07-10-2008 12:13 AM - edited 03-06-2019 12:07 AM
Hi all,
I work in a small ISP environment, and we are using two Cisco 7200 VXR routers, one as a core router, and the other one as a PPPoE login server.
Both of these are under-utilised at the moment, and we would like to change them so our setup is redundant.
I have done some research and it seems like Virtual Router Redundancy Protocol (VRRP) is the best option, but as far as I can see, it needs to be configured on every interface on both routers, including VLAN sub-interfaces.
As an example, say I merge the config of the two routers so that both functions are handled by one router, then have the config of the second router an exact copy of the main one. Then I would configure VRRP on every interface/subinterface on both routers, as it appears that VRRP works on a per-interface basis.
I was just interested to know if there is a way of creating a sub-interface using maybe a /30 mask for the routers to communicate VRRP changes between themselves, instead of having to configure each interface on the backup router with an IP in the same network as the interface on the main router.
I hope I have explained myself clearly, but if not please do not hesitate to ask for clarification.
Thanks in advance,
Matthew Galea
07-10-2008 12:20 AM
Hi Matthew,
This is not how VRRP works, the two devices will not share the same config, they will have their own, but similiar configs.
Basically you must config either vrrp, or hsrp (the cisco standard) between each lan interface that you want protection on.
EG, you would config ip address .1 on router 1 and .2 on router 2, then you would configure the vrrp/hsrp ip address for this group as say .3, .3 would be the address the your clients would use a the default gateway. The primary router responds to arp requests for this ip etc, and should the primary interface or router itself go down, then the secondary takes over, and starts responding to arps etc.
You can spread the load between the boxes, instead of having all clients use router 1 as primary, etc, you would config router 1 as primary for vlan 10 and router 2 as primary for say vlan 20 and so on.
Here is the link to the Cisco first hop redundancy protocols;
HTH
LR
07-11-2008 01:59 AM
Hi Lee,
Thanks for your reply; it cleared up most of the questions I had about VRRP.
I have one more quick question, and that is, is it possible to use the primary router's interface address as the VRRP group address?
Eg, .1 is the primary router's address, .2 is the backup router's address, but have the backup router take on the .1 address when it fails over?
Kind Regards,
Matt.
07-11-2008 09:22 AM
No, each interface needs its own ip address.
08-05-2008 01:11 AM
Thanks Nick, I can start redesigning our IP subnets!
07-11-2008 02:24 AM
Another question I forgot to ask was, as our router is acting as a PPPoE login server as well, some of the sub-interfaces do not have IP addresses on them. How does VRRP work with these interfaces.
Thanks,
Matthew.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide