cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
675
Views
0
Helpful
6
Replies

HSRP-Spanning tree

nkhwaja
Level 1
Level 1

Here is my setup:

- each 4500 connect to both 6509 and both 6509s connect with etherchannel of 6Gb.

4500c -|-- 6509a (vlan61: st-root, hsrp-active)

| |||||

|-- 6509b (vlan11: st-root, hsrp-stdby

6509s run hsrp.

4500 has two vlans-11,61

6509a is hsrp-active for all vlans, whereas 6509b is hsrp-standby for all vlans.

6509a is st root for vlan61

6509b is st root for vlan11

Question: Performance wise, is it better to have 6509b as HSRP-active for VLAN11 ??

I think so since 6509b is the first hop for vlan11 traffic. Am I on the right track ??

6 Replies 6

ankurbhasin
Level 9
Level 9

Hi Frined,

As you said you have a etherchannel between 2 6509 so my curiosity is that the etherchannel is layer 2 or layer 3 etherchannel?

Why I am asking is because if you are using HSRP also between 4k switch to 6k switch with STP , your one port will be block for each vlan because of STP as STP will find a loop between 4k switch and cat6k switches so downtime will be more because of STP convergence.

Some how I think this will not going to be a best design.

The best design will be to have layer 3 channel between 2 6509 switch incase if you are also using routing on cat6k switcches if not then I do not think you need etherchannel between 2 cat6k switch as you are already having HSRP for redundancy and for HSRP you can use both the 6k switches. I mean make one 6k active for one vlan and make another cat6k active for another vlan so in this way you can use both cat6k resources and one cat6k resource will not go waste.

HTH

Ankur

- Etherchannel between two 6509s is L2.

- HSRP is active between two 6509s.

- 6509s are running IP routing.

- yes, STP has blocked one 4500-port to one of the 6509 for each vlan.

Between the two 6509s, why a L3-etherchannel is better than a L2-ethercahnnel??

Pls. elaborate.. thanks for your help..

With your environment you will not be able to utilize a L3 etherchannel between the 6509s. This etherchannel should remain an L2 ethercahnnel and be configured as a 802.1q trunk with all VLANs allowed to across.

To answer your initial question - yes 6509b should be HSRP active for VLAN 11. In fact, it is best practice to configure the HSRP active router on the same 6509 as STP root. This provides the most efficient routing in the network as well as the best stability and failover times possible.

-Mark

Hi Frined,

The reason WHY I pointed it will not be a good design is the convergence time will be more even when you are running HSRP.

To explain:

Lets take an example 2 cat6k switch with etherchannel and single trunk links between 4k switch to 2 cat6k switch

Now STP will block a link between 4k switch to one cat6k switch as you confirm.

If the other link which is in fwding state goes down HSRP hello packet will still flow between 2 cat6k switch via etherchannel and second cat6k switch will not come to know about main link going down and will remain in HSRP standby state and the STP cpnvergenace will make the blocked link as active in 50 seconds so the convergence time will be more as compared to HSRp which is only 10 seconds.

If the cat6k switch which is in HSRP active state goes down completely then the hello packet will not reach the standby switch and will become HSRp active switch but still STP will take its own time to converge and hence the convergence will be approx 50 seconds though you are running HSRP.

So my design for HSRP says if I am using HSRP I should avoid STP so no need to run etherchannel between 2 cat6k switch if you are having HSRP and incase you still want that then play with STp also to deplu uplink fast or deply RSTP.

HTH

Ankur

6509A==HSRP+L2-ethchannel===6509B

| |

4500------------------------X

Link to 6509B is blocked by STP.

If the active link goes down, STP takes 50 sec to 'active' the 'blocked' link, while HSRP switched in 10sec only. If not L2-etherchannel between two 6509s, what else is the option ? L3-etherchannel will work ?

The failure scenario you posted does not correctly describe what HSRP and STP will do when an uplink failure occurs.

If there is a trunk between the 6509s and a 4506 has a link to both 6509s and one of those links from the 4506 fails, reconvergence time will be zero. Not 50 seconds as you proposed. The reason that it is zero is because STP on the 4506 knows that a link failure has occured and therefore puts the remaining uplink into a forwarding state immediately. If there is only one link there cannot be a loop. Test it in a lab - it works.

The 50 second timer you posted occurs when a new link comes up. And really it does not take 50 seconds - usually around 30. If STP and HSRP timers have been tuned - both STP and HSRP can converge in 10 seconds max.

-Mark

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: