Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

HSRP in a redundant Layer-2 network......

Has anyone got any experience with the following network scenario:

2-Core Catalyst 6500's with Layer-3 (either Hybrid or Native it doesn't matter). These are connected together using a Layer-3 point-to-point link and also a Layer-2 link due to a stacking design (see next). Access Layer 'stacks' of up to 3 Catalyst 3550 SMI switches are connected back to these 2 core 6500's with 1000BaseSX GBICs, the 3550's are interconnected using 1000BaseT GBICs. The top 3550 and the bottom 3550 have the uplinks to the 2 core 6500's. All links are 802.1q trunks carrying multiple VLANs.

Now we have an STP loop in this network - the Layer-2 network must span between the 2 core 6500's and then to all the 3550's in a stack. The reason for the Layer-2 loop between the 2 core 6500's is if we loose a 3550 in a stack then we will potentially have a discontiguous subnet with HSRP going Active on both 6500's - hence the loop to stop this.

In my expreience with a setup like this we have 2 failovers - the first will be HSRP when the standby kicks-in and then when STP has reconverged through the core link (obviously depending on where we engineerd it to block) HSRP will failback (if preempt is configured). I know this isn't the ideal scenario (I would rather engineer the loops out but with stackable 3550's we can't unless we don't stack them). I have had no good experiences with UplinkFast and BackboneFast so I don't want to introduce these into the design. We are also running Rapid PVST+ (as recommended by Cisco for this design).

I would appreciate anyones expreiences with a setup like this and what sort of failover times, STP reconvergence times are typical. And anything else relevent.

I know this is not a good design but this is price driven and we have to deliver the best solution within the budget.



New Member

Re: HSRP in a redundant Layer-2 network......

I'm not sure why you have the layer 3 link between the 2 core switches, and I don't see how you would get rid of the loop even if you don't stack them because you would still dual home them and the 2 cores are connectected together so you still have a loop. although if you don't stack them you can use uplinkfast, this allows instant cutover to the backup link if the primary fails, kind of like portfast for uplinks. I would also recommend redundant layer 2 links between cores, heres why. you have 2 cores and one switch below dual homed, I'm assuming your cores are root and backup bridges, that means one of the uplinks will be down. This means that hsrp hellos will go between the layer 2 link between the cores. now do your testing an pull links, if you pull any of uplinks, its just a spanning tree convergence, very quick particularly if you use uplinkfast. No hsrp convergence because hsrp hellos go between layer 2 connection of cores. now if you pull the link between the cores, spanning tree needs to reconverge, while spanning tree is reconverging, the hsrp hellos don't have a path to take, therefore hsrp switches over, then spanning tree finally converges and the hsrp switches back, a good 2 minute process. I've implemented this same scenario with 4 6509's, and 2 gsr's, the top 2 6509's were layer 3, with point to point ospf links to gsr's, 6509 1 was root and hsrp primary for odd vlans, 6509 2 was root and hsrp primary for even vlans, the bottom to 6509's were layer 2 only (essentially your 3550's) and were dual homed to 6509 1 and 2 and also interconnected, we went thru the whole scenario pulling cables one by one and testing recovery.

CreatePlease to create content