Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
0
Helpful
4
Replies

Ingress/inbound routing to a stretched VLAN (HSRP)

petar.golubovich11
Level 1
Level 1

‎07-21-2016 07:11 AM - edited ‎03-08-2019 06:43 AM

Trying to figure out the simplest solution to the following:

- A single VLAN stretched over 2 physical data centers

- Assuming all L2 issues are handled and a dark fibre cable connects the two sites

- HSRP can be configured to ensure router failure doesn't affect egress routing (my understanding is that whichever router is active will simply use its routing table to send packets further)

- The issue of ingress has come up - how do we configure the WAN side to intelligently route from other sites to the data center where HSRP IP is active (to avoid asymmetric routing). Is BGP a solution - and the only one - or can something simpler be used.

If someone could describe the mechanics of ingress routing to HSRP via two routers that would be much appreciated.

Labels:
0 Helpful
4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

‎07-21-2016 09:18 AM

With HSRP, VRRP, you only have control over outbound traffic and not the incoming.   If you have 2 routers connecting to 2 providers, you can run BGP and use AS path per-pend to make the backup side look as it is longer path, so inbound traffic comes to the active router. Do you have a diagram you can post?

HTH

0 Helpful

petar.golubovich11
Level 1
Level 1
In response to Reza Sharifi

‎07-21-2016 07:45 PM

It is more or less as shown in the drawing (with the WAN side of things being the issue/question).

There may be a router other than a card in 6500 on the left. The two sites have fibre between them.

Preview file
15 KB
0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to petar.golubovich11

‎07-21-2016 08:27 PM

So, yes in this design you can use BGP on the 6500 and the ASR routers to peer with the routers sitting on the remote location. For example say you want the 6500 to be the primary for inbound traffic and lets say that is your HSRP active you would pre-pend routes coming from the ARS site so the path appears longer and so traffic inbound and outbound uses the 6500.

If you have a lab environment, you can test it before putting it in production.

HTH

0 Helpful

petar.golubovich11
Level 1
Level 1
In response to Reza Sharifi

‎07-22-2016 04:07 AM

Alright, very good - but would HSRP failover on LAN be able to drive the BGP advertising correctly - in a way that asymmetric routing would be avoided, so:

- If 6509 is HSRP active, that this is the only gateway advertised for the stretched VLAN on WAN side

- If HSRP fails over to ASR, that the 6509 route is dropped and replaced by the ASR one (hopefully within a couple of seconds not minutes)

I was looking at tracking and IP SLA but have now come to think there should be a simpler way to do this - by just ensuring the right route gets advertised from the right routed - the missing piece being what are the exact config parameters which would achieve this :-)?

Many thanks,

Petar 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card