cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6167
Views
15
Helpful
7
Replies

Same HSRP Groups on multiple physical interfaces

oukpaka
Level 1
Level 1

Hi

I have a client configs that currently working with HSRP on 2 LAN gateway switches.

Differently interface VLans have been configured on these switches.

Now, what strikes me is that all the interface Vlans on these gateway switches have been configured for the same HSRP groups thpough the ip addresses pairs are in different subnets

What could be the possible drawback on this???

1 Accepted Solution

Accepted Solutions

Hi:

The formulation of an HSRP virtual MAC-address, which corresponds to the virtual IP address of an HSRP group, is a function of the group number.

The template is 0000.0c07.acXX, where "XX" represents the two hexadecimal digits that represent the group number.

So, if under vlan 10's SVI you have "standby 100" configured, the virtual MAC-address will be "0000.0c07.ac64." The hexadecimal equivalent of decimal 100 is 64.

This is what is meant when the Cisco website says that "they share the same HSRP virtual MAC address" when referring to multiple vlan interfaces with the same standby group assigned to it.

Given that, it is true that if you configure vlan 11, 12, 13, 14 and so on with the same group number, the same virtual MAC-address will be used.

This does not cause a problem, even though the same MAC-address is going to be returned in an ARP response for every group that uses the same group number, because the ARP query and response are bound by the L2 broadcast domain of the vlan. So, too, are all L2 communications within the vlan.

Therefore, when a host on a given vlan inserts MAC-address 0000.0c07.ac64 as the destination host address, it will only be forwarded to the standby address of that vlan because MAC-addresses only have significance within the vlan.

HTH

Victor

View solution in original post

7 Replies 7

davy.timmermans
Level 4
Level 4

When you define the same HSRP group ID on multiple interfaces, they share the same HSRP virtual MAC address. In most modern LAN switches, there are no issues because they maintain a per-VLAN MAC address table. However, if your network contains any third-party switches, which maintain a system wide MAC address table regardless of VLAN, you can experience problems. If VLANs are not specified to a HSRP group, the VLANs default to Group

source:

http://www.cisco.com/en/US/products/hw/switches/ps700/products_qanda_item09186a008011c6bb.shtml#q5

Hi:

The formulation of an HSRP virtual MAC-address, which corresponds to the virtual IP address of an HSRP group, is a function of the group number.

The template is 0000.0c07.acXX, where "XX" represents the two hexadecimal digits that represent the group number.

So, if under vlan 10's SVI you have "standby 100" configured, the virtual MAC-address will be "0000.0c07.ac64." The hexadecimal equivalent of decimal 100 is 64.

This is what is meant when the Cisco website says that "they share the same HSRP virtual MAC address" when referring to multiple vlan interfaces with the same standby group assigned to it.

Given that, it is true that if you configure vlan 11, 12, 13, 14 and so on with the same group number, the same virtual MAC-address will be used.

This does not cause a problem, even though the same MAC-address is going to be returned in an ARP response for every group that uses the same group number, because the ARP query and response are bound by the L2 broadcast domain of the vlan. So, too, are all L2 communications within the vlan.

Therefore, when a host on a given vlan inserts MAC-address 0000.0c07.ac64 as the destination host address, it will only be forwarded to the standby address of that vlan because MAC-addresses only have significance within the vlan.

HTH

Victor

Victor

Being serious for once this is an excellent answer and deserves a rating.

Now the only question is should i rate it 1 or 5 ? - hmmmm

Jon

You;re a regular riot, there, buddy! ...lol

Thanks

Seriously though it was meant as a compliment.

I know....its all good. :-)

Joseph W. Doherty
Hall of Fame
Hall of Fame

Just a footnote, you can have more than one subnet per shared media (or VLAN), altough not as common today because of VLANs.

Having duplicate MACs, whether reusing HSRP groups or using hosts with LAA, is something you should avoid.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco