05-30-2007 07:45 AM - edited 03-05-2019 04:22 PM
Can you configure HSRP over two interfaces in a single router?
I'm trying to connect a 7204VXR to a Pix 515e failover pair so was hoping to connect each Pix into an Ethernet port on the Router using some sort of redundancy protocol rather than installing an intermediary switch.
I've tried to configure HSRP as follows:
!
interface FastEthernet0/1
description Firewall Outside
ip address 10.10.10.254 255.255.255.0
duplex auto
speed auto
standby 1 ip 10.10.10.1
!
interface FastEthernet4/0
description Firewall Outside Redundant
ip address 10.10.10.253 255.255.255.0
shutdown
duplex auto
speed auto
standby 1 ip 10.10.10.1
!
The Router rejects the standby command for FastEthernet4/0 with the message:
% Address 10.10.10.1 in group 1 - interface FastEthernet0/1
If it's not possible to do this are there any other alternatives than a switch?
Solved! Go to Solution.
05-30-2007 07:51 AM
Configuration of HSRP between two interfaces on the same router is not supported and will not work. One of the restrictions in IOS is that you can not configure two active Ethernet interfaces in the same subnet. And the essence of HSRP is to have two active Ethernet interfaces in the same subnet talking to each other.
If you really want to connect two router interfaces to redundant switches and have the router interfaces back each other up, then you could try configuring bridging on both router interfaces. This would allow both interfaces to be active and Spanning Tree would provide the redundancy. To be able to route traffic from the interfaces you would need to configure IRB with a BVI interface to allow IP traffic from the router interfaces to be routed.
I would not recommend this approach, but it is the way to have both interfaces on the same router back each other up.
HTH,please rate if it does.
-amit singh
05-30-2007 07:51 AM
Configuration of HSRP between two interfaces on the same router is not supported and will not work. One of the restrictions in IOS is that you can not configure two active Ethernet interfaces in the same subnet. And the essence of HSRP is to have two active Ethernet interfaces in the same subnet talking to each other.
If you really want to connect two router interfaces to redundant switches and have the router interfaces back each other up, then you could try configuring bridging on both router interfaces. This would allow both interfaces to be active and Spanning Tree would provide the redundancy. To be able to route traffic from the interfaces you would need to configure IRB with a BVI interface to allow IP traffic from the router interfaces to be routed.
I would not recommend this approach, but it is the way to have both interfaces on the same router back each other up.
HTH,please rate if it does.
-amit singh
05-30-2007 07:58 AM
Thanks for that, Spanning Tree isn't a route I want to go down so I'll have to use an intermediary switch.
02-29-2008 11:02 AM
Not sure why you would recommend not doing this, since it seems to be the only solution that acts as a alternative to wanting HSRP on a single router. I understand the issue with spanning-tree, but its funny how the PIX in code 8.0 supports redundant interfaces. If that is the case, why not put that same functionality into routers. We have been running the bridging idea for over a year at a library and it has worked flawlessly. I would be happy to post a configuration if you like. Just my thoughts
Thanks
03-03-2008 11:17 AM
I wouldn't mind seeing a snippet of code for the bridging configuration. I have a single MPLS router along with a IOS VPN router that I would like to enable redundancy on accross two core switches. Initially I thought I was going to use HSRP on the same router. After reading this post as well as performing other research, I see that this won't work as planned.
Matt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide