Bear in mind this is a general rule and there are exceptions to all - based on the particular design.
Given the fact HSRP failover has occurred, an interface/router will have gone down. As a result, I want the failover to the other HSRP peer to be as quick as possible (ie make the delay as low as possible). HSRP failover will by default be about 10 seconds (after 3 missed hellos), enough time for OSPF to have done it's reconvergence. OSPF probably will have reconverged before HSRP anyway, so you don't want to slow things down any more (i.e. if it's just an interface down on the active HSRP, then the active router will still receive the OSPF routes from the standby and forward the packets over to the standby and out to the destination before the HSRP fails over - I have had production environments failover in about 6 seconds).
As for STP, that can take anywhere from 20 to 50 seconds, so I hope that most networks are relying on L3 protocols for failover, and not L2 STP in the core/distribution layers. If it is STP failover, then serious consideration should be given on how to change. STP blocks should be local, small as possible, in most cases. Depends on the design and nature of the failure, the active HSRP router could forward traffic over to the peer HSRP, so again, I want it ready as soon as possible, certainly before STP reconverges.
What you describe covers when a HSRP active unit fails. What I am looking for is when the that failed unit recovers after a reload. What would be a recommended preempt delay value be to cover STP & ospf convergance.
Again, it will take HSRP longer to fail back over than it will OSPF. HSRP will have to go through it's states (listen, speak etc) before it fails back over, OSPF will be quicker (based on my experience with OSPF and EIGRP).
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...