HSRP and advertised routes

Unanswered Question

Have two routers (A and B) setup on the same LAN (10.208.16.x/24). A is the primary and B is secondary HSRP routers.

Since the two interfaces are both up, both routers advertise the route to 10.208.16.x/24. When I set the metrics the same, everything works as long as both routers and interfaces keep working. To keep asymmetric routes from occuring, I have changed the metric for the path to router A to make it preferred. Everything is stable. If router A fails or the Interface fails or goes DOWN (keyword), then B takes over and the only route the system sees if to B. However, if the interface on router A does not go DOWN, router A will continue to advertise the route (a preferred route) to 10.208.16.x/24. The cases I have found when the router A interface does not go down are when the VLAN is corrupted between routers A and B, and when a switch link failure splitting a VLAN into two segments. In both cases, I effectively get TWO primary HSRP routers and routes advertised by both for the same subnet.


Several Questions:

1) How can I link the advertisement of an Interfaces IP subnet to the state of HSRP (Primary-advertise; Secondary-don't).


2) How can I make HSRP work (with some help) in a split LAN situation? (At least until I can get it fixed.)


3) Is there any configuration (on the HSRP side to a single LAN) that avoids this problem?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 11/06/2009 - 01:53
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello James,

1)

HSRP just provides a virtual default gateway and actually does not interact with routing protocols and IP routing table.

HSRP priority can be manipulated with tracking.


so you may be able to change the HSRP priority based on the existance of a specific route.


see

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_eot.html#wp1054818


the reverse to change parameters of an advertised route depending on HSRP state should not be possible.


to be noted that unless firewalls are on the path asymmetric routing is not a problem at all: the return traffic can come back from the HSRP standby router.


if firewalls are involved the primary device has to advertise with a lower metric the subnet as you have already done


2) if the vlan is splitted both routers will become HSRP active because they don't see each other HSRP hello messages.

both routers will advertise the IP subnet associated to the vlan because their L3 interface is up/up.


in this case no complex tracking would help each router promotes itself to HSRP active.


IP connectivity is a problem for return traffic: traffic has 50% percent probability to go back to the right router.


the best thing is to provide link redundancy for inter-switch communication so that this split event is made unlike because it would require multiple link failures


an etherchannel between the two switches is a common choice acting as L2 trunk and permitting all client vlans.


Hope to help

Giuseppe


Actions

This Discussion