something). Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. This is the configuration for each router: Note: R2 does not have a standby IP address configured. Thanks. From the access switch, the uplink is always up. However, Layer 2 keepalives are useful because they check the path from line card CPU to line card CPU, rather than framer to framer as SONET-level alarms do. The router VLAN interfaces have to fulfill the following general conditions to be up/up: VLAN exists and is in active status on the switch VLAN database. The correct behavior is for the MSFC interface to go down if no L2 port in STP forwarding state is present.