Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
326
Views
0
Helpful
4
Replies

About tunneling and HSRP on different networks

camille-eit
Level 1
Level 1

‎12-10-2002 03:16 AM - edited ‎03-02-2019 03:29 AM

Hi all,

I encounter a problem to allow HSRP through a tunnel between two routers on different networks.

My supposed active and standby routers, well configured with HSRP (this has been tested before), are on different networks with an intermediate router and the purpose of my question is to find how to configure a tunnel between the two HSRP configured routers and through this intermediate router that allows HSRP to work well.

The tunnel I have configured allows multicast (I know it because the two HSRP configured routers can share their OSPF table from the tunnel) but both keep on their active mode.

If you have any idea on this question please mail me your tips !

Thank U

Camille, France

Labels:
0 Helpful
4 Replies 4

lgijssel
Level 9
Level 9

‎12-10-2002 05:10 AM

If I remember well, the HSRP multicasts have their TTL set to one. Crossing a router kills them. I am afraid there is no workaround.

0 Helpful

rais
Level 7
Level 7

‎12-10-2002 06:04 AM

I dont think the intermediate router in the middle would increment TTL of the carried or the 'tunneled' IP packet

What are you trying to achieve as both HSRP routers are on different subnets?

Thanks.

0 Helpful

camille-eit
Level 1
Level 1
In response to rais

‎12-11-2002 04:38 AM

Hi,

Here is more explanations about my problem :

For anyone who wants to understand the purpose of the tunnel and HSRP configured routers on different subnets, the aim of the intermediate router is to feign, on the ultimate architecture, a pix that should allow OSPF traffic and HSRP hello packets.

I have the idea of one GRE tunnel because the pix doesn't allow multicast traffic with classical filtering.

I have tried to configure the HSRP virtual address on the same subnet used by the tunnel interfaces on the two distant HSRP configured routers but the following error appeared :

192.168.50.100 overlaps with Tunnel0, with 192.168.50.100 as HSRP virtual address of the standby group

This issue seems not to solve my problem ...

Thanks for your cooperation,

Camille

0 Helpful

vcjones
Level 5
Level 5
In response to camille-eit

‎12-11-2002 06:39 AM

Perhaps something is getting lost in the translation to English, but your goal of running HSRP through a tunnel does not make sense. HSRP requires the participating routers to all be on the same LAN network segment, which they certainly are not (unless by tunnel you actually mean remote bridging). An IPsec tunnel normally counts as one router hop, which would break HSRP and OSPF keepalives. You can do OSPF, but then the tunnel endpoints have to be on the routers running OSPF, not on an external PIX or router (that is, you have to use a GRE tunnel through the IPSec transport).

Perhaps if you expressed the problem you are trying to solve rather than the solution you are trying to implement, someone could show you a more appropriate way to get the job done.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

0 Helpful
Customers Also Viewed These Support Documents