cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1035
Views
0
Helpful
7
Replies

STP/HSRP Failover Question

lamav
Level 8
Level 8

Hey, guys:

Heres the scenario:

I have an L2 access layer switch, dual-homed to a routed core.

Its a non-looped triangle topology. So, there is no L2 between core switches, and the uplinks are L2 trunks. Each access switch supports one vlan -- not spanned to another switch, confined.

So, lets say C1 is the root bridge for vlan 10 and also the HSRP primary for vlan 10. Lets say A1 is running vlan 10.

The uplink to C1 will be the one that passes traffic between A1 and C1. But what if that trunk dies?

What I think would happen is that C2 -- having lost L2 adjacency to C1 -- will declare itself the HSRP primary for vlan 10 and it will also become the root bridge for vlan 10. yes? No?

In that case, how long will it take A1 to failover to the backup link?

My confusion stems from the fact that, since this is a non-looped topology, the backup link between A1 and C2 will not be in a blocked state -- there is no loop. So what will the dependency be regarding failover time?

Lastly, before the failover, will the secondary trunk interface be a "designated port" and will the interface on C2 (facing A1) be a "root port"? I think the answer to both is yes. Yes? No?

I dont have access to my lab to test this out right now and I need an answer.

Thanks, guys

7 Replies 7

Marwan ALshawi
VIP Alumni
VIP Alumni

in general

eventhough the vlans not spaned u need to creat all L@ and L3 vlans on each C1 and C2 because u wanna use HSRP and redundant link in conjunction with STP

so the uplink trunks will be L2

the one going to its primary root will be in forward state the other should be in bloking!!

and here u need a tunk link between C1 and C2 or L3 link two pass state between C switches for HSRP and if u have sitches behined the C switches and u send summary route the linke between the C switches will do the job

and because each A switch has upling to each C swithc and C switches connected together and al have the same vlans this might includ loop and STP will handl it

hope this helpful

Hi,

1) Since we are not spanning the VLAN's across the access switches, their is no need in running STP in this type of network.

2) At any point of time two links will be in active( i.e. Not in Blocking state ).

3) Since we are having only one vlan per access switch, their is no point in having trunk between Access and core switches.

4) When it comes to HSRP, yes we need to run this between Two core Routers for the VLAN's Default gateway redundancy, since the VLAN were not spanned more than one switch in the access layer. No need of connecting two core switches to pass HSRP information. HSRP messages can be passed through the Trunk (or) Access ports of access switch and it will reach the other Core Switch.

5) What happens if a connectivity to One core switch goes down,at that instant the connectivity loss or you term it as delay based on the ARP cache timeout i suppose.

Please Let me know any clarifications in the Above mentioned.

Folks:

Both of you have provided me with some goo d information about architecture and design, but that was not what my questions were about. I am pretty well versed on the different architecture options and the design and implementation requirements of each.

My questions are a lot more specific regarding port states prior to failover and the actual failover scenario and the time it takes to fail over and what it depends on.

The fact of the matter is that STP is being run (not my design, its the clients, although I agree with the approach in general. I would have probably gone with a routed access layer, though.)

Anyway, kindly re-read my original questions and be specific in your answers, if you can.

Thanks

Victor

Jon Marshall
Hall of Fame
Hall of Fame

Victor

I'll try and be more precise :)

C2 should become the HSRP primary because the HSRP is transmitted across the access-layer uplinks.

STP root will also change to C2 for that vlan.

Failover should be instantaneous because there is no STP convergence. Failover will be how long it takes HSRP to shift.

Before failover interface on A1 facing C1 will be root port. Interface on C2 facing A1 will also be a root port. Interface on A1 facing C2 will be a designated port.

Jon

Jon:

I agree 100% with everything.

I just wanted to make sure that the failover time is dependent only on how fast C2 recognizes that its lost Hellos from C1 and declares itself the HSRP primary and begins to respond to ARP requests and takes over the VIP and Vmac.

Just needed a quick sanity check on my analysis...

Thanks

Victor

No problem.

As a side note i never feel comfortable with having to run the HSRP across the access-layer links. Don't know why, just feels wrong for some reason.

Jon

Jon:

I agree. I think it's a less-than-optimal design, but who am I to tell them that? I'm just the lousy slave, I mean consultant! ;-)

You know, what? They dont even have an L3 link between the core switches to facilitate route convergence.

VL

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco