Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Crucial & Involved HSRP Issue

Hi All,

I am currently building a small lab network for my job.  We are connecting to various points on our contracting service provider's network, with the ultimate goal of being able to define requirements / parameters / baselines (jitter, latency, etc...) by using network emulation from any point to any point of our choosing from the locations that we have connections from on our service provider's network.

My local network has a primary and redundant path, both identical and sitting in their respective racks, with the network emulation equipment crossing over to be used on whatever path is active at the time.  The redundant path is inactive unless the primary path fails.

I have a Cisco 871 router on my primary path, and that is connecting to my primary path AND secondary path Cisco 2950 switches on respective fast ethernet ports.  The same is true for my secondary path --- I have a Secondary Cisco 871 router, connected to my primary and secondary Cisco 2950 switches on respective fast ethernet ports.  Completly identical set-up.

The Primary path Cisco 2950 switch has 13 connections that go into a patch panel, and then go out to 13 different points on our service provider's PRIMARY path network.  The secondary path Cisco 2950 also has 13 connections that go into a patch panel, and then go out to the same points, but on our service provider's SECONDARY path network.  Both paths are identical in architecture and set-up.

Here's the issue:

We have been discussing different methods of establishing fail-over resiliency between these 13 different connection points, and it seems like HSRP would be best implemented given what we have to work with here.  Now, our service provider told me that I will need to give him a Primary IP, Secondary IP and a Virtual IP address for each of the 13 connections, and they will all need to be on seperate networks.

So for example:

Connection 1 of 13:

Service Provider's Primary Router (Location A)  -

------------------   - Virtual IP Address / Gateway

Service Provider's Secondary Router (Location A) -

Connection 2 of 13:

Service Provider's Primary Router (Location B) -

-------------------------- - Virtual IP Address / Gateway

Service Provider's Secondary Router (Location B) -

And so on.....  (Basically the 3rd octet is incrementing, to put each connection point on a separate network).

So if this is the case, then I am trying to understand this:

1.  What I need to do on my local network in terms of configuration. It is my understanding that all I would need to do is assign a Primary IP address on a new trunked-off space on my local network IP Schema (i.e. on the fast ethernet port on my Cisco 871 router, facing my Cisco 2950 switch.  Assign a secondary IP address (i.e. on the fast ethernet port of my secondary Cisco 871 router facing that same Cisco 2950 switch, and set the standby IP address to (for example), which would also be the default gateway for the HSRP configuration, and the address I peer with my service provider on, correct?  Once I provide them the available IP space they requested for each of the 13 connection points, it should theoretically be up to them to configure HSRP on their side and instruct their devices to peer with whatever HSRP schema I've created on my local network, Right?  The rest of the routing should be able to be handled when I build my routing table, correct?

Any help would be most appreciated on this matter.

Hall of Fame Super Silver

Re: Crucial & Involved HSRP Issue

Hello Dean,

I'm afraid your lab setup is too much simplified.

HSRP is a first hop redundancy protocol, and can provide redundancy to end user hosts like PCs.

In your case you would like to emulate a central site, some remote sites and the interconnections between the central site and these remote sites between two different service providers that provide WAN connectivity.

In the real world you need a routing protocol for taking in account this scenario: it can detect failures on remote sites so that communication with that specific remote site can now happen using the secondary paths provided by secondary provider.

So you would need at least other two routers to represent the remote sites and a routing protocol running on the two "WAN clouds" with preference given to the primary path.

you cannot have all the IP subnets representing the remote sites and the central site on two only devices otherwise the risk is that the WAN emulation part is bypassed : if remote sites are connected the packet doesn't need to be sent via the "WAN" clouds.

Hope to help


New Member

Re: Crucial & Involved HSRP Issue


There's actually no central site, unless you would consider my test lab the central site.  And there is only one service provider, but they have 2 completly identical paths - one primary and one failover.

We have a total of 13 connections on each of our Primary and Redundant paths.  The connections that go to the service provider are in identical places, but they are on different paths.

Our plan right now, to test different network parameters, is to take the connections from Location "X" and Location "Y," and plug them into our Network emulation device.  Location "X" and Location "Y" will always be Primary-to-Primary, or Secondary-to-Secondary, depending on what path is active at the time.  So we can test from any-point to any-point that we wish.

However, I agree with your comment on HSRP - So that's why I thought that all I should have to do is configure an HSRP set up on both of my routers, give it a virtual address / gateway / peer address, and then let the service provider handle everything else - which is why I didn't understand why I needed to give them 13 different IP networks.

Hall of Fame Super Silver

Re: Crucial & Involved HSRP Issue

Hello Dean,

you need to understand what kind of service the provider(s) is going to give you:

if for each remote site the provider thinks of you having an IP subnet this means the WAN is a layer3 service.

This is quite common.And it is the scenario I've described in my first post.

If the service is a L2 service, you may have the routers only  in one location where a different vlan id / vlan tag allows to reach a different location and you still have one IP subnet per location. This is useful so that local traffic to each location doesn't need to travel over the "WAN " cloud.

This is also possible.

Once that the type of service is clear you can create a meaningful lab.

Hope to help


New Member

Re: Crucial & Involved HSRP Issue


The service provider is providing bi-directional routing capabilities.

Basically what I am planning to do is configure HSRP on my local network between my 2 routers and a switch. The switch is the demarcation point into the patch panel that ultimately goes out to my service provider, and comes in on the appropriate connections on their routers.

They will then configure HSRP on the appropriate interfaces of their routers (Primary & Secondary) for each site that we have requested connections to, and then provide me with the Virtual IP address.

I am then planning to populate my routing table in such as fashion:


I've actually devised a drawing, and have come up with a few other questions, so I am going to go ahead and make a post about that, if you get a chance to check it out.

Thanks Giuseppe,


CreatePlease login to create content