Thanks for the reply.

I did not mention in my scenario description that the backup site will also be the new gateway site as well. That backup site has another router with HSRP heartbeat communicating with out primary production site.

So you would agree in that scenario that we would need the hsrp instance for our routed vlan? And if I understand you correctly if we are not going to route the vlan then we would not need the hsrp config.

And I will add a preempt to the config.

Thanks again for the comments and help.

Hello John,

So you would agree in that scenario that we would need the hsrp instance for our routed vlan?

Yes. The HSRP actually makes PCs in the respective VLAN believe that there is a single gateway, even if there are multiple physical gateways. If either of them fails, the other will transparently take its place by assuming its vMAC and vIP address. This change will be invisible for the PCs and their connectivity will not be impaired.

And if I understand you correctly if we are not going to route the vlan then we would not need the hsrp config.

Yes. The HSRP is a mechanism to back up the default gateway for PCs in a network as they do not ordinarily speak any routing protocol and that are, in general, unable to detect if a primary gateway failed and what backup gateway should they use as their new default gateway. HSRP makes this easy for them - the virtual MAC and IP never change, regardless of which physical gateway is currently active. However, if there is no default gateway necessary in the network then the HSRP does not serve any useful purpose and there's no point in configuring it.

Best regards,

Peter

Hi Peter

Personally, I do not recommend combining preemptive and non-preemptive configuration and I suggest configuring also the secondary switch with preemption enabled.

That's a very interesting point actually. I take a slightly different approach.

If you are tracking interfaces with HSRP then both devices need preemption. If you aren't however doing any tracking then i only configure the device with the higher priority to preempt. The reason for this is that a common design is to match the STP root with the HSRP active. If the active router fails but the switch doesn't then the interconnect between the switches becomes much more utilised. So as soon as the higher prioriy router becomes available again i want it to preempt so that L2 and L3 traffic are back on the same path.

But i can't see any reason why you would need preemption on the lower priority router. Is there a reason why you recommend it on both routers. Just interested.

Jon

Hello Jon,

My recommendation to have all routers configured as HSRP preemptive is mostly based on my concern that a within a standby group in which some routers are preemptive and some are not, the outcoming active router is not based solely on router priority but also on the history of active router changes, and as such is not deterministic. In other words, the active router role is prone to race conditions. Also, if by accident the preferred active router is not configured as preemptive, it will not be able to regain its active role after a reload or temporary disabling.

In a network with two routers, the behavior is fairly straightforward and easy to discuss. However, if there are, say, 4 or 5 routers with different priorities and different preemption settings, modelling all active state transitions may be a daunting task and there is a risk of active role landing on an inappropriate router and remaining stuck there. In fact, this reminds me very strongly of critical race hazards in logic circuits - depending on the sequence of change in internal variables, the output of the system varies.

So this is my rationale behind it - but obviously, it is probably more about "network aesthetics", as Mr. Jeff Doyle called it in one of his books.

I would like to know your opinion.

Best regards,

Peter

Peter

Interesting discussion, not sure i've ever actually worked through all the possible failure sceanarios of HSRP

I understand what you are saying in that if you configure everything with preempt you are in fact getting rid of one more variable that could influence the decision and are making it purely based on the HSRP priority - at least that is what i think you are saying !

I approach it slightly differently in that by configuring only one router with preemption i am making a statement that this is the active router under normal operation and that if i am looking at a router that is active but does not have preemption enabled then my active router has failed. If i don't want a router to preempt then don't give it the chance.

However which router should be active etc. can all be worked out by looking at each routers priority. The key thing is that only one router can be configured with preemption. I totally agree that it would be a complete mess if you had 4 routers with different priorities and 3 were configured for preemption.

Having said that i suspect my approach is more from habit/practice than any sound technical reason to be honest !

Jon

Hi Peter and Jon,

This is my view on this.Configure preempt on both the routers.

At minimum, you should have preempt configured on the primary router so that when when it comes online, it will take over active role.  The primary router
is of course the one with the higher priority.  The HSRP default priority is 100.  

So, you could ask why should I configure it on the other router (the lower priority router)?  Best Practice says to configure it both, especially if you are
 tracking an interface.

So, if R1 has higher priority (105) than R2 (100), then R1 should have "standby preempt" configured so it will take over from R2 if it reboots. If you are 
tracking another interface and that interface goes down, then the priority will lower by 10 (default).  If the second router does not have "preempt", it 
will have no way of taking over the active role.

Hope it doesnot confuse you guys too much.

-amit singh