HSRP and non-Cisco Switches

Answered Question
Oct 16th, 2009

Hi everyone,

I just wanted to ask you about HSRP interoperating with non-Cisco switches.

I got two Cisco 2800s with four different interfaces (3x FastEth, 1x ISDN).

HSRP will be configured for three of them (the fourth is an ISDN connection, and as far as I know, HSRP does not work with ISDN interfaces).

Well, the both routers will be connected in each network to a non-cisco switch (i proposed Catalyst, but the Boss said it had to be with unmanaged D-Link).......

My question is:

- HSRP uses a well-known MAC address for identify the interfaces.

- The switch will register this MAC address in the MAC-Table for each router. It means that he active link will have the well-known HSRP-MAC address.

- What will happen if the router fails? After all, the HSRP-MAC address will still be in the Forwarding Table of the switch, right?

- Will it not be a problem for the switch this issue?

- Which solution do I have? The switch is non-managed......

Thanks a lot! ;-)

Best regards,

Fabio

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 7 years 3 months ago

Hello Fabio,

what Simon is saying is that when an HSRP switchover happens the new active device will send out a Gratuitous ARP.

The frame has a destination of broadcast and a MAC source = HSRP VIP MAC addres.

in this way switches CAM tables are updated.

This should work even with unmanaged switches like the ones you have to use.

Actually without that gratuitous ARP HSRP would be of no use with any type of LAN switches it is a needed step.

PCs ARP tables are not affected by this message because it restates known information

Hope to help

Giuseppe

- If R1 is the active router (and R2 the Standby), the 0000.0c07.acXX address will be linked to the Port 3 - Yes

- If PC1 or PC2 try to communicate the outer world, will jump over R1 - Yes

- If R1 fails, the 0000.0c07.acXX address will still be linked to the Port 3 of the switch, right - No depoends on the below.

- When R2 activates, the switch will have the address 0000.0c07.acXX in Port 3 as well as Port 4. Am I right - R2 will send an ARP Broadcast, the switch should re-write it's cam/mac address table pointing the virutal mac address to port 4

- What happens then if PC1 or PC2 try to reach t he outer world? - if the above step is OK, there will be no issues

- When I say that the switch is unmanaged is that it has no menus or confugration options. That means I cannot change agings - Should not make a great deal of difference, what modle is the switch>

Correct Answer by simontibbitts about 7 years 3 months ago

Hi Fabio.

You will have a problem as when the standby router takes over from the active then it sends a gratuitius ARP which then changes the MAC table on the switch and also changes the ARP table on the devices.

This link is good at understanding the process, if you scroll down a bit you can see that a 'I' action happens when and 'Event 3' happens.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic15

Simon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.4 (5 ratings)
Loading.

- HSRP uses a well-known MAC address for identify the interfaces - YES 0000.0c07.acXX

- The switch will register this MAC address in the MAC-Table for each router. It means that he active link will have the well-known HSRP-MAC address - YES

- What will happen if the router fails? After all, the HSRP-MAC address will still be in the Forwarding Table of the switch, right - YES

- Will it not be a problem for the switch this issue - Should not be an issue

- Which solution do I have? The switch is non-managed...... Please clarify

fvalpondi Fri, 10/16/2009 - 06:48

Hi Andrew,

thanks for your response.

Actually the first two points were not questions, but statements that lead to the question.

Just suppose I have this topology:

PC1----|1 3|----R1--|

···········|·····|············|--- outer world (rest of the network)

···········|·····|············|

PC2----|2 4|----R2--|

- If R1 is the active router (and R2 the Standby), the 0000.0c07.acXX address will be linked to the Port 3.

- If PC1 or PC2 try to communicate the outer world, will jump over R1.

- If R1 fails, the 0000.0c07.acXX address will still be linked to the Port 3 of the switch, right?

- When R2 activates, the switch will have the address 0000.0c07.acXX in Port 3 as well as Port 4. Am I right?

- What happens then if PC1 or PC2 try to reach t he outer world?

- When I say that the switch is unmanaged is that it has no menus or confugration options. That means I cannot change agings, ...

thanks! :-)

Correct Answer

- If R1 is the active router (and R2 the Standby), the 0000.0c07.acXX address will be linked to the Port 3 - Yes

- If PC1 or PC2 try to communicate the outer world, will jump over R1 - Yes

- If R1 fails, the 0000.0c07.acXX address will still be linked to the Port 3 of the switch, right - No depoends on the below.

- When R2 activates, the switch will have the address 0000.0c07.acXX in Port 3 as well as Port 4. Am I right - R2 will send an ARP Broadcast, the switch should re-write it's cam/mac address table pointing the virutal mac address to port 4

- What happens then if PC1 or PC2 try to reach t he outer world? - if the above step is OK, there will be no issues

- When I say that the switch is unmanaged is that it has no menus or confugration options. That means I cannot change agings - Should not make a great deal of difference, what modle is the switch>

fvalpondi Fri, 10/16/2009 - 07:01

But...it would depend if the switch erases the "old" association to P3 when it receives the ARP from R2 in the P4.

If the switch is not able to do that, it could be the case, that one address was registered by the two ports...!

As this D-Link switch is crap, I do not know how it works...there is not even a "serious" manual...

fvalpondi Fri, 10/16/2009 - 07:11

The switch is the D-LINK DES1024D.

An alternate switch (if the D-Link does no work correctly) could be the Siemens Scalance X-200 Series.

I still have not implemented this upgrade for the network. I will do it in the next weeks.

thanks again for your help!

fvalpondi Fri, 10/16/2009 - 08:03

Yes, when I get the 2nd router I'll do the tests and let's see....I hop it will work :-)

Correct Answer
simontibbitts Fri, 10/16/2009 - 06:42

Hi Fabio.

You will have a problem as when the standby router takes over from the active then it sends a gratuitius ARP which then changes the MAC table on the switch and also changes the ARP table on the devices.

This link is good at understanding the process, if you scroll down a bit you can see that a 'I' action happens when and 'Event 3' happens.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic15

Simon

fvalpondi Fri, 10/16/2009 - 06:54

Hi Simon,

thanks for the answer.

The problem should only be at the Switch, since the PCs will mantain the HSRP-Mac address. right?

Well, I suppose that if the router fails completely (including link down), the switch will deactivate the interface.

But if the failure of the switch is not a power-caused failure...the link may still be active, even if it is not able to send the hellos.

viyuan700 Fri, 10/16/2009 - 07:53

"But if the failure of the switch is not a power-caused failure...the link may still be active, even if it is not able to send the hellos."

HSRP is first gateway redundancy your router is redundant here NOT switch.

Suppose if the switch fails or not doing what is supposed to do. Then your HSRP is working but your switch is not, Then PC will not be able to reach outside network.

If your switch is working properly (even though you cannot manage it) HSRP will work properly. means if active router fails and standby router will take over and your PC will be able to reach outside network.

fvalpondi Fri, 10/16/2009 - 08:04

Hi,

yes, I meant router not switch. I made a mistake when writing...!! sorry! :-)

viyuan700 Fri, 10/16/2009 - 08:26

"Well, I suppose that if the router fails completely (including link down), the switch will deactivate the interface"

Let say your router R1 is working and its outgoing interface (connected to outside network is down). In this situation your PC will not be able to reach outside network as R1 is still active but it cannot rout traffic. For things to work in this situation you have to use the feature of tracking interface of HSRP so when its interface is down the priority decrements and standby router can take over.

fvalpondi Fri, 10/16/2009 - 09:31

I had already planned the tracking. Anyway, thanks for the recomendation!

Correct Answer
Giuseppe Larosa Fri, 10/16/2009 - 10:31

Hello Fabio,

what Simon is saying is that when an HSRP switchover happens the new active device will send out a Gratuitous ARP.

The frame has a destination of broadcast and a MAC source = HSRP VIP MAC addres.

in this way switches CAM tables are updated.

This should work even with unmanaged switches like the ones you have to use.

Actually without that gratuitous ARP HSRP would be of no use with any type of LAN switches it is a needed step.

PCs ARP tables are not affected by this message because it restates known information

Hope to help

Giuseppe

simontibbitts Sat, 10/17/2009 - 09:02

Hi Fabio.

Sorry I meant to say you will NOT have a problem!

Sorry for the typo!

Simon

Actions

This Discussion