HSRP Implementation

Unanswered Question
Feb 27th, 2008
User Badges:


HI,

We had a plan of deploying HSRP as the redundancy protocol, i need to know that in our network we have got 2 cisco core router which is connected to two different ISP for the intenet.


My question,is it possible to run a HSRP when we have two different ISP for the internet


If yes can you tel me how we can deloy that


Thanks in advance

Vinoth

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
shivlu jain Wed, 02/27/2008 - 06:53
User Badges:
  • Silver, 250 points or more

Hi Vinoth


HSRP will work in your domain it has nothing to do with the service proper. You can use hsrp by creating two groups and set the priority of the groups and make one is primary for one group and second is primary for another.With this you can use the load balacing and even if one of the SP fails another will be shifted to the secondary ISP.

If you are using L3 switches then you can use the MSTP + HSRP for load balancing.





interface Vlan1

ip address 1.24.24.1 255.255.255.0

ip route-cache flow

load-interval 30

standby 253 ip 10.240.248.253

standby 253 priority 255

standby 253 preempt

standby 253 authentication xxxxx

standby 253 name Odd_Vlans

standby 254 ip 1.24.24.254

standby 254 priority 200

standby 254 preempt

standby 254 authentication xxxx

standby 254 name Even_Vlans

!

interface Vlan2

ip vrf forwarding DCINTERNET

ip address 203.124.20.129 255.255.255.248

no ip redirects

ip route-cache flow

standby 253 ip 1.1.1.130

standby 253 priority 255

standby 253 preempt

standby 253 authentication xxxx

standby 253 name Odd_Vlans_2

standby 254 ip 1.1.1.131

standby 254 priority 200

standby 254 preempt

standby 254 authentication xxxx

standby 254 name Even_Vlans_2



regards

shivlu

lamav Wed, 02/27/2008 - 07:28
User Badges:
  • Blue, 1500 points or more

Shivlu:


Interesting appraoch.


May I make a suggestion that you elaborate a bit on the appraoch instead of just posting it?


Maybe you can explain why you have 2 HSRP groups configured under each vlan interface and go through the packet flow...


Perhaps even posting a comment for each configuration line (at least for one of the groups) so that we can understand why you are entering the specific commands...



It would be a lot more helpful.


Thanks


Victor



lamav Wed, 02/27/2008 - 06:54
User Badges:
  • Blue, 1500 points or more

Vinoth:


HSRP is a Cisco default gateway redundancy protocol to be used by devices on your LAN to communicate outside their vlan. Instead of having the devices point to the default gateway of one of the routers, you will point the hosts to a virtual IP address for that vlan, which will be hosted by both routers, although only one of them will be the Active one and actually process and forward traffic. The other will be put in Standby.


So, the WAN connection of the routers that will be hosting the HSRP environment is in and of itself insignificant.


I'm sure you will want to deploy a WAN interface tracking scheme, though, to ensure that your Internet traffic doesn't get black-holed in the event that the ISP connection for your active HSRP router fails.


Did I answer your question?


If so, please rate this post.


Victor

John Patrick Lopez Wed, 02/27/2008 - 07:02
User Badges:

Hi,


You can try to use GLBP instead of HSRP if your router supports it. With HSRP, you need to define two groups so both of the ISPs can be utilized. GLBP works exactly like HSRP but GLBP distributes the traffic between the two GLBP routers. This way, a single default gateway from your internal network is necessary instead of defining two. Here's the link for GLBP.


http://cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html


Hope this helps.


Regards,

John

s.ganguly Wed, 02/27/2008 - 07:27
User Badges:

Hi Vinoth,


As suggested by others, HSRP is a Cisco proprietory protocol. Basically, as larmov says, it allows you redundancy. One router stays at active mode and does the actual work. the other stays at passive mode and takes over once the active either goes down or connectivity to it gets disrupted. How long the passive shallw ait before it takes over can be configured statically. Whichever router has a higher priority takes over as the active router.

Basically, HSRP creates a Phantom router with a virtual mac-address ( format is 0000.0C07.ACnn, where nn is the hex HSRP group) and a virtual IP Address.


Following are some of the properties of HSRP from Cisco's Documentation ( Wendell Odom et. al.):


■ Virtual IP address and virtual MAC active on the Master router

■ Standby routers listen for Hellos from the Active router, defaulting to a 3-second hello interval

and 10-second dead interval

■ Highest priority (IOS default 100, range 1-255) determines the active router, with pre-emption

disabled by default

■ Supports tracking, whereby a router's priority is decreased when a tracked interface fails. Default tracking penalty is 10. can be statically configured.

■ Up to 255 HSRP groups per interface, enabling an administrative form of load balancing

Virtual MAC of 0000.0C07.ACxx, where xx is the hex HSRP group

■ Virtual IP address must be in the same subnet as the routers' interfaces on the same LAN

■ Virtual IP address must be different from any of routers' individual interface IP addresses


As suggested by someone else, you can also consider GLBP if load-balancing is a concern in your network. GLBP is also a Cisco-proprietary tool that adds load-balancing features in addition to gateway redundancy

features.Hosts still point to a default gateway IP address, but GLBP causes different

hosts to send their traffic to one of up to four routers in a GLBP group. To do so, the GLBP Active

Virtual Gateway (AVG) assigns each router in the group a unique virtual MAC address, following

the format 0007.B400.xxyy, where xx is the GLBP group number, and yy is a different number for

each router (01, 02, 03, or 04). When a client ARPs for the (virtual) IP address of its default

gateway, the GLBP AVG replies with one of the four possible virtual MACs. By replying to ARP

requests with different virtual MACs, the hosts in that subnet will in effect balance the traffic

across the routers, rather than send all traffic to the one active router.


Configuration example of all of the above is available from Cisco's CCO.


Hope this helps

¨

Cheers


santanu




vinoth.kumar Tue, 03/04/2008 - 05:24
User Badges:

Hi,


I need a suggestion from expert that, we are in move to deploy the TWO CISCO router on te core connecting to ISP. Each one is connected to different ISP and we need a redunancy in that.


My question is as you said before we can use GLBP as the failover and load balancing protocol in that, but However we can also want to establish a VPN tunnel to one of our office in UK


How i can establish VPN when we using GLBp as the load balancing protocol


Whether we have to give one indiviual link to VPN or to have other option


Please suugest me for the above issue

Actions

This Discussion