Cisco Support Community
Community Member

SRST Redundant Gateways Best Practices


I work for a large company that has a distributed IT organization. The network and telecom groups are separate and want the services divided for support reasons. Our networking team does not want to use dynamic routing or use floating static routing for redundant connections (using a loopback as the primary IP for Call Manager) on SRST/gateway devices. So the only thing we can think of is to make these devices single homed to a specific access switch. I think that is not the best way of doing things but I am open to discussion to how other companies handle this situation. Since this is technically still a router and doesn't act like an active/standby NICs, its getting difficult to find a solution that doesn't sacrifice redundancy vs operational separation.

I would like to have redundant connections on two SRST/gateways and splitting the trunks evenly between the two so if we lost a switch we wouldn't lose half our trunks. We may have to do dial peers for overflow if a DID comes in on a gateway that doesn’t the that phone registered to it in a failure scenario to forward it to the router that does have it registered.

Just looking for the most redundant/right way of doing this.

Any ideas? Thanks in advance!


VIP Super Bronze

Re: SRST Redundant Gateways Best Practices

You have a few options depending how redundant you want to get. As with the rest of the UC deployment, it's going to require some cooperation from the networking team though.

  1. For connected-switch redundancy per-router you should use the loopback interface with layer-three routing. Be careful to adjust your load balancing to be per-flow and not per-packet. You can do a layer-two interface using the 'switchport' interface command and adding a vlan interface for the layer three address but I wouldn't advise it.
  2. For router chassis redundancy:
    1. you can use HSRP and assign the SRST reference in UCM as the virtual interface address. This does not work with Secure SRST. Also note that the SIP or H.323 processes would need to be bound to the real IP addresses so you can use both routers' circuits instead of just the active node in the pair.
    2. you can split the DN range in half and create two separate SRST references. Adding dial-peers between the routers could get you full calling abilities during fail over.
Community Member

Re: SRST Redundant Gateways Best Practices

Thanks for the post Johnathan!

So this sounds like an either or solution. We need to decide on using redundant connections or using HSRP for this, is that right? So in an access switch failure senario would we still loose half of the trunks using HSRP?

Looking for example of what other companies do in a situation like this? I'm sure that we are not the first to raise this question. Also any best practices that you may have might be helpful.

Looking for something similar in what a Cisco Call Center might do for redundancy purposes. Is dynamic routing a must do be able to establish the best possible design? i.e., Dual SRST routers with dual homed switch connections.


VIP Super Bronze

Re: SRST Redundant Gateways Best Practices

I would have to lab up the HSRP scenario to confirm but I do not believe so. The SIP process (voice service voip > sip) should be bound to another non-virtual IP address on the router. All you want HSRP for is SRST between two chassis. The individual circuits in each chassis don't benefit from it so you can use the redundant interface option there.

As for what most companies do: It comes down to your downtime acceptance and budget. The most redundant option would be two routers but budgets don't always allow for that. Many use a single router with dual links.

CreatePlease to create content