Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4070
Views
0
Helpful
8
Replies

hsrp design and vss

Go to solution
Network Pro
Level 1
Level 1

‎04-18-2012 04:43 AM - edited ‎03-07-2019 06:11 AM

Hi,

just wondering is it possible to run hsrp on two routers (not l3 switch) connected to a l2 switch ? if so does the two routers need a back to back connection ?

i know if use two l3 switches (instead of routers) and connect to a LAN switch then we need a back to back connection between the L3 switches

also can we use hsrp on vss on 6500?

design

1800 router                                       1800 ROuter

     |                                                        |

     |                                                        |

     |---------- L2 switch-------------------------------|

if the above design is acceptable how does the routers know which one is active and which one is standby ? if we need a direct connection between two routers they have to be on a seperate subnet and routers dont allow broadcasts - so how will hsrp work on routers ?

L3 switch --------------------------l3 switch

   |                                            |

   |                                            |

   |---------------L2 switch---------------|

Thanks 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ven Taylor
Level 4
Level 4

‎04-18-2012 07:22 AM

Don't think of "physical" connections when using HSRP.  Their relationship is based on IP addresses, so they don't even have to be local to one another.  We run HSRP between routers in different cities for our Internet BGP peers.

Given your first example, if you have the two router interfaces properly configured, they'll see each other and establish an HSRP relationship and exchange hello packets.

I've posted a simple configuration template for you to follow.  it will work in either situation.

Obviously, change your ports based on your needs.

R1

interface g0/1.5

ip address 10.1.1.2 255.255.255.0

standby 1 ip 10.1.1.1

standby 1 priority 101

standby 1 preempt

standby authentication 5

no shut

R2

interface g0/1.5

ip address 10.1.1.3 255.255.255.0

standby 1 ip 10.1.1.1

standby 1 priority 99

standby 1 preempt

standby authentication 5

no shut

Switch:

interface g1/0/1

description R1 g0/1

switchport mode access

switchport access vlan 5

no shut

!

interface g1/0/2

description R2 g0/1

switchport mode access

switchport access vlan 5

no shut

In this scenario, everyone on vlan5 uses 10.1.1.1 as their default gateway.

If you're using 3 L3 switches, just make sure the L2 vlans exist on all three switches and the L3 SVI's exist on the two HSRP peers... Example

Interface vlan5 instead of g0/1.5

Ven

Ven Taylor

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Ven Taylor
Level 4
Level 4

‎04-18-2012 07:22 AM

Don't think of "physical" connections when using HSRP.  Their relationship is based on IP addresses, so they don't even have to be local to one another.  We run HSRP between routers in different cities for our Internet BGP peers.

Given your first example, if you have the two router interfaces properly configured, they'll see each other and establish an HSRP relationship and exchange hello packets.

I've posted a simple configuration template for you to follow.  it will work in either situation.

Obviously, change your ports based on your needs.

R1

interface g0/1.5

ip address 10.1.1.2 255.255.255.0

standby 1 ip 10.1.1.1

standby 1 priority 101

standby 1 preempt

standby authentication 5

no shut

R2

interface g0/1.5

ip address 10.1.1.3 255.255.255.0

standby 1 ip 10.1.1.1

standby 1 priority 99

standby 1 preempt

standby authentication 5

no shut

Switch:

interface g1/0/1

description R1 g0/1

switchport mode access

switchport access vlan 5

no shut

!

interface g1/0/2

description R2 g0/1

switchport mode access

switchport access vlan 5

no shut

In this scenario, everyone on vlan5 uses 10.1.1.1 as their default gateway.

If you're using 3 L3 switches, just make sure the L2 vlans exist on all three switches and the L3 SVI's exist on the two HSRP peers... Example

Interface vlan5 instead of g0/1.5

Ven

Ven Taylor
0 Helpful

Go to solution
Network Pro
Level 1
Level 1
In response to Ven Taylor

‎04-18-2012 07:37 AM

thanks for this. say for example if i am using a l3 switch (insted of router) then do i need a back to back connection ?

in the previous example you said you run hsrp between two routers  that connect back to internet. .. so in this case both isp has to be in active active state inst it ? say for example you loose connection from the l2 switch to the router 1 (that connects to isp A) then all traffic would flow through Rrouter 2 that connects back to ISP 2 - this will only work if ISP 2 is also in active state, isnt it ? (but instead if you have a back to back between two routers then still you will be able to use ISP 1, isnt it ?)

0 Helpful

Go to solution
Ven Taylor
Level 4
Level 4
In response to Network Pro

‎04-18-2012 07:43 AM

No need for a back-to-back connection in either scenario.  As long as your L2 vlan connects the two L3 switches via any other switch or switches, your "core" switches will see each other.

Regarding your question about the Internet/bgp HSRP setup, no.  They're active/standby when you look at them from the "inside".

From a bgp perspective, they're both routing.

We have redundant firewalls that point to an HSRP VIP (.1 default gateway) for Internet traffic.  This VIP is really the HSRP address of two Internet routers running external BGP.  Our internal network sees only one route out, but the two Internet routers share ibgp between them and route traffic based on their own bgp configuration, so both are used, depending on where you're going.

Make sense?

Ven

Ven Taylor
0 Helpful

Go to solution
Network Pro
Level 1
Level 1
In response to Ven Taylor

‎04-18-2012 07:48 AM

if i etherchannel between the two layer 3 switch in the 2nd scenioro will this still work ? (so etherchannel between two layer 3 switch and hsrp to edge switch (l2 switch))

0 Helpful

Go to solution
Ven Taylor
Level 4
Level 4
In response to Network Pro

‎04-18-2012 07:55 AM

Yes.  An Etherchannel is just an aggregated group of interfaces.  As long as the Etherchannel contains the same L2 vlan as the L3 SVI, HSRP will work fine too.  You can even make your Etherchannel a layer 2 trunk so that it hosts ALL the vlans you want to participate in HSRP.

What's your end game?  That may help figure out what's best for you.

Ven

Ven Taylor
0 Helpful

Go to solution
Network Pro
Level 1
Level 1
In response to Ven Taylor

‎04-18-2012 08:01 AM

so what is the exact purpouse of the back to back connection between the l3 switch ? (sorry just bit confused as its not required if you are using a router instead of a l3 switch?)

0 Helpful

Go to solution
Ven Taylor
Level 4
Level 4
In response to Network Pro

‎04-18-2012 08:19 AM

The back-to-back connection was just so that the two routers could send hello packets to one another.

A lot of companies will design this way because it makes for an easy HSRP setup.  If you lost a closet switch, HSRP didn't care.

A lot of companies have now moved to the " V " setup and run HSRP through a closet switch.  This came along with the push to keep a vlan located on a single closet switch and allowed for the removal of trunking because the closet switch was in the same vlan as the users.  Typically, the switch IP address would be the address right below the broadcast address.  (.254 if using /24)

Ven

Ven Taylor
0 Helpful

Go to solution
Network Pro
Level 1
Level 1
In response to Ven Taylor

‎04-18-2012 08:26 AM

cheers ven:)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card