Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

HSRP

I hope I don't get "rapped" in the mouth for this, but I don't quite understand how HSRP works....If I have two 6509's, and I want 6509A to be the primary switch and the second one (6509B) as a "back-up", how would I do this exactly?

In other words, I have two 6509's with say ten VLAN's on it, each VLAN would have it's own IP and HSRP group. Then the other 6509, gets what? the same config on it? and just run one cable for every VLAN?

I hope this makes sense......

4 REPLIES
Hall of Fame Super Silver

Re: HSRP

Dave

I hope this explanation will help you to understand HSRP better. If you have 6509A and 6509B and have multiple VLANs it may be advisable to configure HSRP. What you would do and how it works is basically like this:

on 6509A you have some ports assigned to VLAN 5 and on 6509B maybe you have some more ports assigned to VLAN 5 (and if you do not it works about the same). You configure at least one connection between the switches as a trunk port. On 6509A you configure interface vlan 5, you assign an IP address (and subnet mask) and you configure HSRP assigning a shared IP address (in the same subnet as the address you just assigned), and since you want 6509A to be primary you configure HSRP priority greater than 100 (perhaps 105). Then on 6509B you configure interface vlan 5. You configure another IP address and subnet mask and you configure HSRP to use the same shared address as 6509A. Then you configure all the PCs connected to ports in vlan 5 to have their default gateway using the shared address of HSRP. You do the same things for each VLAN: configure the vlan interface on 6509A, configure its IP address and subnet mask, configure for HSRP a shared address in that subnet, and configure HSRP priority. On 6509B you configure the vlan interface, configure an IP address in that subnet, and configure the same shared IP address for that subnet.

So the way it works is that the 2 switches communicate with each other and 6509A becomes the primary (because it has higher HSRP priority). So when PCs ARP for the MAC address of their default gateway the response comes from 6509A. The PCs will forward their traffic to 6509A which will forward toward the destination. 6509B is waiting in reserve in case there is a problem with 6509A. If 6509A has a problem 6509B will find that out (communicating over the trunk) and 6509B will become active on the shared address (and will use the MAC associated with the shared address). So PCs are still sending traffic to the MAC of their default gateway but now that MAC is on 6509B instead of 6509A. That is the essence of HSRP: each switch has a vlan interface for each vlan, each vlan interface has its own IP address and subnet mask, both vlan interfaces have a shared IP address (which is the address used as default gateway by the PCs in that VLAN), and if you care which switch is primary then you configure priority on that interface.

HTH

Rick

Re: HSRP

Hi Dave,

as u said, the best bet would be the HSRP running between these 2 switches. assume that you have 5 vlans created on 6509A, exactely the same configuration should be running on the the 6509B, only the switch IP address & the vlan interface ip address should be different. where the standby ip should be the same on both the vlan interface of 6509A & 6509B. you have also that how 1 becomes the main & other becomes the backup. when you run HSRP, actually both the switches are active, which means the 6509B is also running same as 6509A, when ever 6509A fails, immediately, will few seconds of delay in my test lab it took 8 seconds(juz to learn the MAC address everything)6509B will become the active switch. this is based on the priority of the switch configured on the vlan interface. here is now to configure one as an active switch & the other as the standby switch.

ohyscial connectivity as follows

edge-1 -----> 6509A

edge-1 -----> 6509B

6509A -----> 6509B

all these ports should be trunked.

on 6509A

switch

set interface sc0 5 10.1.1.1/255.255.255.0 10.1.1.255

MSFC2(layer 3 module)

interface vlan 2

description ***Server Farm***

ip address 10.1.1.254 255.255.255.0

standby 1 ip 10.1.1.252 255.255.255.0

standby 1 timers 5 15

standby 1 priority 110

standby 1 preempt

interface vlan 3

description ***Marketing Department***

ip address 10.2.1.254 255.255.255.0

standby 2 ip 10.2.1.252 255.255.255.0

standby 2 timers 5 15

standby 2 priority 110

standby 2 preempt

on 6509B

switch

set interface sc0 5 10.1.1.2/255.255.255.0 10.1.1.255

MSFC2(layer 3 module)

interface vlan 2

description ***Server Farm***

ip address 10.1.1.253 255.255.255.0

standby 1 ip 10.1.1.252 255.255.255.0

standby 1 timers 5 15

standby 1 priority 109

standby 1 preempt

interface vlan 3

description ***Marketing Department***

ip address 10.2.1.253 255.255.255.0

standby 2 ip 10.2.1.252 255.255.255.0

standby 2 timers 5 15

standby 2 priority 109

standby 2 preempt

here you can see that the priority valvue is less on 6509B,based on this value active & standby will be decided.

now in the client & server side, make the gateway ip address as the virtual IP. ie. for servers the gateway IP address should 10.1.1.252 & for the markerting pc's it should be 10.2.1.252.

which means even if 6509A interface vlan 2 fails this 10.2.1.252 virtual IP will act as 10.2.1.253

Note: HSRP between the switches (6509A & 6509B) will communicate via Multicast, so when you implement access list make sure that you permitting the multicast IP address 224.0.0.2 for HSRP, if it is not permitted HSRP will not work.

i hope this helps you,

reate this post if cleared.

New Member

Re: HSRP

...hope this helps!!!....WOW!!!, Does it ever, you guys are awesome, THANKS.

Another quick question, I guess good pratice would be to have two cables going to 6509B for each VLAN, just in case, Yes?

Re: HSRP

Hi Dave,

my suggestion & i have set in my network is 4 cables running(created etherchannel 4 Gbps) between 6509A to 6509B.this communication is required to exchange the HELLO packetz between the 6509A & 6509B. if 6509B does receive HELLO packetz, then it immediately becomes active switch for the edge switches. so this connection is must.also u have specified that each vlanz, actually all vlans are created in 6509A & 6509B, there is no necessity saying that each vlan each cable. only thing edge switch requires 2 cables, by 1 connecting the 6509A & the other to 6509B.

hope ur clear.

rate this post if ur very much.

177
Views
5
Helpful
4
Replies