HSRP question

Answered Question
Mar 4th, 2008

Quick question....can you set up HSRP on a WAN interface, one frame relay and the other ISDN line or is this for only ethernet?

I have this problem too.
0 votes
Correct Answer by Richard Burts about 8 years 9 months ago

Warren

HSRP works on LAN/Ethernet interfaces. It does not work on Frame Relay or ISDN interfaces.

HTH

Rick

Endorsed by Peter Paluch
Jan Hrnko about 4 years 1 month ago

Hi Kuldeep,

just to make things clear for you. This is scenario where you would use HSRP/VRRP/GLBP. The idea behind these protocols is the same but the way in which they function is slightly different. But don't become confused by that!

Look at this scenario. There are 2 routers on the same network and they are interconnected through switch. Hosts (PCs, Laptops) are connected through switch as well. To access the Internet, they have to have some default gateway ( i.e. Router). But which router they should use? There are two of them!

If you manually configure hosts to use only Router 1, Router 2 will be unused. And what if Router 1 fails? Router 2 could be backup because he also knows how to get to the internet, but how? Well, this is the time when HSRP/VRRP/GLBP (FHRP protocols) comes to play.

One more thing. The family of these protocols is called FHRP (First hop redundancy protocol)  and that should be enough to understand their purpose. They simply  provide redundancy of first hop from the view of host - therefore they  provide redundancy of default gateway.

When you configure these two Routers with any of these FHRP they will use ONE virtual IP address which you configure hosts to use and when one of the Router fails, the other will forward the traffic. In addition - you can configure it in such manner that Routers will keep an eye on the serial interface as well (track interface command) and when it comes down, the other Router will forward the traffic. This is handy because otherwise the FHRP would work only when the whole Router (or fa0/0) comes down. It would not detect any failure, hosts would send packet to this Router and Router, which serial interface is down, would drop the packets.

I hope that will make it more clear to you. So you only configure redundancy for hosts IN THE SAME NETWORK to the routers IN THE SAME NETWORK - 192.168.0.0/24 in my example. You CANNOT configure redundany like this between DIFFFERENT NETWORKS. The concept of FHRP is not designed to solve these kind of problems...

Best regards,

Jan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (9 ratings)
Loading.
Correct Answer
Richard Burts Tue, 03/04/2008 - 13:14

Warren

HSRP works on LAN/Ethernet interfaces. It does not work on Frame Relay or ISDN interfaces.

HTH

Rick

Richard Burts Tue, 03/04/2008 - 13:30

Warren

I am glad that my answer was helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It helps make the forum more useful when people can read a question and can know that they will read a response which did resolve the question.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

Pulikkal Sekhar... Sun, 10/14/2012 - 00:04

No .it won't work on serail interfaces

The protocol is    designed for use over multi-access, multicast or broadcast capable
   LANs (e.g., Ethernet).

Link : http://tools.ietf.org/html/rfc2281

/Raju
Peter Paluch Sun, 10/14/2012 - 01:07

Hello,

Use a routing protocol instead of HSRP. If the handoff is a serial interface then it is supposed to be plugged into a router anyway, and the router should support routing protocols. HSRP is not to provide redundancy between routers - HSRP provides redundancy of the default gateway for PCs that don't speak routing protocols. If PCs spoke routing protocols, HSRP would not be necessary, and if you connect routers using serial interfaces, you don't need HSRP by definition.

Best regards,

Peter

Kuldeep singh Sun, 10/14/2012 - 01:33

Hi Peter,

1) You mean to say, HSRP not support on Serial Port. am i right ?

Second thing, Plz see given below diagram and queries related to it:

2) In Figure A, we can not configure HSRP as you stated in the post. am i right ?

3) In Figure B, what will happen in this scenerio, here can we configure HSRP or not ?

4) If figure B,

    if we are using L3 Switch(3560) then need to be configure HSRP

    if we are using L2 Switch(2960) then need to be configure GLBP

   am i right or wrong ?

Note:  i do not want to use any kind of Routing protocols

Attachment: 
Peter Paluch Sun, 10/14/2012 - 01:48

Hi Kuldeep,

1) You mean to say, HSRP not support on Serial Port. am i right ?

That is correct.

2) In Figure A, we can not configure HSRP as you stated in the post. am i right ?

Yes, that is correct. You can not use HSRP, VRRP or GLBP to provide redundancy for Router3.

3) In Figure B, what will happen in this scenerio, here can we configure HSRP or not ?

Assuming that the Cisco switch in the middle is operating as a Layer2 switch between routers 1 and 2, you can configure HSRP, VRRP or GLBP on both routers. However, this protocol is not going to provide redundancy for routers 1 and 2 but rather for client PCs connected to the switch. Remember: redundancy protocols like HSRP, VRRP or GLBP provide gateway redundancy for end hosts, not for routers on which they are running.

4) If figure B,

    if we are using L3 Switch(3560) then need to be configure HSRP

    if we are using L2 Switch(2960) then need to be configure GLBP

This is not correct. You are putting unrelated things together. If you want to run any gateway redundancy protocol, be it HSRP, GLBP or VRRP, the routers running this protocol must be in the same broadcast domain and hence in the same IP network. That it turn means that regardless of whether the switch is L3 or L2, it must be configured so that the routers can see themselves on the same network. If the switch is operating on L3 and actually divides the routers into two separate IP networks, then the routers do not see each other directly anymore and cannot backup themselves using any of these gateway redundancy protocols.

Best regards,

Peter

Kuldeep singh Sun, 10/14/2012 - 02:47

Hi Peter,

4) I am unable to understand the difference between HSRP and GLBP.

    I had read that HSRP works on L3 and GLBP works on L2,

    HSRP support multi gateway nut GLBP support single?

    Plz give simple example so that i can understand.

    http://www.ciscoconsole.com/lan-man/hsrp-vrrp-glbp/comparison-and-difference-between-hsrp-vrrp-and-glbp-protocols.html/

5) In Routing Protocols(RIP/OSPF/EIGRP),  can we configure these

    types of protocols without any restriction of Serial or ethernet port.

Peter Paluch Sun, 10/14/2012 - 03:18

Hi Kuldeep,

4) I am unable to understand the difference between HSRP and GLBP.

    I had read that HSRP works on L3 and GLBP works on L2,

    HSRP support multi gateway nut GLBP support single?

    Plz give simple example so that i can understand.

I do not think that attributing HSRP or GLBP to L2 or L3 is a good approach. Basically, all three protocols - HSRP, VRRP and GLBP - operate on L3. Their main purpose is to make a group of routers in the same IP network appear as a single virtual router. Clients in this network use the IP address of this virtual router as their default gateway. Should the currently active router from this group fail, it will be transparently replaced by a different router while maintaining the same virtual IP address so that clients do not notice any change.

HSRP and VRRP are very similar. They both elect a single router from the group of routers that is the current owner of the virtual IP address and is the actual router that takes care of performing the default gateway functions. HSRP calls this router the Active router, VRRP calls it the Master. Other routers in the group monitor whether the Active/Master router still lives, and if not, they will elect a new Active/Mater router. However, the other routers are not being used as default gateways. That means that although you have multiple routers in your network, only one of them is actually doing all the data-forwarding work, and the others merely wait if they ever need to replace him. HSRP is a Cisco-proprietary protocol while VRRP is an open protocol but they both work quite similarly and produce very similar results.

The GLBP is a protocol that tries to utilize multiple routers in the same network at once. When deploying GLBP, up to 4 routers can be made forwarding, thereby splitting the load. This is the main difference between GLBP and the other two protocols: the GLBP utilizes multiple routers at once while HSRP and VRRP always make only a single router the active router. Let's not discuss the technical details how this is done - I believe at this point, the details are not necessary.

I see several technical inaccuracies in the article on ciscoconsole.com you have linked:

  • VRRP is not an IEEE standard - it is an IETF RFC.
  • All three protocols can be considered as working on OSI L3. In particular, GLBP is not an L2 protocol. On the contrary, the GLBP is built on top of HSRP (basically, it is a multi-instance HSRP with additional control plane). How can then GLBP be L2 if HSRP is L3?
  • The preemption for GLBP is incorrectly described although I do not want to discuss the gory details at this point.

5) In Routing Protocols(RIP/OSPF/EIGRP),  can we configure these

    types of protocols without any restriction of Serial or ethernet port.

Yes, that is correct. These protocols run over every interface capable of carrying IP packets. The protocols may behave slightly differently depending on whether they run over a point-to-point or multiaccess interface but the bottom line is that you can run routing protocols over every interface that can carry IP traffic.

Best regards,

Peter

Kuldeep singh Sun, 10/14/2012 - 04:03

Hi Peter,

This is my single location network diagram with router:

simple diagram.JPG

Now i want to configure HSRP for this Location with remote locations,

Plz describe this concept in two cases given below:

( explain through rough diagram)

1. Between two location (existing + other)

2. Between three location (existing + other two)

as per your statement, I need to remove Router from my location.

But after remove router, how i will access interent in LAN ?

Peter Paluch Sun, 10/14/2012 - 05:02

Hello Kuldeep,

I do not understand what you are trying to achieve here. If I understand your topology correctly, each VLAN in which you could deploy the HSRP has only a single physical router - I assume it is the Cat3560. Without two or more routers in a single VLAN, you have no group of routers to deploy HSRP on. There is no physical redundancy in this network so you cannot configure a logical redundancy protocol...

as per your statement, I need to remove Router from my location.

This must be a misunderstanding - I do not recall making such a statement. I have probably indicated that if a particular network, i.e. a VLAN, is to be served by HSRP, it must be a single broadcast domain so no router must be splitting it into two.

Best regards,

Peter

Kuldeep singh Sun, 10/14/2012 - 05:22

Hi Peter,

This is my existing diagram and do not have any kind of HSRP

configuration.This diagram indicates only existing location

where i have one router, one cisco 3560 sw, eight cisco 2960 switch

only. Plz do not understand that it is diagram for two locations.

Now we are planning to connect two other location with this location.

I said before that you explain me according to yourself, you can take

your own example with rough diagram.

So how can i use HSRP ?

Peter Paluch Sun, 10/14/2012 - 16:23

Hi Kuldeep,

So how can i use HSRP ?

You would need to have two 3560, create VLANs and configure SVIs on both 3560, assign unique IP addresses to both 3560 in each VLANs and subsequently, in each VLAN, you would configure both 3560 for HSRP operation. In addition, the second 3560 would need to also have its own connectivity to other networks (internet etc.) to actually be capable of providing a working default gateway.

So for example (VLANs and addresses are totally invented and not related to your network):

3560-1:

interface Vlan11

ip address 10.0.11.1 255.255.255.0

standby 11 ip 10.0.11.254

standby 11 priority 110

standby 11 preempt

!

interface Vlan12

ip address 10.0.12.1 255.255.255.0

standby 12 ip 10.0.12.254

standby 12 priority 110

standby 12 preempt

!

interface Vlan13

ip address 10.0.13.1 255.255.255.0

standby 13 ip 10.0.13.254

standby 13 preempt

!

interface Vlan14

ip address 10.0.14.1 255.255.255.0

standby 14 ip 10.0.14.254

standby 14 preempt

3560-2:

interface Vlan11

ip address 10.0.11.2 255.255.255.0

standby 11 ip 10.0.11.254

standby 11 preempt

!

interface Vlan12

ip address 10.0.12.2 255.255.255.0

standby 12 ip 10.0.12.254

standby 12 preempt

!

interface Vlan13

ip address 10.0.13.2 255.255.255.0

standby 13 ip 10.0.13.254

standby 13 priority 110

standby 13 preempt

!

interface Vlan14

ip address 10.0.14.2 255.255.255.0

standby 14 ip 10.0.14.254

standby 14 priority 110

standby 14 preempt

Best regards,

Peter

Kuldeep singh Sun, 10/14/2012 - 22:33

Hi Peter,

1) You mean to say, i do not need to remove router from

    my existing location, only Cisco L3 switch will be

    required at second location and not need of Router

    at second location ? Plz just sketch a diagram

2) As we discussed earlier, HSRP does not work with

   serial port but cisco does allow. plz see given

   questions of this URL FAQ section:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_q_and_a_item09186a00800a9679.shtml#q3

Q. When an active router tracks serial 0 and the serial

    line goes down, how does the standby router know to

    become active?

Q. Based on the documentation, it looks like I

   can use HSRP to achieve load-balancing across

   two serial links. Is this true?

3)  As you stated in this post that " HSRP is not to provide

    redundancy between routers - HSRP provides redundancy

   of the default gateway for PC's ".  What does mean of this line ?

   i had read many articles that HSRP used for Router

   redundancy but you are denied ???

Jan Hrnko Mon, 10/15/2012 - 03:49

Hi Kuldeep,

just to make things clear for you. This is scenario where you would use HSRP/VRRP/GLBP. The idea behind these protocols is the same but the way in which they function is slightly different. But don't become confused by that!

Look at this scenario. There are 2 routers on the same network and they are interconnected through switch. Hosts (PCs, Laptops) are connected through switch as well. To access the Internet, they have to have some default gateway ( i.e. Router). But which router they should use? There are two of them!

If you manually configure hosts to use only Router 1, Router 2 will be unused. And what if Router 1 fails? Router 2 could be backup because he also knows how to get to the internet, but how? Well, this is the time when HSRP/VRRP/GLBP (FHRP protocols) comes to play.

One more thing. The family of these protocols is called FHRP (First hop redundancy protocol)  and that should be enough to understand their purpose. They simply  provide redundancy of first hop from the view of host - therefore they  provide redundancy of default gateway.

When you configure these two Routers with any of these FHRP they will use ONE virtual IP address which you configure hosts to use and when one of the Router fails, the other will forward the traffic. In addition - you can configure it in such manner that Routers will keep an eye on the serial interface as well (track interface command) and when it comes down, the other Router will forward the traffic. This is handy because otherwise the FHRP would work only when the whole Router (or fa0/0) comes down. It would not detect any failure, hosts would send packet to this Router and Router, which serial interface is down, would drop the packets.

I hope that will make it more clear to you. So you only configure redundancy for hosts IN THE SAME NETWORK to the routers IN THE SAME NETWORK - 192.168.0.0/24 in my example. You CANNOT configure redundany like this between DIFFFERENT NETWORKS. The concept of FHRP is not designed to solve these kind of problems...

Best regards,

Jan

Peter Paluch Mon, 10/15/2012 - 07:02

Hello Jan,

This is an awesome answer! Rated as deserved.

Best regards,

Peter

Kuldeep singh Mon, 10/15/2012 - 08:29

Hi Jan,

First of all, thnx for nice explanation.

But still i have confusion with some points:

1) what do you want to explain through these lines

    (Red highlighted), plz explain in simple way.

    Does HSRP work on Serial port,

    Can i replace s0/0 Wan port with FE port:

Routers will keep an eye on the serial interface as

well (track  interface command) and when it comes down,

the other Router will forward  the traffic. This is handy

because otherwise the FHRP would work only  when

the whole Router (or fa0/0) comes down. It would not

detect any  failure, hosts would send packet to this Router

and Router, which serial  interface is down, would drop the packets.

2) Can i use other method like Floating static route with

    AD (administrative distance) at place of HSRP

    in your attached diagram. If yes, then what is basic

    functionality difference between them ?

3)  @PETER stated :

    HSRP is not to provide redundancy between routers -

    HSRP provides redundancy of the default gateway for PC's ". 

    What does mean of this line ? But we are performing

    redundancy with two router here ( like as your attached diagram) ?

Jan Hrnko Mon, 10/15/2012 - 10:56

Hi Kuldeep,

you're welcome!

1) what do you want to explain through these lines

    (Red highlighted), plz explain in simple way.

    Does HSRP work on Serial port,

    Can i replace s0/0 Wan port with FE port:

No, HSRP don't work on serial port simply because there are no hosts on this segment. You don't need to provide gateway redundancy to the other router, just hosts. Router does not need gateway , it uses routing table. Users - hosts do need gateway - and FHRP protocols are designed for them. So in my picture: HSRP works only at the green area - which is one IP network subnet 192.168.0.0/24.

HSRP will not work between different colour areas - simply because HSRP cannot function in different IP networks, it has to be one and the same!!!

Routers will keep an eye on the serial interface as

well (track  interface command) and when it comes down,

the other Router will forward  the traffic. This is handy

because otherwise the FHRP would work only  when

the whole Router (or fa0/0) comes down. It would not

detect any  failure, hosts would send packet to this Router

and Router, which serial  interface is down, would drop the packets.

Once again, look a my diagram. I will provide basic HSRP configuration to tell you what I meant.

R1(config)#interface fastethernet0/0<br/> R1(config-if)#ip address 192.168.0.2<br/> R1(config-if)#standby 1 ip 192.168.0.1<br/>
R2(config)#interface fastethernet0/0<br/> R2(config-if)#ip address 192.168.0.3<br/> R2(config-if)#standby 1 ip 192.168.0.1

In such case, Router2 will become active(forwarding) and Router1 will become standby router.

If Router2 fails for some reason(or fa0/0 fails) Router1 will not be able to contact it and will assume that Router2 is down.

Therefore Router1 will start to forward traffic instead of Router2. That is classic HSRP behaviour.

But what about this: Router2 is active router. Router1 is standby.

Router's 2 serial interface will come down. HSRP won't notice anything, all the traffic from hosts will be forwarded to Router2 although it's interface leading to internet (s0/0/0) is down! HSRP won't notice change because it communicates through LAN 192.168.0.0/24 and there is everything just fine.

In such case we can use the standby 1 track Serial0/0/0 on both routers. This command will keep an eye on the serial interface and in case of outage, the other router with functional link towards the internet will become the active router. That is what I meant with that red highlighted part. For more information please look here:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094e8c.shtml

But it does not mean that HSRP then works on serial interface! Not at all! It just checks the interface for functionality. All of the HSRP messages are still exchanged only through the same IP network 192.168.0.0/24 in this case. HSRP cannot communicate through different IP networks, because its messages are not routed, they are only local to some LAN !

2) Can i use other method like Floating static route with

    AD (administrative distance) at place of HSRP

    in your attached diagram. If yes, then what is basic

    functionality difference between them ?

Floating static route is a way to provide ROUTE BACKUPs, not First Hop redundancy to hosts! So these are two different things.

I see your confusion as you are placing these two completely different things side to side. Backing up routes or route redundancy does nothing to do with gateway redundancy for hosts!

If the route towards internet on Router1 or Router2 is lost or not present, HSRP will not find out!!! It only looks if the device in still there. In case of the track command that I have shown you - HSRP will look if the interface is up and running - but will not find out if the Router has no route to Internet!!!

3)  @PETER stated :

    HSRP is not to provide redundancy between routers -

    HSRP provides redundancy of the default gateway for PC's ". 

    What does mean of this line ? But we are performing

    redundancy with two router here ( like as your attached diagram) ?

I cannot explain in better than Peter. Trust me . He is the best amongst the best. I can try however write it in my own way.

Yes, there are two routers. But these routers are used as default gateways for users in this network. They are simply the first L3 device on the way out from the network (First hop). If any host in network 192.168.0.0/24 wants to communicate with Internet, all the packets are sent to one of these routers. But to which one? Only one of this router can be DEFAULT GATEWAY for host. If you look at the internet connection in your PC, there is IP address, IP mask and Gateway address. We are talking here about the last thing.

The idea behind having 2 routers in this topology is to provide default gateway redundancy to hosts. If one router fails, users will still be able to communicate with outside world thanks to HSRP! They won't be able to do it without HSRP simply because computer can use only ONE default gateway. But how do you tell the PC to change it if it fails? You simply cannot.

Remember that Router1 has IP address 192.168.0.2, Router2 has IP address 192.168.0.3

But PC can't have these 2 addresses configured as default gateway at one time!

HSRP will configure two routers with same VIRTUAL IP address 192.168.0.1 in this case.

PC will be configured with 192.168.0.1 as default gateway and that solves the problem!

HSRP will take care of which of the routers will forward the traffic for real.

Hope that helps a little.

Best regards,

Jan

Kuldeep singh Mon, 10/15/2012 - 11:26

Hi Jan,

That is what i am looking for....Finally

I would like to give you 100 out of 100

Thnx to peter also

KS

Kuldeep singh Mon, 10/15/2012 - 12:37

Hi Jan,

I forget to ask something thing to you :

1) your diagram have only two wan link, does HSRP works

    only on 2 wan link, suppose i have 3 wan link.

    then what i will do in that case ?

2) How GLBP differ from HSRP ? plz give me simple ex.

3) i feel that answer of this post is wrong, check once

    https://supportforums.cisco.com/thread/159280

Jan Hrnko Mon, 10/15/2012 - 13:03

Hi Kuldeep,

I forget to ask something thing is that your diagram have only two wan link,

does HSRP work only on 2 wan link, suppose i have 3 wan link.

then what i will do in that case ?

Because HSRP does not really interact with WAN links, they just can be monitored by the track command, you can have as many WAN links on these routers as you want. Doesn't really matter. Also, there could me more than 2 routers in HSRP/GLBP group.

second thing, How GLBP differ from HSRP ? plz give me simple ex.

Well. I'll try to simplify things, but there are more differences if you  dig more into these things.

Both HSRP and GLBP are cisco proprietary protocols.

HSRP is much older, from year 1994.

GLBP is from year 2005.

GLBP supports more groups (1024) than HSRP (16).

GLBP can load balance traffic amongst routers in GLBP group, HSRP does not load balance.

HSRP can track interfaces or objects. GLBP tracks interfaces and objects as well.

There are more differences, but these are the main I suppose. So as you see, GLBP is better option - if available on your devices.

Hope that helps.

Best regards,

Jan

Message was edited by: Jan Hrnko

ciscoamit_497 Sun, 10/14/2012 - 01:53

Kuldeep,

In both cases, you can use the HSRP, But there are few exceptions..like for fig A--

You both upper routers are connected with a ethernet port with downstream router then you can configure the HSRP otherwise not...but this kind of design is not good for HSRP configuration.

Fig B

In this situation you can use both L2 or L3 switch to configure the HSRP or GLBP, watever u want.

But you have so many SVIs on L3 switch then you should enable the IP routing on MLS switch and configure a default static route that should be point towards the Virtual IP.

Then you will no need to configure any Dynamic routing protocol for the same...

Regards,

Amit

Hope this would be helpful to u....

**************Please dont forget to rate the helpful Ans**********

Peter Paluch Sun, 10/14/2012 - 01:59

Hello Amit,

You both upper routers are connected with a ethernet port with downstream router then you can configure the HSRP

Actually, this would not work. The prerequisite for HSRP (and the other protocols as well) is that both routers running HSRP can hear each other directly so that they can backup themselves in a single network. This requirement is not met in Figure A - the routers 1 and 2 are split by router 3 and do not see/hear each other. They are in different IP networks. As HSRP/VRRP/GLBP always runs inside a single IP network, not above or across IP networks, the situation in Figure A is totally unsuitable for any of these protocols.

Best regards,

Peter

ciscoamit_497 Sun, 10/14/2012 - 01:55

Hi Warren,

You can't configure HSRP on any WAN interfaces. But you can track it using track config.

Regards,

Amit

******Please rate helpful info*******    

Jan Hrnko Mon, 10/15/2012 - 11:33

Hi Kuldeep,

I am very glad to hear that! Thank you!

Best regards,

Jan

Jan Hrnko Mon, 10/15/2012 - 13:27

Hi Kuldeep,

What do you think is wrong? Please don't hesitate to tell me.

Yes thank you there was a mistake GLBP can also track interfaces, I have mistaken that part for VRRP which can track only objects. If you have any more doubts, please let me know.

Best regards,

Jan

Jan Hrnko Mon, 10/15/2012 - 13:45

Hi Kuldeep,

that post is right. I think that there is just confusion made by this statement:

with HSRP , more than one gateway should be used for the traffic get  loadbalanced but with GLBP no need to have multiple Gateways.....

The author of this post simply means that you should configure more than 1 HSRP group to achieve "load balancing" of the traffic. That some hosts (for example from some vlan10) will be in one HSRP group, other group of hosts

(vlan20) will be in other HSRP group. In this configuration Router1 could be Active for vlan10 and Standby for vlan20. Router2 could be Acive for vlan20 and Standby for vlan10. So - some kind of "load balancing" of traffic occurs.

But it is not the same load balancing that GLBP uses by default with no additional configuration. GLBP can simply use multiple Routers to forward traffic (there is not just one Active router as in HSRP, but more of them).

Best regards,

Jan

Kuldeep singh Tue, 10/16/2012 - 06:02

Hi Jan,

What i understand through this Discussion, i just want

to tell you plz correct me if i am wrong:

1. HSRP/VRRP/GLBP => It is used for LAN side redundancy

    ( as you shown with green colour in diagram)

2. IP SLA / PBR / Floating static route=> It is used for

    WAN side redundancy ( shown as blue and orange colour).

Second thing,

I want to configure HSRP for LAN side Redundancy and

IP SLA for WAN side redundancy in same Network like

as your attached colourful diagram. is it possible ?

Jan Hrnko Tue, 10/16/2012 - 06:37

Hi Kuldeep,

What i understand through this Discussion, i just want

to tell you plz correct me if i am wrong:

1. HSRP/VRRP/GLBP => It is used for LAN side redundancy

    ( as you shown with green colour in diagram)

Exactly! Very good!

2. IP SLA / PBR / Floating static route=> It is used for

    WAN side redundancy ( shown as blue and orange colour).

Yes, kind of. But to answer this completely, we would have to start a new thread . So I will pick up just some of the basic things.

IP SLA - This is an monitoring tool. Cisco IOS IP SLAs can be used to verify whether a network element (e.g., IP address or an open TCP port), is active and responsive. So it monitors IP address for example and can take some action if it is unavaible : for example, remove statically defined route to this destination from routing table ecc.

IP SLA is handy in a situation when your routes are dependent on some devices that is outside your network and you have no control of it, no routing protocols are defined between you and this device. This can be for example some devices inside your ISP network that you have no control of.

PBR - This feature can provide many benefits. One of the most obvious is load-sharing or load-balancing. It can also route packets based on their source address.

Float static route - This one can be used for redundancy as you said - configuring them as an backup alternative to some current routes.

Hope that helps a little.

Best regards,

Jan

Richard Burts Tue, 10/23/2012 - 09:37

KS

HSRP can not run on serial WAN interfaces. But HSRP may want to react to changes in the WAN interface even though it is not actually running on the WAN interface. Let me suggest a simple example to show what this means.

Assume that you have a LAN. And on that LAN are two routers (routerA and routerB). You want to run HSRP on the LAN interface of routerA and of routerB to provide redundancy for users connected on the LAN. Also assume that routerA has one WAN interface that is faster than the one WAN interface of routerB. So you may want to set the priority of HSRP in routerA so that it is the active router in HSRP. In this case user traffic from the LAN will use routerA as the next hop and will access the outside using the faster interface.

But what would happen if the WAN interface of routerA goes down? If routerA is still the active router in HSRP then user traffic will use routerA as the next hop. And it would work this way but it would not be efficient because traffic from the user would go to routerA which would forward it to routerB which would forward it to outside. It would be nice if routerA would give up being active if its WAN interface goes down so that routerB could become active and traffic will take the more efficient path.

That is what track does for HSRP. If HSRP on routerA tracks its WAN interface and if the WAN interface goes down then routerA lowers its HSRP priority and allows routerB to become active.

HTH

Rick

Actions

This Discussion