• RELEVANCY SCORE 4.54

    DB:4.54:Hsrp - Hot Standby Routing Protocol pk





    Consider a situation in which customer 1 is connected to the same Internet Service Provider via two links. For redundancy and load sharing proposal I will use BGP. I would like to know if I can configure the routers with HSRP even I am

    using BGP.

    DB:4.54:Hsrp - Hot Standby Routing Protocol pk


    If the two links are provided on physically separate routers then yes, you can run HSRP between them to provide a backup service. Just make sure you get the ISP to put the appropriate secondary routes in at their end.

    Example:

    If you have 2 routers, each with an E1 to the same ISP, HSRP between them with the Ethenet ports tracking the Serial, this will work fine.

    As an after thought:

    Be aware though that if an E1 port goes down, HSRP will kick in correctly HOWEVER..if an Ethernet port goes down it's a different story. The standby router will not know that the active routers Ethernet port is down and will stay in standby. To get over this a colleague is looking at running IBGP using the private BGP AS range. Can't give you an ETA though as he's busy - sorry.

    HTH

    Ali

  • RELEVANCY SCORE 4.28

    DB:4.28:Vrrp Vs. Hsrp ss





    What are the advantages/reasons to use VRRP (Virtual Router Redundancy Protocol) rather than HSRP (Hot Standby Routing Protocol)? They look pretty much the same feature and performance

    DB:4.28:Vrrp Vs. Hsrp ss


    Also Cisco has now introduced support for VRRP on most platforms in 12.2(13)T:

    http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120st/120st18/st_vrrpx.htm

  • RELEVANCY SCORE 4.27

    DB:4.27:Standby Router fc





    Hi all, when making redudant routers, is using hsrp more used for defaukt gateways, as on a wan link using a routing protocol would achieve the same thing !

    DB:4.27:Standby Router fc


    the nice thing about having the routing protocols do the redundancy is that they also load balance across equal cost paths.

  • RELEVANCY SCORE 4.11

    DB:4.11:Migrating From Statics To Routing Protocol 7s



    Currently use static routes with multiple route statements; will be implementing HSRP with BGP on the gateway - looking for opinions for most pain-free protocol integration to use (ie OSPF vs EIGRP). Presently 80% Cisco routers, primarily 7200 series including some uBR's and the balance in Arris cmts.

    Any predictions?

    DB:4.11:Migrating From Statics To Routing Protocol 7s


    EIGRP is easy to work with, troubleshoot, and extremely efficient...as well as easy to redistribute into BGP. Although, EIGRP is Cisco proprietary so if you have non-Cisco net gear you're wanting to participate in updates you may want to use OSPF as it's standards based and supported by most manufacturers.

    Hope this helps.

  • RELEVANCY SCORE 4.04

    DB:4.04:Vpn Tunnel And Routing. 7m



    I am trying to understand a sentence,

    One of the results of using the same routing protocol process for routing and outside and inside the vpn tunnel is that spoke routers will able to dynamically learn routes to peer networks.

    Q1. What does "the same routing protocol process" exactly means ?

    Q2. for the whole sentence, what is that?

    thanks,

    Han

    DB:4.04:Vpn Tunnel And Routing. 7m


    Han,

    Answer to Q1 will answer Q2.

    You can run multiple instances of RP on a device (except BGP).

    I.e. if you run one process/AS, all routing information is stored within one database.

    The thing about this statment is that you need to be careful not to learn about remote tunnel endpoint via same interface.

    Marcin

  • RELEVANCY SCORE 4.00

    DB:4.00:Gre Tunnels Between Hsrp And Non-Hsrp Sites For Multicast. kf



    I have a design issue where I have a network (Network A) under construction using HSRP at each node with PIM-SM as the network protocol. A new requirement is to add a new interface to this network such that a different network (Network B) can monitor/supervise Network A. Both networks use encryption hardware, with Network A using a bulk or trunk encryptor and Network B uses an IP encryptor. Network B's encryptor can be configured to accept/particpate in PIM-SM exchanges.

    Can GRE tunnels be established between Network A's host router HSRP virtual IP addresses at the multicast sources and Network B's host router actual IP address, allowing A to multi-B and multi-B to A message flow?

    DB:4.00:Gre Tunnels Between Hsrp And Non-Hsrp Sites For Multicast. kf


    Thanks. (Be nice to know what the recommended setup is, though). From what I've been able to determine, I'll need a GRE tunnel+GRE Keepalives to each HSRP actual router in order to failover from the primary HSRP router to the Standby if a casualty occurs. The good point is that I'll always have a path from my primary router to the HSRP-based network. The bad point is that every site on the HSRP-based network will need such doubled-up GRE tunnels.

    Again, thanks for the response. Bill

  • RELEVANCY SCORE 3.87

    DB:3.87:Asr1k And Vpn Ha ds



    Hi,

    Does IOS-XE on the ASR1k have any VPN HA features to share SA state between two co-located boxes, e.g. using the Stateful Synchronisation Protocol (SSP) or Stateful Switchover (SSO) with HSRP on the 7600/ISR platforms, or is stateless switchover with HSRP the only option?

    Cheers,

    Matt

    DB:3.87:Asr1k And Vpn Ha ds


    I believe the SSO redundancy is supported on the ASRs apart from route processor redundancy. Not sure if SSP is supported though.

    http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/High_Availability.html

  • RELEVANCY SCORE 3.85

    DB:3.85:Hsrp ..Vrrp ...Glbp Arghh !!!!!!!!!!! pa



    There seems to be many ways to form a HSRP type relationship between two routers and I am trying to decide the best way .

    Essentially we have two routers on the same lan with 2 x 2mb outwards. ( routing protocol can be anything )

    Hsrp balances but default timers are fairly long 10secs ( I know these can be adjusted )

    Will VRRP be any quicker on a router ?

    Will GLBP be a better option ? as it load balances? is it any quicker in failover ?

    Any advice would be great

    DB:3.85:Hsrp ..Vrrp ...Glbp Arghh !!!!!!!!!!! pa


    The timers should be adjustable on each of those protocols, so one shouldn't have an inherent advantage over any other with respect to failover speed.

    I'd use GLBP if outbound load sharing is desirable, or the venerable HSRP otherwise.

  • RELEVANCY SCORE 3.85

    DB:3.85:Can Not Ping Virtual Ip Of Hsrp In Switch2 Wtih Dynamipsgui 9m



    Router 1 and Switch 1 form HSRP group

    can not ping virtual ip of HSRP in switch2

    can not see virtual mac address with sh ip arp

    https://skydrive.live.com/redir?resid=E0ED7271C68BE47C!212

    another thing i discover only using f0/0 and f0/1 of switch2 to connect others can make

    both reconignize active and standby

    when using f0/0 and f1/0 of switch2, there will be two active, they can not recognize. Why?

    After set all ports in whole topology duplex full and speed 100

    Switch2#sh ip arp

    Protocol Address Age (min) Hardware Addr Type Interface

    Internet 172.16.0.254 0 Incomplete ARPA

    Internet 172.16.0.4 - cc00.0d94.0000 ARPA Vlan1

    Switch2#sh ip arp

    Protocol Address Age (min) Hardware Addr Type Interface

    Internet 172.16.0.4 - cc00.0d94.0000 ARPA Vlan1

    Switch2#sh ip arp

    Protocol Address Age (min) Hardware Addr Type Interface

    Internet 172.16.0.4 - cc00.0d94.0000 ARPA Vlan1

    it has appear but then disappear

    router1

    f0/0

    |

    f0/0

    switch2 f0/1 -- f0/0 switch1

    config t

    hostname Router1

    int f0/0

    ip address 172.16.0.2 255.255.0.0

    no shutdown

    end

    config t

    int f0/0

    speed 100

    duplex full

    end

    config t

    hostname Switch1

    int f0/0

    no switchport

    ip address 172.16.0.3 255.255.0.0

    no shutdown

    end

    config t

    int f0/0

    standby 1 ip 172.16.0.254

    standby 1 priority 200

    standby 1 preempt

    end

    config t

    ip routing

    int f0/0

    standby 1 ip 172.16.0.254

    end

    config t

    hostname Switch2

    vlan 1

    ip address 172.16.0.4 255.255.0.0

    no shutdown

    end

    ping 172.16.0.254

    ...

    sh ip arp

    do not have entry of HSRP virtual mac address

    DB:3.85:Can Not Ping Virtual Ip Of Hsrp In Switch2 Wtih Dynamipsgui 9m


    i use my older script this time success

    the difference is just

    ip routing

    int f0/0

    no switchport

    should type ip routing first and then no switchport

    above script is no switchport first and then ip routing

  • RELEVANCY SCORE 3.76

    DB:3.76:Failover With Hsrp And Bgp Or Any Other Routing Protocol ? jm



    hi,

    we have a site with to connections in with 2 router for failover. We would like to do a more automatic failover when one of the routers fails.

    This is what I have come up with so far...

    http://home.netpower.no/paal/hsrp/hsrp-bgp.jpg

    HSRP on the LAN, but I'm not sure if BGP is the right thing to use on the WAN(ATM) to our HQ Main Router.

    I find BGP a bit complex to configure, but it's doable.

    OSPF is easy to set up in VRF's, but how is BGP to configure in VRFs ?

    any suggestions or tips ?

    DB:3.76:Failover With Hsrp And Bgp Or Any Other Routing Protocol ? jm


    Hello Paal,

    OSPF is easy to set up in VRF's, but how is BGP to configure in VRFs ?

    It's even easier:

    just create the address-family ipv4 vrf VRF_NOC

    router bgp xxx

    adress-family ipv4 vrf VRF_NOC

    neigh y.y.y.y remote-as YYY

    neigh y.y.y.y activate

    red con

    red static

    no sync

    no auto-sum

    Hope to help

    Giuseppe

  • RELEVANCY SCORE 3.71

    DB:3.71:Nat Issues Are Independent Of Ip Routing Protocols px


    Core Issue
    Troubleshoot Network Address Translation (NAT) issues without including any IP routing protocol information. This is also true for Policy-Based Routing (PBR) and Hot Standby Router Protocol (HSRP) issues.

    Resolution
    NAT allows a single device, such as a router, to act as an agent between the Internet (or public network) and a local (or private) network.

    NAT issues are independent of IP routing protocol and do not need any information on routing protocol to troubleshoot them. To help this tool identify and troubleshoot NAT issues correctly, do not select any IP routing protocol (such as Open Shortest Path First Protocol (OSPF), Border Gateway Protocol (BGP), or Enhanced Interior Gateway Routing Protocol (EIGRP)).

    DB:3.71:Nat Issues Are Independent Of Ip Routing Protocols px

    Core Issue
    Troubleshoot Network Address Translation (NAT) issues without including any IP routing protocol information. This is also true for Policy-Based Routing (PBR) and Hot Standby Router Protocol (HSRP) issues.

    Resolution
    NAT allows a single device, such as a router, to act as an agent between the Internet (or public network) and a local (or private) network.

    NAT issues are independent of IP routing protocol and do not need any information on routing protocol to troubleshoot them. To help this tool identify and troubleshoot NAT issues correctly, do not select any IP routing protocol (such as Open Shortest Path First Protocol (OSPF), Border Gateway Protocol (BGP), or Enhanced Interior Gateway Routing Protocol (EIGRP)).

  • RELEVANCY SCORE 3.69

    DB:3.69:Layer 3 Campus Solution 1z



    My organization is planning to deploy campus IP routing end to end, all the way to the Edge Switches, using Catalyst 3550 EMI series switches. Is it possible for us to activate dispersed VLANS using VTP across active IP routing interfaces?

    If so, can we still maintain layer 3 instant failover(perhaps using HSRP) without the conventional Spanning Tree Protocol Fail-Over.

    DB:3.69:Layer 3 Campus Solution 1z


    Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you, or there is no public information available at this time. If you don't get a suitable response to your post, you may wish to review our resources online at http://www.cisco.com/go/solutions. You may also contact our product information line at 1-800-553-NETS or a Cisco Systems Engineer at your local Cisco office or reseller. To locate your local Cisco representative, visit http://www.cisco.com/warp/public/687/Directory.shtml

    If anyone else in the forum has some advice, please reply to this thread.

    Thank you for posting.

  • RELEVANCY SCORE 3.66

    DB:3.66:Hsrp Failover Times 81



    Hi all,

    I have been testing an HSRP setup using HSRP v1 and have been wondering

    why it takes so long to switch back to the original active router after it has recovered from a

    failure.

    The timings I have when using the defaults, is a loss of packet forwarding for 28secs

    when moving to the Standby router, even though the routing protocol has converged

    and when the original active router is restored, packet forwarding is loss for 50secs.

    I've include a topology map and the standby debug.

    Packet forwarding doesn't happen until the Active router is found why ?

    ideas and views welcome.

    TIA

    DB:3.66:Hsrp Failover Times 81


    In the end I upgraded from c3550-ipservicesk9-mz.122.46.SE to 122.55

    and it all started to work, I include m debug standby outputs and some packet captures

    for reference, use notepad to open, UTF-8 encoded.

    thanks

  • RELEVANCY SCORE 3.63

    DB:3.63:Tunnel Keepalives Not Working After Upgrading 2821 To From 12.4 To 15.0 19



    I have a pair of older 2821 routers doing site to site VPN termination.  They use HSRP on the external interface, with "tunnel source" mapping to the respective HSRP addresses.

    Running 12.4(25)g, a tunnel with the source of an inactive HSRP address would show as "line up, line protocol down".  If the router went HSRP active, then the tunnel would change to "line up, line protocol up"

    After upgrading to 15.0(1)M10, the tunnels always show up/up regardless of HSRP state.  I'm using OSPF to do the routing so OSPF will only come up if the HSRP state and tunnel source match, but this is really weird behavior to me.  In a different data center I have a pair of 2921s with similar configuration, and they are correctly marking tunnels up/down if not HSRP active

     

    Any ideas on this one?

    DB:3.63:Tunnel Keepalives Not Working After Upgrading 2821 To From 12.4 To 15.0 19


    Here's a sample of the configuration, since I'm sure I'll be asked:

    Router 1 (HSRP active for 198.18.0.100)

    interface GigabitEthernet0/0
    ip address 198.18.0.111 255.255.255.0
    duplex auto
    speed auto
    standby delay minimum 90
    standby 1 ip 198.18.0.100
    standby 1 priority 255
    standby 1 preempt
    standby 2 ip 198.18.0.200
    standby 2 priority 254
    !
    interface Tunnel100
    description Main Tunnel via 100Mb
    bandwidth 100000
    ip address 192.168.255.1 255.255.255.252
    ip ospf network point-to-point
    ip ospf mtu-ignore
    load-interval 30
    keepalive 10 3
    tunnel source 198.18.0.100
    tunnel mode ipsec ipv4
    tunnel destination 1.2.3.4
    tunnel protection ipsec profile COMPAT
    !
    interface Tunnel200
    description Backup Tunnel via DSL
    bandwidth 6000
    ip address 192.168.255.5 255.255.255.252
    ip ospf network point-to-point
    ip ospf mtu-ignore
    load-interval 30
    keepalive 10 3
    tunnel source 198.18.0.200
    tunnel mode ipsec ipv4
    tunnel destination 5.6.7.8
    tunnel protection ipsec profile COMPAT
    !

    Router 2 (HSRP active for 198.18.0.200)

    interface GigabitEthernet0/0
    ip address 198.18.0.222 255.255.255.0
    duplex auto
    speed auto
    standby delay minimum 90
    standby 1 ip 198.18.0.100
    standby 1 priority 254
    standby 2 ip 198.18.0.200
    standby 2 priority 255
    standby 2 preempt
    !
    interface Tunnel100
    description Main Tunnel via 100Mb
    bandwidth 100000
    ip address 192.168.255.1 255.255.255.252
    ip ospf network point-to-point
    ip ospf mtu-ignore
    load-interval 30
    keepalive 10 3
    tunnel source 198.18.0.100
    tunnel mode ipsec ipv4
    tunnel destination 1.2.3.4
    tunnel protection ipsec profile COMPAT
    !
    interface Tunnel200
    description Backup Tunnel via DSL
    bandwidth 6000
    ip address 192.168.255.5 255.255.255.252
    ip ospf network point-to-point
    ip ospf mtu-ignore
    load-interval 30
    keepalive 10 3
    tunnel source 198.18.0.200
    tunnel mode ipsec ipv4
    tunnel destination 5.6.7.8
    tunnel protection ipsec profile COMPAT
    !

  • RELEVANCY SCORE 3.62

    DB:3.62:Hsrp Or Load Balancing fs



    Hi,

    I have two 1760 router that are connected to the same destination network using two frame-relay T1s. I would like to combine them into only one router and keep my two connections.

    Because of that, I would have duplicated entries on my routing table to the destination network. I want to create some type of redundancy such as HSRP or Load balancing but I am not very familiar regarding their differences.

    Can anybody suggest which one should apply? and Why?

    Thanks.

    DB:3.62:Hsrp Or Load Balancing fs


    Hi Rick,

    The main reason of my implementation is because we are running VoIP. Since voice is very sensitive, would EIGRP do the work? Is GLBP that complicated?

    Thanks.

  • RELEVANCY SCORE 3.61

    DB:3.61:Hsrp Vs Routing a1



    Yesterday I briefly scanned a web page (not sure if it was CCO) giving a scenario with HSRP running on both sides of a pair of WAN links. The basic idea was that in some cases a routing protocol provides better failover than HSRP.

    My problem: I cannot find the page today (yes, I checked my browser history) although I've spent considerable time googling for it. Does anyone have the URL?

    Thanks.

    DB:3.61:Hsrp Vs Routing a1


    Yesterday I briefly scanned a web page (not sure if it was CCO) giving a scenario with HSRP running on both sides of a pair of WAN links. The basic idea was that in some cases a routing protocol provides better failover than HSRP.

    My problem: I cannot find the page today (yes, I checked my browser history) although I've spent considerable time googling for it. Does anyone have the URL?

    Thanks.

  • RELEVANCY SCORE 3.59

    DB:3.59:Hsrp a3



    what a virtual DG ip?, and what assign this ip HSRP protocol or active router .

  • RELEVANCY SCORE 3.57

    DB:3.57:Hsrp Interface Tracking 13



    Hi Sir,

    I'm configuring HSRP interface tracking feature. I use the track object method, as follows:

    !

    track 1 interface s0/0/0 line-protocol

    !

    interface FastEthernet0/0

    standby 1 track 1 decrement 20

    !

    What's the difference if I configure the track object using the "ip routing" keywords instead, as follows:

    !

    track 1 interface s0/0/0 ip routing

    !

    In both cases, if interface s0/0/0 is down, it will trigger HSRP to reduce the priority by 20.

    My understanding is, if only tracking of line protocol is required, we can configure the following method:

    !

    int fa 0/0

    standby 1 track s0/0/0 20

    !

    Please advise.

    Thank you.

    B.Rgds,

    Lim TS

    DB:3.57:Hsrp Interface Tracking 13


    Hi Narayan,

    Thanks for the info. I know the command "track ip route".

    However, my original question is about the difference between the following two commands:

    track 1 interface line-protocol

    track 1 interface ip routing

    Thank you.

    B.Rgds,

    Lim TS

  • RELEVANCY SCORE 3.54

    DB:3.54:Hsrp, Vrrp, Or Glbp kk



    Currently I run 2 routers(7206) and a core switch(6509 acting as a vlan router/switch), BGP to two different providers and EIGRP internally. The 2 routers run HSRP and the switch points to a HSRP as the gateway.

    Currently R1 is the primary router all traffic goes out 1 router. The other router was for backup in case the pri link went down. We are soon going to have to equal providers and I want to balance the traffic over both of them with BGP.

    Is my thinking wrong that I would be better off using GLBP between the routers to accomplish this over HSRP?

    I currently do not redistribute BGP to EIGRP but I have recently upgraded my 6509 with sup 720's so I know it could handle it. I am just not sure whether or not to use a high availability protocol or just let the routing protocols handle the switch over. In my mind GLBP would provide better uptime in case one or the other links goes down. But thats why I am asking as I could be very wrong.

    Any help would be greatly appreciated.

    DB:3.54:Hsrp, Vrrp, Or Glbp kk


    Thats what I was starting to think I just wanted to get another

    Thxs

  • RELEVANCY SCORE 3.53

    DB:3.53:How To Create Layer 3 Link Between 6500/Msfc2 (Cat Os ) And 6500/720 (Ios) 8f



    Can some one please help me or clear my confusion for creating layer 3 link between hybrid 6500 (L2/L3) and IOS 6500 (sup 720) so that I can run Eigrp routing protocol and do not have to deal with STP and HSRP.

    Thanks,

    Neeraj

    DB:3.53:How To Create Layer 3 Link Between 6500/Msfc2 (Cat Os ) And 6500/720 (Ios) 8f


    On an IOS ( Native ) switch , you can simply create an L3 port.

    interface

    ip address x.y.z.w

    On CatOS , just pick a random unused vlan , say 999 , just for the EIGRP peering purpose.

    Here are the steps you will have to follow.

    1. Create that vlan -- set vlan 99

    2. Put a L2 port that connects to the IOS switch in that vlan. set vlan 999 m/p

    Make sure that is the only port in the switch that carries that vlan.

    3. Go to the MSFC and create SVI 999.

    int vlan 999

    ip address

    Now you are ready to peer this vlan 999 with the L3 port on an IOS switch over EIGRP.

    thanks

    Salman.

  • RELEVANCY SCORE 3.53

    DB:3.53:Hsrp Tracking xz


    HSRP Tracking

    Tracking is only for HSRP to detect some changes in the routing table. HSRP is not a real routing protocol it just provides a default gateway at Layer 2 and Layer 3.

    Interface tracking allows you to specify another interface on the router for the HSRP process to monitor in order to alter the HSRP priority for a given group.

    If the specified interface's line protocol goes down, the HSRP priority of this router is reduced, allowing another HSRP router with higher priority can become active (if it has preemption enabled).

    To configure HSRP interface tracking, use the command:

    standby [group] track interface [priority]

    Eg: Router(config-if)# standby 1 track serial 0/0 25

    HSRP will track the availability of interface serial 0/0. If serial 0/0 goes down, the priority of the router in group 1 will be decremented by 25.

    The track argument does not assign a new priority if the tracked interface goes down. The track argument assigns a value that the priority will be decreased if the tracked interface goes down.

    Therefore, if you are tracking serial 0/0 with a track value of 25—standby 1 track serial 0/0 25—and serial 0/0 goes down, the priority will be decreased by 25; assuming a default priority of 100, the new priority will now be 75.

    The default value of the track argument is 10.

    Tracking allows syncing the HSRP priority to the good state of one or more uplinks. So combining tracking and preemption HSRP Active role can be taken by the router with the best current connectivity to the core providing better performance.

    In modern IOS we can track more than simple interface state. Interface tracking enables HSRP process to monitor additional interfaces, the status of which will dynamically change the HSRP priority (Active/Standby).

    Imagine the following scenario:

    If you have two serial links to two different ISPs(assume primary/backup Internet connections) connected via two different routers, it would be interesting to have the serial interface connecting to your primary ISP tracked in order to minimize service interruption to your local users. If this serial interface goes down, your backup router can take over the gateway functionality to your local network, while maintaining the connectivity to the secondary ISP (backup). Users would still be able to access Internet via the backup router (through Secondary ISP) thanks to the interface tracking functionality in HSRP.

    You can consider interface tracking as part of the 'Normal' HSRP.

    Please refer Interface Tracking of Hot Standby Router Protocol Features and Functionality. Also refer the link Interface Tracking.

    It is possible to track more than one thing at a time within the same HSRP group. We can do interface tracking as well as IP SLA tracking within one HSRP group. Each tracked object will produce a priority decrement if it fails. This helps in scenarios where you want the active router to change role only when multiple events happen or if you want to track multiple aspects.

    The purpose of tracking an interface is so that you can decrease the priority of an interface running HSRP if some other interface goes down. If the interface running HSRP goes down you do not want to decrease its priority you want the other standby interface to take completely over.

    DB:3.53:Hsrp Tracking xz

    HSRP Tracking

    Tracking is only for HSRP to detect some changes in the routing table. HSRP is not a real routing protocol it just provides a default gateway at Layer 2 and Layer 3.

    Interface tracking allows you to specify another interface on the router for the HSRP process to monitor in order to alter the HSRP priority for a given group.

    If the specified interface's line protocol goes down, the HSRP priority of this router is reduced, allowing another HSRP router with higher priority can become active (if it has preemption enabled).

    To configure HSRP interface tracking, use the command:

    standby [group] track interface [priority]

    Eg: Router(config-if)# standby 1 track serial 0/0 25

    HSRP will track the availability of interface serial 0/0. If serial 0/0 goes down, the priority of the router in group 1 will be decremented by 25.

    The track argument does not assign a new priority if the tracked interface goes down. The track argument assigns a value that the priority will be decreased if the tracked interface goes down.

    Therefore, if you are tracking serial 0/0 with a track value of 25—standby 1 track serial 0/0 25—and serial 0/0 goes down, the priority will be decreased by 25; assuming a default priority of 100, the new priority will now be 75.

    The default value of the track argument is 10.

    Tracking allows syncing the HSRP priority to the good state of one or more uplinks. So combining tracking and preemption HSRP Active role can be taken by the router with the best current connectivity to the core providing better performance.

    In modern IOS we can track more than simple interface state. Interface tracking enables HSRP process to monitor additional interfaces, the status of which will dynamically change the HSRP priority (Active/Standby).

    Imagine the following scenario:

    If you have two serial links to two different ISPs(assume primary/backup Internet connections) connected via two different routers, it would be interesting to have the serial interface connecting to your primary ISP tracked in order to minimize service interruption to your local users. If this serial interface goes down, your backup router can take over the gateway functionality to your local network, while maintaining the connectivity to the secondary ISP (backup). Users would still be able to access Internet via the backup router (through Secondary ISP) thanks to the interface tracking functionality in HSRP.

    You can consider interface tracking as part of the 'Normal' HSRP.

    Please refer Interface Tracking of Hot Standby Router Protocol Features and Functionality. Also refer the link Interface Tracking.

    It is possible to track more than one thing at a time within the same HSRP group. We can do interface tracking as well as IP SLA tracking within one HSRP group. Each tracked object will produce a priority decrement if it fails. This helps in scenarios where you want the active router to change role only when multiple events happen or if you want to track multiple aspects.

    The purpose of tracking an interface is so that you can decrease the priority of an interface running HSRP if some other interface goes down. If the interface running HSRP goes down you do not want to decrease its priority you want the other standby interface to take completely over.

  • RELEVANCY SCORE 3.52

    DB:3.52:Data Center Network Design Considerations - Static Route j8



    data center network should be simple.

    I think you agree with this.

    so i think data center netowrk should use staic route first, and i think static route is enough for data center network.

    staic route with hsrp and firewall(failover) can get high availablity.

    i always persuade my customer use staic route, not dynamic routing protocol.

    i think staic route is more simple and ease use than dynamic routing protocol.

    data center network should be steady, simple netowkr is more steady, ease maintenance.

    so i think data center network should use staic route first.

    and the second question:

    do you want data center firewall running dynamic routing protocol like ospf?

    i think data center firewall must use staic route. because data center firewall running dynamic routing protocol is not steady, i think more software bug or other question exist if firewall running dynamic routing protocol.

    do you think so?

    so my data center network desigh opinion is:

    data center network should use staic route.

    static w/ hsrp and firewall failover can get high availability.

    data center firewall should use staic route, not dynamic routing protocol.

    firewall runing dynamic routing protocol is not a good idea.

    is there any data center network desigh guideline or principle (especially routing protocol choice, firewall running mode)?

    how about your opinion?

    thank you.

    DB:3.52:Data Center Network Design Considerations - Static Route j8


    If you read the SRND and look at your requirements, you should be running layer 3 anywhere possible, with an IGP.

  • RELEVANCY SCORE 3.52

    DB:3.52:Hsrp Tracking Ipsec Session Status kx



    Hi All,

    I have a requirement where HSRP is running on the LAN side and IPSEC VPN is established with the remote site CPE. HSRP is trakcing the WAN interface status. How can I track the IPSEC VPN status also for HSRP failover.

    I can see there are many documents in Internet showing how to track HSRP and IPSEC running on the same Interface.But in this case HSRP is on the LAN and IPSEC is established on from the WAN interface.

    Diagram showing only one CPE in each site just for simplicity).IPSEC is estalished fomr CPE to CPE for encrypting the VPN traffic.There is no routing protocol running over IPSEC peers.

    LAN----------------CPE------------------------PE------------------------PE--------------CPE-----------------LAN

            -HSRP-          -BGP-               -MPLS-            -BGP-        -HSRP-

                                  ---------------------------------IPSEC--------------------------

    Please help !!

    Cheers,

    A

    DB:3.52:Hsrp Tracking Ipsec Session Status kx


    Yes, i am going to do that only now. Object tracking with HSRP.

    Thanks,

    Anil.

  • RELEVANCY SCORE 3.51

    DB:3.51:Hsrp Vs. Ospf Or Eigrp 8z



    Hello,

    We are trying to achieve load balancing and redundancy from a VLAN on a 4000 switch with redundant links going to 2 different 6500 switches. I understand how to accomplish redundancy and loadsharing with HSRP, but I am wondering if there is a better way using either OSPF or EIGRP. Any idea if this is doable and if so a reference of how to use these routing protocols between vlans.

    Thanks,

    Paula

    DB:3.51:Hsrp Vs. Ospf Or Eigrp 8z


    Sure, I would like to load share by vlan though. Each 4000 has a single vlan on it. I would like to put half the vlans to 6509 and half to the 6506. Do I have to configure a separate hsrp group under each vlan?

    Thanks.

  • RELEVANCY SCORE 3.50

    DB:3.50:Hsrp And Routing Protocol ja



    Hi all, can someone tell me if I have 2 routers, both have connections on the back to different buildings and are in use, but we are using hsrp locally to the virtual address of the router. we have bgp providing routing between all tghe sites, if the traffic first hits the active router, will it automatically get routed to the other router for that paticular destination, so in effect its an extra hop ?

    DB:3.50:Hsrp And Routing Protocol ja


    Yes it would work if the BGP has been setup properly (in terms of IBGP EBGP peering)

    you are right that it would be an extra hop if the active router sends the traffic to the standby router

    Narayan

  • RELEVANCY SCORE 3.50

    DB:3.50:On Hsrp f8



    Can I use HSRP with a routing protocol RIPv2 not OSPF.

    All sample configurations use OSPF.

    And why is 'passive-interface [interface port number]' necessary?

     

    DB:3.50:On Hsrp f8


    Can I use HSRP with a routing protocol RIPv2 not OSPF.

    All sample configurations use OSPF.

    And why is 'passive-interface [interface port number]' necessary?

     

  • RELEVANCY SCORE 3.50

    DB:3.50:6509 Hsrp Active / Standby Routing Failure. 1s



    I have two 6509's using WS-SUP720-BASE (supervisor engine).

    The ROOT bridge for all our vlans are split across the two switches.

    Vlans are load balanced over the two switches and each vlan is

    monitored through HSRP. For example: -

    6509-1 6509-2

    vlan 100 priority 8192 vlan 100 priority16384

    vlan 200 priority 16385 vlan 200 priority 8192

    vlan 100 vlan 100

    HSRP active HSRP standby

    vlan 200 vlan 200

    HSRP standby HSRP active

    If any vlan on 6509-2 is up and in an active state then the HSRP virtual ip and vlan addresses stop

    responding to requests from other networks. To get around the problem I have had to change the HSRP

    priority of all vlans on 6509-1 to make them all active.

    Any ideas whats going on?

    Thanks in advance.

    DB:3.50:6509 Hsrp Active / Standby Routing Failure. 1s


    Paul

    I am not sure that I understand your description of the problem. When you say that it stops responding to requests from other networks, are you saying that devices on the VLAN of 6509-2 can not get out, or are you saying that devices from other networks can not get in?

    In general it sounds to me more like a problem with routing on 6509-2 than a real issue with HSRP. Perhaps if you post the actual config from both switches for VLANs 100 and 200 and whatever routing information, then we might see something.

    HTH

    Rick

  • RELEVANCY SCORE 3.49

    DB:3.49:Redundancy (Hsrp) And Routing Protocols sd



    Hi,

    RIP in conjunction with HSRP doesn't use the virtual address. It always uses the physical address.If we have two routers running HSRP and facing a single link for

    receiving updates , what's the best way to fit HSRP in this scenario (Assuming we want to have a single router acting for routing updates at a time)

    **** I've injected higher metric to standby router but still standby is in charge of routing (the only difference is standby has higher address than the master)

    Is there anyway to fix this?

    Thx.

    DB:3.49:Redundancy (Hsrp) And Routing Protocols sd


    Thx Jon Rick,

    I removed the HSRP on WAN side and only playing with metric to have an active rotuer at a time.

    HSRP gone to internal (LAN side)

    Thx Again guys

  • RELEVANCY SCORE 3.49

    DB:3.49:Can Hsrp Be Configured On A Bvi d3



    I have two routers both with a FastEthernet interface and a serial interface. The serial interfaces connect to an ISP. I also have two hubs and router 1 connects to hub1 while router 2 connects to hub 2. I run HSRP between the two routers and track the serial interfaces to provide failover for the internet connection. I do not run a routing protocol to my ISP and hence if hub1 fails, while HSRP will make router2 the active router my ISP will still route all traffic to router1. To provide redundancy I was thinking of connecting router1 to hub2 via an ethernet interface and using IRB to create a BVI for router1. Both the Fastethernet and ethernet interfaces would be in the BVI providing redundancy at layer2.

    To this end I have two questions/concerns.

    1) Do Cisco 1538M hubs run spanning tree. i.e. if hub1 and hub2 are connected with a cross over cable and router1 is connected to both will spanning tree look after the loop in this design.

    2) Can HSRP be configured on this BVI. According to the documentation I can find it says it was added in IOS 12.0(6) but I am running 12.0(18) and the command "standby" is not availble while in the bvi interface but is available in the ethernet interface mode.

    DB:3.49:Can Hsrp Be Configured On A Bvi d3


    It looks like the 1538 does not support

    Spanning tree.

    HSRP support for BVI interfaces was

    added in 12.0(7)T; you should try a

    12.1 mainline version.

  • RELEVANCY SCORE 3.47

    DB:3.47:Bridge And Routing With Hsrp 1j



    I have a Problem with Two 6009 Switches and Two MSM

    with HSRP. I must Routing and Bridge on the MSM.

    The Bridge is for SNA Gateways and the Trouble is

    the second MSM become on a not defind time no answer from the Primary MSM and goes Up

    I have at this Time Two Primary MSM and this Destory the Spanntree. The Protocol on the MSM is DEC and the IOS is 12.0(1a)WX5(6g).

    Thanks for Help by my Problem

    PS Sorry for My horrible English

    DB:3.47:Bridge And Routing With Hsrp 1j


    Often times complex troubleshooting issues are best addressed in an interactive trouble-shooting session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

    To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

    If anyone else in the forum has some advice, please reply to this thread.

    Thank you for posting.

  • RELEVANCY SCORE 3.46

    DB:3.46:Hsrp Standby Router Functions 7f



    If I configure a routing protocol on HSRP members, does the standby router advertises routes on standby interface? If not is it possible to force the standby router to advertise the route?

    DB:3.46:Hsrp Standby Router Functions 7f


    Hi

    As Amit says yes it does. HSRP is primarily used for end devices that do not participate in routing.

    As far as routes that are exchanhed between routers are concerned the next hop is always the physical interface ie. routers don't use the HSRP address as the next hop when exchanging routes.

    HTH

    Jon

  • RELEVANCY SCORE 3.45

    DB:3.45:Hsrp With Eigrp sf



    Hello, I am running hsrp on a network work that uses EIGRP as it's protocol. The problem we are having is when the line protocol goes down and the line stays up (i.e. up/down state) HSRP doesn't failover because it sees the line still up. Can HSRP be configured to look for eigrp routing updates to determine when to failover?

    Thanks for any input or suggestions.

    Harold Hall

    DB:3.45:Hsrp With Eigrp sf


    Harold,

    HSRP Object Tracking is designed to address the problem you are running into.

    Have a look at this link.

    http://cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00801541be.html#wp1146585

    Rick,

    I just noticed you responded to this post as well. I agree it's a little unclear what's the exact nature of the problem but I am assuming Harold might be doing HSRP tracking of WAN interface and if that indeed is the case then HSRP object tracking would help. More details would definitely help us provide an accurate solution.

    HTH

    Sundar

  • RELEVANCY SCORE 3.45

    DB:3.45:Bandwidth Command On Serial Interface sa



    Hi all,

    The router at my cleint location using EIGRP routing protocol is having T1 link, but bandwidth(S0) is configured as 1544000. They will be getting soon T3 between the same locations and may want to use the existing T1 link as Backup and with HSRP between both the outers(T3T1- with T3 router High priority). Now what is going to happen to EIGRP with the bandwidth command in place?

    Thanks a mil.

    Mehboob

    DB:3.45:Bandwidth Command On Serial Interface sa


    Okay--that should do the trick.... I don't know how to remove questions from netpro--it's something I've asked before, and I think the answer is generally that you can't.

    :-)

    Russ.W

  • RELEVANCY SCORE 3.44

    DB:3.44:Routing Failover Issue 9f



    My HUB location have the two router and Two WAN link,one on each.spoc location also have the same thing.

    1.In HUB location for LAN we are using a HSRP and at spoc location also we are using HSRP for LAN.

    2.for primary router i am using a BGP protocol and static for secondary.

    my doubt is how do the failover between two hsrp will work.

    when the primary link goes down,standby will become the active at HUB side,but at spoc location there is no change in router state.so the traffic from the HUB active router to spoc standby router will follow and it is not reach to spoc end.

    kindly help me for this....

    DB:3.44:Routing Failover Issue 9f


    Hi

    The possible solution would be to enable tracking on the ip address reachability of remote site which is learned through BGP. so once primary link goes down on either side other side will not be able to reach the peer end IP address and will trigger the HSRP failover by decrementing the priority.

    Below are the command reference:

    (Conf)# track 1 ip route 15.0.0.0 255.255.255.0 reachability

    (Conf-if) standby 1 track 1 decrement 60

    Hope this will resolve your problem. Please feel free to contact in case you need any further assistance.

    Thanks Regards

    Sandeep

  • RELEVANCY SCORE 3.39

    DB:3.39:Pix Hsrp Gateway Failover Not Working 7d



    Hello Netpros,

    Turned up a new colo service last week using some PIX 515E firewalls and two Cat 2950 series switches. I have attached a diagram of the layout which I have used elsewhere with good success. Basically I have two switches connected together via port channel (2 ports). The colo facility gives me two HSRP enabled links, of which I plug one into switch A and the other in switch B. The PIxes are a failover pair with the primary plugged into the same switch A as the primary HSRP link.The backup PIX is plugged into the backup switch where the backup HSRP link is. When I unplug the primary HSRP link the PIX can ping the HSRP gateway still, but nothing beyond that. Nothing gets it to work until I plug the link back in.

    The only thing I could see that might cause an issue is the 'ip verify reverse-path' command on the PIXes. But even the switches cannot ping out beyond the HSRP gateway. Just seems like all inbound routing stops. I am not sure what the colo facility has going on their side but it seems like they are using just some Cisco 6509s and doing HSRP between them. Seems pretty simple but so far this is proving un-usable as is.

    The PIX BTW just uses a default route to the HSRP gateway. Any help here would be appreciated. Thanks in advance.

    DB:3.39:Pix Hsrp Gateway Failover Not Working 7d


    Hi Bob.. thanks for the update and I can understand how hard it will be without knowing other end config /having access.Glad everything worked out well. I stressed on ISP end as your design is most commonly used design. Please mark the posting as resolved, so others can check on this.

    Thanks

    MS

  • RELEVANCY SCORE 3.39

    DB:3.39:Asymmetric Routing And Hsrp fm



    Question:

    I am wondering if the asymmetric routing and HSRP issue demonstrated in the following link as Case Study #8 will apply to any multilayer switches environment with same topology and same config as case 8? Such as if the two switches are 4506E..

    http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/10583-62.html#t8

    thank you in advance,

  • RELEVANCY SCORE 3.36

    DB:3.36:Hsrp Question xs



    I have 2 routers running HSRP that are facing 2 other router's that are not. Can their be any problems with traffic going out from the active HSRP router and the return traffic going through the standby traffic. Is their any TCP issus about traffic going and coming back from 2 different routers.

    There is no routing protocol. Only static routes.

    Thank's

    DB:3.36:Hsrp Question xs


    Should not be a problem unless you have 2 different speed interfaces such as the outgoing is 100 meg and the path back is using a 10 meg path which could lead to increased repsonse times .

  • RELEVANCY SCORE 3.36

    DB:3.36:Hsrp Tracking Using Rtr ck



    With the following configuration the HSRP state changing is triggered using a track object related to RTR.

    The RTR probe is the ICMP ping, with the destination interface on the point-to-point WAN link.

    !

    interface FastEthernet0/0

    stand 100 track 123 decrement 10

    !

    (...)

    !

    track 123 rtr 1 reachability

    !

    rtr 1

    type echo protocol ipIcmpEcho 172.16.23.7

    timeout 1000

    frequency 3

    threshold 2

    rtr schedule 1 life forever start-time now

    Is it possible to configure RTR in a way that HSRP state changes only after a CONFIGURABLE number of failed ICMP pings

    and not if a single ICMP ping fails?

    DB:3.36:Hsrp Tracking Using Rtr ck


    Say the first ping failed and the 2nd succeded, then the next time the ping fails the counter for failures will begin from 1 again. It will ie wait for 10 continuous ping timeouts

    HTH

  • RELEVANCY SCORE 3.35

    DB:3.35:Hsrp And Rfc 2281 ca



    Hi everybody

    My book says hsrp is cisco's proprietary protocol . The book also says rfc 2281 describes this protocol in detail.

    My question is  how it could be possible for hsrp to be cisco's proprietary protocol but yet  still be defined by ietf rfc?

    thanks and have a great weekend

    DB:3.35:Hsrp And Rfc 2281 ca


    Hello Sarah,

    it looks like strange, however the RFC has been produced in the process to introduce VRRP as a reference

    see

    http://www.ietf.org/rfc/rfc2281.txt

    This document reflects an existing deployed protocol.  The IETF does
       have a working group which is in the process of producing a standards
       track protocol to address the same issues.

    = VRRP

    And the authors are two people from Cisco and two  people from Juniper

    Hope to help

    Giuseppe

  • RELEVANCY SCORE 3.34

    DB:3.34:Cgr 1120 And Hsrp 9z



    Hi all,

    I've been searching for information regarding the CGR 1120 Router and haven't been able to determine if the router supports HSRP.

    Is it possible to find out if this router supports the Hot Standby Routing Protocol?

    Thanks

    DB:3.34:Cgr 1120 And Hsrp 9z


    Hi all,

    I've been searching for information regarding the CGR 1120 Router and haven't been able to determine if the router supports HSRP.

    Is it possible to find out if this router supports the Hot Standby Routing Protocol?

    Thanks

  • RELEVANCY SCORE 3.32

    DB:3.32:Vrrp Ip Protocol af



    Hi All,

    Eventhough HSRP, VRRP and GLBP are redundant protocols, only HSRP and GLBP have port number, but not VRRP. Why?

    DB:3.32:Vrrp Ip Protocol af


    I think because VRRP is a IETF standards, just the guys who designed this protocol - As Alain mentioned HSRP and GLBP are proprietary.

    Im not sure if this is the answer to your question - but the RFC link is below.

    RFC5798 states:

      VRRP
       Master routers are configured with virtual IPv4 or IPv6 addresses,
       and VRRP Backup routers infer the address family of the virtual
       addresses being carried based on the transport protocol.  Within a
       VRRP router, the virtual routers in each of the IPv4 and IPv6 address
       families are a domain unto themselves and do not overlap.  The
       election process provides dynamic failover in the forwarding
       responsibility should the Master become unavailable.

    http://tools.ietf.org/html/rfc5798

    Hope this helps

    Please rate useful posts and remember to mark any solved questions as answered. Thank you.

  • RELEVANCY SCORE 3.32

    DB:3.32:High Availabilty Cube d9



    Hi

    I have a pair of CUBE devices (3925 devices running IOS Version 15.1(4)M2) configured licenced for HA mode using HSRP and redundancy.

    I have one interface registering to an ITSP through a firewall, the other interface is SIP trunked to a PBX through another firewall.  This architecture cannot be changed...

    config snippets

    ---------------

    voice service voip

    ip address trusted list

      ipv4 0.0.0.0 0.0.0.0

    ! to do - secure down to trusetd host

    address-hiding

    mode border-element

    allow-connections sip to sip

    ! no H323 in this environment

    redundancy

    fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none

    sip

      bind control source-interface GigabitEthernet0/1

      bind media source-interface GigabitEthernet0/1

      error-passthru

    -----------------

    dial-peer voice 200 voip

    translation-profile outgoing SIP_OB

    preference 1

    destination-pattern .T

    b2bua

    session protocol sipv2

    session target sip-server

    session transport udp

    voice-class sip dtmf-relay force rtp-nte

    voice-class sip profiles 200

    voice-class sip bind control source-interface GigabitEthernet0/1

    voice-class sip bind media source-interface GigabitEthernet0/1

    dtmf-relay rtp-nte

    codec g711alaw

    ----------------------

    dial-peer voice 101 voip

      translation-profile outgoing SIP_Trunk

    destination-pattern 8.T

    b2bua

    rtp payload-type nte 120

    session protocol sipv2

    session target ipv4:x.x.x.x

    session transport tcp

    voice-class sip bind control source-interface GigabitEthernet0/0

    voice-class sip bind media source-interface GigabitEthernet0/0

    dtmf-relay rtp-nte

    codec g711alaw

    fax-relay ecm disable

    fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none

    no vad

    -------

    My issue is with the binding of the HSRP address to the SIP packets;  the way this is currently configured is that the packets routing to the ITSP have an IP source of the "external" interface's (gi0/1) HSRP address - as required by ITSP (and firewall rules).  However, packets routing to the PBX from the "internal" interface (gi0/0) are also sourced from the Gi0/1 HSRP address and consequently are dropped by the internal firewall.

    What I need is the CUBE to source the IP Packets from HSRP address of the interface that they leave on.  Is the only way to achieve this to source nat them? or am I missing something fundamental?

    DB:3.32:High Availabilty Cube d9


    SIP NAT do not play nice: This is kinda the reason for CUBE, after all ;-)

    GTG

  • RELEVANCY SCORE 3.31

    DB:3.31:Lan Routing dz



    Asume we are having 25 network configured in VLAN HSRP is also configured for gateway. And useing 4503 Switch for Routing which is best routing protocol what should we advertise to through which VLAN interface .......

    DB:3.31:Lan Routing dz


    Ya its ok my view is ......

    Between Router and switch we are using two different network ,Each router two interface are used to connect with a switch ....... both interface are in different network ......

    OK then this summary route advertise will be sended through all SVI interface .......so in router i will get multiple HOP.......for same route.......

  • RELEVANCY SCORE 3.31

    DB:3.31:%Standby-6-Statechange: j9



    I have two 7206vxr routers and running hsrp for redundancy. I keep getting

    %STANDBY-6-STATECHANGE: between the two routers but no there were no linkstate and no routing protocol change states. Does anyone know why hsrp changes state without linkup/linkdown and without routing protocol flap???

    Thanks

    cu

    DB:3.31:%Standby-6-Statechange: j9


    I'd be interested in seeing an excerpt your log file for this.

    We recently had the same problem on a pair of our 7200's where the state changes would occur within ms of each other ruling out missed hello's.

  • RELEVANCY SCORE 3.30

    DB:3.30:Voice Gateway Availability 7c



    Is there a way to design and configure voice gateway acting like the concept of hot standby routing protocol (HSRP) ? If one of the voice gateway goes down, the "standby voice gateway" will replace it and use the same line/voiceport to PSTN.

    DB:3.30:Voice Gateway Availability 7c


    A ha, I got your point. Thanks a lot, Doug!

    Does Cisco recommend design like this ? how about SRND ?

  • RELEVANCY SCORE 3.30

    DB:3.30:Enhanced Object Tracking For Hsrp f3



    Hi,

    I have configured Enhanced Object tracking for HSRP on two of my Cisco 3745 routers running IOS ver 12.2(15) T.

    I have configured the HSRP to track the Ip route reachability. But I am using static routes to do my routing. There is no dyanmic routing protocols active.

    My query is , does this Ip route reachability feature work with static routes?

    That is if the static route is not reachable, does the "IP route reachability feature " know that the route is down and switch over the HSRP router?

    If not, what other options do I have?

    One more query is -- Can i enable RIP on loopback interfaces?

    DB:3.30:Enhanced Object Tracking For Hsrp f3


    Maybe you can utilize Frame Relay end-to-end keepalives to ensure that the interfaces change state when DTE-DTE connectivity is lost. This will, in turn, remove any routes from the routing table which point to the interface.

  • RELEVANCY SCORE 3.30

    DB:3.30:Hsrp 3750-X Routing f9



    My DC gives me two networks, a routing network /29 and a user network /28

    x.x.x.1 – HSRP Gatewayx.x.x.2 – Edge Router 1x.x.x.3 – Edge Router 2x.x.x.4 – User x.x.x.5 – Userx.x.x.6 – User

    /28x.x.x.100 – User x.x.x.101 – User x.x.x.102 – User x.x.x.103 – User x.x.x.105 – User x.x.x.106 – User x.x.x.107 – User x.x.x.108 – User x.x.x.109 – User x.x.x.110 – User x.x.x.111 – User x.x.x.112 – User x.x.x.113 – User x.x.x.114 – User

    Using a Cisco 3750-X (IP Base) what would be the best way to route between these? InterVlan routing? The /28 additional network is routed to "x.x.x.4 – User "

    DB:3.30:Hsrp 3750-X Routing f9


    So I create a Vlan for the Interface that connects to the DC and assign it a IP of x.x.x.4 then create a vlan for all of my servers and a static route to my DC gateway of x.x.x.1?

  • RELEVANCY SCORE 3.30

    DB:3.30:Using Hsrp And Routing Protocol xz



    Hi all, can anyone tell me how the traffic will flow if I have 2 sites, they have 2 routers each, 1 primary and 1 backup, the active hsrp router routes via the e1. the backup uses the isdn, i would like to know how the routing protocol, eigrp would use the isdn on the other router if the e1 went down, would the pri router learn routes from the backup router to go via that link id the primary is down ?

    DB:3.30:Using Hsrp And Routing Protocol xz


    Are you using HSRP tracking on your e1 interface on both ends of the link? Is the link point-to-point, frame, MPLS? That could determine whether or not both ends of the link appear down. If they both register as down during a failure, then HSRP tracking will swing the virtual address over to the secondary router on both ends. If not, eigrp will use your internal interface (or direct connection between your routers) to pass the traffic to the secondary router. I'd recommend tracking as it will maintain a consistent optimal path for your traffic on both ends.

  • RELEVANCY SCORE 3.29

    DB:3.29:Ipsec Failover Without Loosing Session 3d



    hi all ,

    I've heard that it was possible to perform failover ipsec without loosing sessions

    with ios/ipsec routers and tunnel and routing protocol.

    How does it works,

    do i need hsrp on inside and outside?

    how can i detect if ipsec tunnel on router 1 is down? and force the second one

    to become active router?

    A sample config or link would be useful.

    Thanks

    DB:3.29:Ipsec Failover Without Loosing Session 3d


    Hi ,

    Just setting this up myself ! The only IOS that supports HSRP and VPN tunnels is , I believe , 12.2-8.T5 but this will NOT permit stateful tracking of the IPSEC tunnel so if the HSRP group changes you will loose all current sessions .Try looking for IPsec VPN high Availablility Enhancements under ver 12.2 but unless this feature is migrated to other IOS releases I would suspect some other form of HSRP/VPN offering is on the way .This feature permits tracking of a Crypto map to an HSRP name and sends keepalives to ensure tunnels are torn down and re-established on the new HSRP master .

    Good luck !

    Mike

  • RELEVANCY SCORE 3.29

    DB:3.29:Routing Protocol Between 6509s 7s



    Hello ,

    We are going to upgrade our Production Network with 6509's as Core Switches with MSFC2 card ( 2 X 6509 for Redundancy Load balancing ) .We have ordered each 6509 with Redundant sup engine .We will configure HSRP .What is the best Routing protocol to use between them ?. Pls note that it's a purely campus Network for Plant Production/operation without any WAN link(s) .

    Regards,

    Raju

    DB:3.29:Routing Protocol Between 6509s 7s


    How about 802.1Q trunking them together. The two switches will act like one big switch.

    You can configure any routing protocol between the two if you go Layer 3..EIGRP, OSPF seem good choices.

    HTH

  • RELEVANCY SCORE 3.28

    DB:3.28:Routing Table In Frame Relay kj


    Hi,

    We know that in IP protocol, the routing table is created by the routing protocol such as OSPF and RIP. How about Frame relay, how the routing table is created to route the frames using DLCI?

    Thanks in Advance

    DB:3.28:Routing Table In Frame Relay kj


    sorry

    the correct command "frame-relay map ip [ address ] dlci [ number ]" to achieve map

  • RELEVANCY SCORE 3.28

    DB:3.28:Hsrp And Routing Protocols fd



    Hello,

    I was wondering if anyone ever tried to make a routing protocol (any routing protocol for that matter) distribute a standby address of hsrp group as a next hop router?

    I know this is not a regular scenario, and HSRP is not used for such implementations, but that can not keep me from wondering :)

    Thanks,

    Sasa

    DB:3.28:Hsrp And Routing Protocols fd


    You are right. What I mean is the packet once matched w/ the routing table and it will forward to the next-hop in its routing table.

  • RELEVANCY SCORE 3.28

    DB:3.28:How To Configure Msfc Redundancy On Catalyst 6500 And 6000 Series Switches Using Hsrp fx


    Core Issue
    The Catalyst 6500 and 6000 series switches use the Supervisor Engine for Layer 2 (L2) switching and the Multilayer Switch Feature Card (MSFC), which is a daughter card, on the Supervisor Engine for Layer 3 (L3) routing functionality. The switch allows the user to install two Supervisor Engines on the same chassis in slot 1 and slot 2 for L2 redundancy. When the dual supervisor engines have the MSFC, they can be configured to provide L3 redundancy as well. 
    Hot Standby Router Protocol (HSRP) provides redundancy for IP networks, ensuring that user traffic immediately and transparently recovers from first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address, which is configured as the default gateway on the hosts. From the group of routers configured in a HSRP group, the one with the highest priority functions as the active router and the one with the second highest priority functions as the standby router. The active router assumes the role of forwarding packets sent to the virtual IP address. If the active router fails, the standby takes over as the new active router.

    Resolution
    These are the different types of configurations available for MSFC redundancy on a single Catalyst 6500 and 6000 chassis operating in hybrid mode. This runs Catalyst OS (CatOS) on the Supervisor and Cisco IOS  Software on the MSFC:

    Dual router mode redundancy makes use of HSRP. Both the MSFCs can be active at the same time and establish routing protocol peer relationships with other routers. If one MSFC fails, the other MSFC takes over using the HSRP mechanism. This method can also be used to provide load sharing of VLAN traffic by using a single chassis.       In single router mode redundancy, only one of the MSFCs is active and it establishes routing protocol peer relationships with other routers. The other MSFC takes over if the active MSFC fails. This method cannot provide load sharing capability using a single chassis.

    Apart from the redundancy options available for MSFC on the same chassis, HSRP can also be used to provide MSFC redundancy and load sharing. This occurs when HSRP is available on Supervisors on a multiple chassis, just like a normal router-based network.
    Certain requirements must be met for single chassis MSFC redundancy. Both the MSFCs must have identical configuration, except for HSRP and other network layer parameters like IP and Internetwork Packet Exchange (IPX) addresses, which have to be unique. This condition is due to the concept of designated MSFC, which programs the ASIC on the active Supervisor Engine for forwarding traffic. The designated MSFC is the one that comes up first (or has been up the longest), and it can either be the one in slot 1 or slot 2.
    To resolve this issue, perform these steps:
    Before configuring HSRP for dual router mode redundancy, identify the active and standby MSFCs for each VLAN. All the HSRP commands are configured under the Switched Virtual Interfaces (SVIs) for the VLAN on both the MSFCs. The SVI acts as the routed interface for a VLAN.       To access both the MSFCs from the Supervisor module, issue the session and session 16 commands.
         -
         15

       3.  To configure the virtual IP address for the group, issue the standby [group-number] ip [ip-address] command. 

       4.  Use the same group number and virtual IP address on both the MSFCs for the specific VLAN. 

       5.  To configure the priority, issue the standby [group-number] priority priority command. 

       6.  Select the active and standby MSFC for that VLAN. 

      
    If necessary, configure the standby [group-number] preempt command to always force the MSFC with the highest HSRP priority to be elected as the active MSFC for that VLAN.

    For more information on MSFC redundancy and HSRP configuration, refer to these documents:
    Understanding Internal MSFC Redundancy on Hybrid Mode Catalyst 6000 Switches      Configuring Redundancy

    DB:3.28:How To Configure Msfc Redundancy On Catalyst 6500 And 6000 Series Switches Using Hsrp fx

    Core Issue
    The Catalyst 6500 and 6000 series switches use the Supervisor Engine for Layer 2 (L2) switching and the Multilayer Switch Feature Card (MSFC), which is a daughter card, on the Supervisor Engine for Layer 3 (L3) routing functionality. The switch allows the user to install two Supervisor Engines on the same chassis in slot 1 and slot 2 for L2 redundancy. When the dual supervisor engines have the MSFC, they can be configured to provide L3 redundancy as well. 
    Hot Standby Router Protocol (HSRP) provides redundancy for IP networks, ensuring that user traffic immediately and transparently recovers from first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address, which is configured as the default gateway on the hosts. From the group of routers configured in a HSRP group, the one with the highest priority functions as the active router and the one with the second highest priority functions as the standby router. The active router assumes the role of forwarding packets sent to the virtual IP address. If the active router fails, the standby takes over as the new active router.

    Resolution
    These are the different types of configurations available for MSFC redundancy on a single Catalyst 6500 and 6000 chassis operating in hybrid mode. This runs Catalyst OS (CatOS) on the Supervisor and Cisco IOS  Software on the MSFC:

    Dual router mode redundancy makes use of HSRP. Both the MSFCs can be active at the same time and establish routing protocol peer relationships with other routers. If one MSFC fails, the other MSFC takes over using the HSRP mechanism. This method can also be used to provide load sharing of VLAN traffic by using a single chassis.       In single router mode redundancy, only one of the MSFCs is active and it establishes routing protocol peer relationships with other routers. The other MSFC takes over if the active MSFC fails. This method cannot provide load sharing capability using a single chassis.

    Apart from the redundancy options available for MSFC on the same chassis, HSRP can also be used to provide MSFC redundancy and load sharing. This occurs when HSRP is available on Supervisors on a multiple chassis, just like a normal router-based network.
    Certain requirements must be met for single chassis MSFC redundancy. Both the MSFCs must have identical configuration, except for HSRP and other network layer parameters like IP and Internetwork Packet Exchange (IPX) addresses, which have to be unique. This condition is due to the concept of designated MSFC, which programs the ASIC on the active Supervisor Engine for forwarding traffic. The designated MSFC is the one that comes up first (or has been up the longest), and it can either be the one in slot 1 or slot 2.
    To resolve this issue, perform these steps:
    Before configuring HSRP for dual router mode redundancy, identify the active and standby MSFCs for each VLAN. All the HSRP commands are configured under the Switched Virtual Interfaces (SVIs) for the VLAN on both the MSFCs. The SVI acts as the routed interface for a VLAN.       To access both the MSFCs from the Supervisor module, issue the session and session 16 commands.
         -
         15

       3.  To configure the virtual IP address for the group, issue the standby [group-number] ip [ip-address] command. 

       4.  Use the same group number and virtual IP address on both the MSFCs for the specific VLAN. 

       5.  To configure the priority, issue the standby [group-number] priority priority command. 

       6.  Select the active and standby MSFC for that VLAN. 

      
    If necessary, configure the standby [group-number] preempt command to always force the MSFC with the highest HSRP priority to be elected as the active MSFC for that VLAN.

    For more information on MSFC redundancy and HSRP configuration, refer to these documents:
    Understanding Internal MSFC Redundancy on Hybrid Mode Catalyst 6000 Switches      Configuring Redundancy

  • RELEVANCY SCORE 3.27

    DB:3.27:Routing And Hsrp/Glbp 1c



    Hi all, when using say eigrp etc, when the routes get advertised are they always using the real ip of the interface, is hsrp/glbp invisable to the routing process, and only used for end stations default gateways

    DB:3.27:Routing And Hsrp/Glbp 1c


    HSRP issues are independent of routing protocol and do not need any information on routing protocol to process or troubleshoot HSRP issues.

  • RELEVANCY SCORE 3.27

    DB:3.27:Ipsec + Load Balancing zf



    Hi everyone,

    I have the followin setup:

    active

    HSRP -|--2600-------T1-------2600--|- -active HSRP

    e| |e

    t| |t

    h| |h

    HSRP -|--2600-------T1-------2600--|- -backup HSRP

    backup

    The 4 routers are running 12.2(24a). The ethernet and T1 interfaces are configured for per packet load sharing with CEF. HSRP is running on the ethernet interfaces.

    EIGRP is the routing protocol and is configured for load balancing.

    All works well untill IPsec is introduced ...

    When I configure IPsec over the T1 on the backup HSRP pair things are still normal..

    BTW.. the EIGRP traffic is not being encrypted..so all EIRGP routing works well with or without encryption.

    When I congigure IPsec over the T1 on the active HSRP pair then all traffic is going over that T1 only.. no load balancing..

    Anybody else had similar experience?

    Again, encryption is configured on the serial interfaces only.. the ethernet interfaces have HSRP but no encryption..

    Thanks,

    -GH

    DB:3.27:Ipsec + Load Balancing zf


    My mistake. I interpreted your problem to be a problem with routing packets through the IPSec tunnels rather than a failure of packets which are unrelated to the IPSec traffic. On the other hand, you have verified your maps to ensure that only traffic which should go through the IPSec tunnels is detected as IPSec traffic.

    Good luck and have fun!

    Vincent C Jones

    www.networkingunlimited.com

  • RELEVANCY SCORE 3.26

    DB:3.26:Hsrp And Subnet Masking (Basic Concept) sc



    On my two MSFC2's I can configure HSRP without setting an IP address on the vlan interface:

    (example)

    Interface VLAN1

    standby IP 10.10.1.1

    So how is the subnet mask determined? I have several variably subnetted networks. Do I need to put in a line:

    ip adress 10.10.1.2 255.255.255.0 ?

    I would be using EIGRP routing protocol with the statement

    network 10.0.0.0

    no auto-summary

    Would not defining a subnet mask be a problem?

    DB:3.26:Hsrp And Subnet Masking (Basic Concept) sc


    HSRP won't work on an interface without IP configured (?)--or at least it shouldn't. HSRP also doesn't care about the subnet mask in any way, it just assumes you are using the address you've listed as the default gateway on any hosts attached to the segment.

    EIGRP won't pay any attention to the HSRP information, since EIGRP won't route to an HSRP address, etc. If you have two possible next hops across the same link, EIGRP will just build the right neighbor relationships, and install two routes in topology table, which will either result in load sharing, or having a backup route, normally.

    Russ

  • RELEVANCY SCORE 3.26

    DB:3.26:Is It Possilble With Hsrp kc



    Is it possible when using the HSRP protocol, for host on different VLANs to use the same gateway address.

    DB:3.26:Is It Possilble With Hsrp kc


    hi Istvan,

    Thanks, i get it now. That is what i wanted to confirm, that each subnet needs it own virtual gateway address.

    Cheers

    Oladapo

  • RELEVANCY SCORE 3.26

    DB:3.26:Hsrp And Icmp Redirects 1z



    In the HSRP RFC, 2281 it states -

    "6.3 ICMP Redirect

    While running HSRP, it is important to prevent the host from discovering the primary MAC addresses of the routers in its standby group. Thus, any protocol that informs a host of a router's primary

    address should be disabled. Thus, routers participating in HSRP on an interface MUST NOT send ICMP redirects on that interface."

    I've been playing with this on the bench and don't seem to have any problems with redirects enabled.

    The only way you can get a host to learn the real address of an HSRP group member is if your DG is set for the real address of another member which doesn't have the best route.... but then HSRP is broken for that host anyway.

    As long as your DG's are correct, a member of the HSRP groups never appears to send Redirects.

    If you introduce a third non-member router and get the HSRP pair to redirect you to it, again no problem as the host is learning the address of the stand alone router not the HSRP member.

    The only problem I can produce is if you use the non-member as DG and get redirected to a network via the members. This way a host ends up with an HSRP members real address as the redirect is the result of a route table lookup.

    But this hypothetical third router is NOT participating in HSRP only in the routing protocol and so is not covered by the caveat above.

    So it seems to me that this statement is wrong, or at least incomplete.

    can anyone point out the (almost inevitable :-) flaw in my logic.

    Thanks

    Baldy

    DB:3.26:Hsrp And Icmp Redirects 1z


    Hi Baldy,

    I'm also running with this and I come to the evidence that the statement is true.

    Having setup HSRP internet routers, my PIX firewall and other uinx devices the the lan segment have learned the real mac-addresses of the HSRP members, although their default gateways is the the vitual IP address of the hsrp.

    From what I can see, this is related to the fact that I enable ICMP redirect in order to accept traffic from the serial interfaces of my two ISP's.

    Disabling ICMP resolve this issue, but hosts are not all reachable from outside. If any traffic comes via the standy routers' serial interface, it just bounces to unreachable.

    I believe that the way the arp/proxy arp is done has also something to do.

    Any idea ?

    Theo

  • RELEVANCY SCORE 3.25

    DB:3.25:Svi Hsrp Vlan Routing Issue zd



    I have stack of 3750s running advancedIP image, and a 3550 running IPServices. Both are running IP Routing and are apart of per SVI HSRP groups. The switched infrastructure runs rapid-pvst, where the 3750 stack is the root. The 3750 is also the active gateway in all HSRP groups. EIGRP is the routing protocol. The 3550 can only ping its neighbor switch (not the active 3750) and no others devices in the management vlan. It can ping everything else in all other vlans. When it becomes the active gateway for all VLANs, everything on the management is inaccessible except for itself, and its directly connected neighbor. Furthermore, while the 3750 is active the 3550 is accessible from some of the switches in the topology, while connecting to others makes it unreachable.

    So far I can find no reason why this should be happening. Anyone have an idea?

    DB:3.25:Svi Hsrp Vlan Routing Issue zd


    Dear hhardy6786

    would you mind please give you configuration on both 3550 and 3750.

  • RELEVANCY SCORE 3.23

    DB:3.23:Problem With Hsrp And Asymetric Routing. j1



    Hello,

    I search feedback about the problem HSRP and Asymetric Routing (

    description here : http://www.cisco.com/en/US/tech/tk648/tk365/technologies_tech_note09186a0080094afd.shtml#t8 )

    I want more details about symptoms and the solution apply in compliance with Cisco.

    I think I have this problem in network customer.

    (When we activate HSRP, all

    network VLAN slow down , we have got duplicate packets and broadcast/multicast storm and when we desactivate HSRP it is OK.)

    Thanks for Your reply.

    DB:3.23:Problem With Hsrp And Asymetric Routing. j1


    Thank you for your answer,sorry for my late anwser.

    Here are the interesting configuration on both 4000 :

    Last IOS version on 4232 : cat4232-in-mz.120-18.W5.22b.bin

    CatOs Version 4000 : cat4000.6-3-4a.bin

    On the two 4000 : there are 10 Vlan.

    Interesting Configuration L2 on interface 4000A

    #vlan

    set spantree priority 10 1

    set spantree priority 30 2

    set spantree priority 10 8

    set spantree priority 30 12

    set spantree priority 10 16

    set spantree priority 30 20

    set spantree priority 10 24

    set spantree priority 30 244

    set spantree priority 10 248

    set spantree priority 30 252

    set spantree enable 1003

    set spantree fwddelay 4 1003

    set spantree hello 2 1003

    set spantree maxage 10 1003

    set spantree priority 32768 1003

    set spantree enable 1005

    set spantree fwddelay 4 1005

    set spantree hello 2 1005

    set spantree maxage 10 1005

    set spantree priority 32768 1005

    #vlan(defaults)

    set spantree enable 1-2,8,12,16,20,24,244,248,252

    set spantree fwddelay 15 1-2,8,12,16,20,24,244,248,252

    set spantree hello 2 1-2,8,12,16,20,24,244,248,252

    set spantree maxage 20 1-2,8,12,16,20,24,244,248,252

    set cam agingtime 1-2,8,12,16,20,24,244,248,252,1003,1005 300

    Interesting Configuration L2 on interface 4000B

    set spantree priority 30 1

    set spantree priority 30 8

    set spantree priority 10 12

    set spantree priority 30 16

    set spantree priority 10 20

    set spantree priority 30 24

    set spantree priority 10 244

    set spantree priority 30 248

    set spantree priority 10 252

    !

    Configuration L3 on interface 4000A

    interface Port-channel1

    no ip address

    no ip redirects

    no ip directed-broadcast

    hold-queue 300 in

    !

    interface Port-channel1.1

    encapsulation dot1Q 1 native

    ip address X.X.1.(X1.1a) 255.0.0.0

    no ip redirects

    no ip directed-broadcast

    standby 255 priority 100

    standby 255 preempt

    standby 255 ip Y.Y.1.(Y1.1)

    !

    interface Port-channel1.2

    encapsulation dot1Q 2

    ip address X.X.2.(X1.2a) 255.255.255.0

    no ip redirects

    no ip directed-broadcast

    standby 2 priority 90

    standby 2 preempt

    standby 2 ip Y.Y.2.(Y1.2)

    !

    interface Port-channel1.8

    encapsulation dot1Q 8

    ip address X.X.8.(X1.8a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 8 priority 100

    standby 8 preempt

    standby 8 ip Y.Y.8.(Y1.8)

    !

    interface Port-channel1.12

    encapsulation dot1Q 12

    ip address X.X.12.(X1.12a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 12 priority 90

    standby 12 preempt

    standby 12 ip Y.Y.12.(Y1.12)

    !

    interface Port-channel1.16

    encapsulation dot1Q 16

    ip address X.X.16.(X1.16a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 16 priority 100

    standby 16 preempt

    standby 16 ip Y.Y.16.(Y1.16)

    !

    interface Port-channel1.20

    encapsulation dot1Q 20

    ip address X.X.20.(X1.20a)1 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 20 priority 90

    standby 20 preempt

    standby 20 ip Y.Y.20.(Y1.20)

    !

    interface Port-channel1.24

    encapsulation dot1Q 24

    ip address X.X.24.(X1.24a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 24 priority 100

    standby 24 preempt

    standby 24 ip Y.Y.24.(Y1.24)

    !

    interface Port-channel1.244

    encapsulation dot1Q 244

    ip address X.X.244.(X1.244a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 244 priority 90

    standby 244 preempt

    standby 244 ip Y.Y.244.(Y1.244)

    !

    interface Port-channel1.248

    encapsulation dot1Q 248

    ip address X.X.248.(X1.248a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 248 priority 100

    standby 248 preempt

    standby 248 ip Y.Y.248.(Y1.248)

    !

    interface Port-channel1.252

    encapsulation dot1Q 252

    ip address X.X.252.(X1.252a) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    standby 252 priority 90

    standby 252 preempt

    standby 252 ip Y.Y.252.(Y1.252)

    !

    Configuration L3 on interface 4000B

    interface Port-channel1

    no ip address

    no ip directed-broadcast

    hold-queue 300 in

    !

    interface Port-channel1.1

    encapsulation dot1Q 1 native

    ip address X.X.1.(X1.1b) 255.0.0.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 255 priority 90 preempt

    standby 255 ip Y.Y.1.(Y1.1)

    !

    interface Port-channel1.8

    encapsulation dot1Q 8

    ip address X.X.8.(X1.8b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 8 priority 90 preempt

    standby 8 ip Y.Y.8.(Y1.8)

    !

    interface Port-channel1.12

    encapsulation dot1Q 12

    ip address X.X.12.(X1.12b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 12 priority 100 preempt

    standby 12 ip Y.Y.12.(Y1.12)

    !

    interface Port-channel1.16

    encapsulation dot1Q 16

    ip address X.X.16.(X1.16b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 16 priority 90 preempt

    standby 16 ip Y.Y.16.(Y1.16)

    !

    interface Port-channel1.20

    encapsulation dot1Q 20

    ip address X.X.20.(X1.20b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 20 priority 100 preempt

    standby 20 ip Y.Y.20.(Y1.20)

    !

    interface Port-channel1.24

    encapsulation dot1Q 24

    ip address X.X.24.(X1.24b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 24 priority 90 preempt

    standby 24 ip Y.Y.24.(Y1.24)

    !

    interface Port-channel1.244

    encapsulation dot1Q 244

    ip address X.X.244.(X1.244b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 244 priority 100 preempt

    standby 244 ip Y.Y.244.(Y1.244)

    !

    interface Port-channel1.248

    encapsulation dot1Q 248

    ip address X.X.248.(X1.248b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 248 priority 90 preempt

    standby 248 ip Y.Y.248.(Y1.248)

    !

    interface Port-channel1.252

    encapsulation dot1Q 252

    ip address X.X.252.(X1.252b) 255.255.252.0

    no ip redirects

    no ip directed-broadcast

    shutdown

    standby 252 priority 100 preempt

    standby 252 ip Y.Y.252.(Y1.252)

    !

    HSRP is active on 4000A (interface no shutdown)

    HSRP is not active on 4000B (interface shutdown)

    What's happen ?

    When we reactivate HSRP on 4000B (no shutdown all interfaces)

    We have asymetric routing.

    Symptoms on the network :

    - Slow network.

    - Packets duplicate.

    - Broadcast / multicast Storm.

    - Cpu increase on others routers.

    - Crazy Hosts.

    When we desactivate HSRP on 4000B (shutdown all interfaces)

    All becomes good.

    All ideas are welcome.

  • RELEVANCY SCORE 3.23

    DB:3.23:Routing Issue fc



    I am running a EIGRP network with the 2 central routers running HSRP across their lan interfaces. The primary router redistributes static routes defined on this router into EIGRP. However if this router fails and the backup router takes over within HSRP, how do I ensure that the EIGRP routing protocol is aware of these static routes? Would I have to configure these routes on the second router and redistribute back into EIGRP with a higher weighting?

    please advise?

    DB:3.23:Routing Issue fc


    Sounds like you have the right idea. That is exactly how you would do this.

  • RELEVANCY SCORE 3.22

    DB:3.22:Routing Protocols Or Statics am



    Is it better pratice to use a routing protocol or statics ? and is there any advantages to using routing protocols ?

    DB:3.22:Routing Protocols Or Statics am


    Hi,

    Static protocals easy to configure and complex to manage, but dynamic protocals complex only at the time configuration before u have to study ur network and ur requirement but easy to manage..

  • RELEVANCY SCORE 3.22

    DB:3.22:How To Configure Hsrp To Support Icmp Redirects 8z


    Core IssueHot Standby Router Protocol (HSRP) provides redundancy for IP networks. It also provides redundancy for hosts to recover immediately and transparently from the first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address. This address is configured as the default gateway on the host. From the group of routers configured in a HSRP group, the one with the highest priority functions as the active router. The one with the second highest priority functions as the standby router. The active router forwards packets sent to the virtual IP address. If the active router fails, the standby router takes over as the new active router. Internet Control Message Protocol (ICMP) provides many diagnostic functions for IP by sending control messages to hosts. ICMP redirect messages can be sent by the routers to the hosts. These messages redirect the hosts to send packets to another router (on the same segment on the optimal path toward the destination).
    Earlier, ICMP redirects were disabled on a router interface configured for HSRP. This was done because redirecting the hosts to the real IP address of another router resulted in dropped packets. This occurred if the other router failed, which defeated the redundancy provided by HSRP.

    ResolutionTo enable ICMP redirects with HSRP on an interface, use the HSRP Support for ICMP Redirects feature. This functionality filters outgoing ICMP redirect messages through HSRP, where the next-hop IP address can be changed to a HSRP virtual IP address. Each HSRP router snoops all HSRP packets on the network to maintain a list of active routers. The HSRP router also maintains a list of virtual IP addresses and their real IP addresses.
    Usually when an ICMP redirect message is sent to a host, the next-hop IP address of the message is sent to the physical IP address of the router (where the packets are redirected). With this feature, the next-hop IP address is compared to the network's list of active HSRP routers. The active HSRP router forwards packets for a group by using the virtual IP address for that group. If a match is found, then the real next-hop IP address is replaced with a corresponding virtual IP address. This address is replaced in the ICMP redirect message that is sent.
    Hosts do not redirect to passive HSRP routers (which are routers running HSRP) but are not active for any HSRP group on the interface, as redundancy could be lost if the hosts learn the real IP addresses of the HSRP routers. However, hosts can be redirected to a router not running HSRP, as redundancy is not implemented to reach the destinations through that router.
    To enable ICMP redirect messages to be sent when the HSRP is configured on an interface, issue the standby redirects command under the interface configuration mode.
    Note: The standby redirects command is enabled by default and can be disabled.
    For more information on the HSRP Support for ICMP Redirects feature, refer to HSRP Support for ICMP Redirects.

    Problem Type
    Configure

    HSRP issues
    RP (Routing Protocol) Related TechnologiesHSRP

    DB:3.22:How To Configure Hsrp To Support Icmp Redirects 8z

    Core IssueHot Standby Router Protocol (HSRP) provides redundancy for IP networks. It also provides redundancy for hosts to recover immediately and transparently from the first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address. This address is configured as the default gateway on the host. From the group of routers configured in a HSRP group, the one with the highest priority functions as the active router. The one with the second highest priority functions as the standby router. The active router forwards packets sent to the virtual IP address. If the active router fails, the standby router takes over as the new active router. Internet Control Message Protocol (ICMP) provides many diagnostic functions for IP by sending control messages to hosts. ICMP redirect messages can be sent by the routers to the hosts. These messages redirect the hosts to send packets to another router (on the same segment on the optimal path toward the destination).
    Earlier, ICMP redirects were disabled on a router interface configured for HSRP. This was done because redirecting the hosts to the real IP address of another router resulted in dropped packets. This occurred if the other router failed, which defeated the redundancy provided by HSRP.

    ResolutionTo enable ICMP redirects with HSRP on an interface, use the HSRP Support for ICMP Redirects feature. This functionality filters outgoing ICMP redirect messages through HSRP, where the next-hop IP address can be changed to a HSRP virtual IP address. Each HSRP router snoops all HSRP packets on the network to maintain a list of active routers. The HSRP router also maintains a list of virtual IP addresses and their real IP addresses.
    Usually when an ICMP redirect message is sent to a host, the next-hop IP address of the message is sent to the physical IP address of the router (where the packets are redirected). With this feature, the next-hop IP address is compared to the network's list of active HSRP routers. The active HSRP router forwards packets for a group by using the virtual IP address for that group. If a match is found, then the real next-hop IP address is replaced with a corresponding virtual IP address. This address is replaced in the ICMP redirect message that is sent.
    Hosts do not redirect to passive HSRP routers (which are routers running HSRP) but are not active for any HSRP group on the interface, as redundancy could be lost if the hosts learn the real IP addresses of the HSRP routers. However, hosts can be redirected to a router not running HSRP, as redundancy is not implemented to reach the destinations through that router.
    To enable ICMP redirect messages to be sent when the HSRP is configured on an interface, issue the standby redirects command under the interface configuration mode.
    Note: The standby redirects command is enabled by default and can be disabled.
    For more information on the HSRP Support for ICMP Redirects feature, refer to HSRP Support for ICMP Redirects.

    Problem Type
    Configure

    HSRP issues
    RP (Routing Protocol) Related TechnologiesHSRP

  • RELEVANCY SCORE 3.22

    DB:3.22:Policy Based Routing Glbp zc



    We are currently running HSRP, as our redundancy protocol, on our routers.  Our site has two WAN connection.  One is an MPLS, and the other is a VPN GRE IPSec tunnel.  We have Policy Based Routing that routes certain traffic over the VPN tunnel, and other traffic over the MPLS cloud.  If I moved to GLBP, from HSRP, how does that affect the policy based routing, if I set up a weighted load-balanced round-robin configuration?  Does that affect PBR at all? 

    DB:3.22:Policy Based Routing Glbp zc


    John,

    Thank you for your reply!  I kind of thought that the PBR would happen, then regular routing via the load-balanced gateway.  Again, thanks for your reply!  Have a great day!

  • RELEVANCY SCORE 3.22

    DB:3.22:Static Default Route To Glbp 71



    Hi all,

    Today we have our static default route to a HSRP address.

    We want to change this static default and point it to a GLBP address.

    Should this work?

    The resond why we don't use a dynamic routing protocol is our backbone switches have wrong IOS version.

    regards Jan Rockstedt

    DB:3.22:Static Default Route To Glbp 71


    A trace from different stations to the default gateway. Because if you use the same station it will go to the same gateway.

  • RELEVANCY SCORE 3.22

    DB:3.22:Routing And Bridge With Hsrp 9c



    I have a Problem with Two 6009 Switches and Two MSM

    with HSRP. I must Routing and Bridge on the MSM.

    The Bridge is for SNA Gateways and the Trouble is

    the second MSM become on a not defind time no answer from the Primary MSM and goes Up

    I have at this Time Two Primary MSM and this Destory the Spanntree. The Protocol on the MSM is DEC and the IOS is 12.0(1a)WX5(6g).

    Thanks for Help by my Problem

    PS Sorry for My horrible English

    DB:3.22:Routing And Bridge With Hsrp 9c


    I have a Problem with Two 6009 Switches and Two MSM

    with HSRP. I must Routing and Bridge on the MSM.

    The Bridge is for SNA Gateways and the Trouble is

    the second MSM become on a not defind time no answer from the Primary MSM and goes Up

    I have at this Time Two Primary MSM and this Destory the Spanntree. The Protocol on the MSM is DEC and the IOS is 12.0(1a)WX5(6g).

    Thanks for Help by my Problem

    PS Sorry for My horrible English

  • RELEVANCY SCORE 3.22

    DB:3.22:Hsrp And Mls/Routing Traffic Question m1



    Hi,

    it was too long ago with MLS and MSFC .. so i forgot the answer :-)

    Starting Scenario:

    Two 6500/Sup720 "Routers" with HSRP about 20 VLANs and three more 6500/Sup720 "Switches" only in Layer 2 with the same VLANs and redundant Uplinks to the "Routers"

    Traffic: Outer-VLAN-Traffic from the "Switches" goes over the Uplinks to the "Routers" an maybe go back to the "Switches" on same Uplink to the destination (If connected at the same switch)

    Problem: High Uplink Utilization

    Solution?/End-Scenario: Activated HSRP Group on all of the 6500/Sup720s (Trunked)

    My Questions: Does the HSRP passive 6500/Sup720 forward traffic switchinternal or does he send all the subnet traffic to the active HSRP Router and back, like before ? Otherwise what Gateway Redundancy protocol will solve my problem that the switch can forward the traffic internal to get more performance?

    Thanks for suggestions!

    DB:3.22:Hsrp And Mls/Routing Traffic Question m1


    any suggestions ?? Maybe should i use GLBP instead of HSRP ?

  • RELEVANCY SCORE 3.20

    DB:3.20:Asa Routing Failover mz



    All,

    ASA5510 with gig0/0 to Internet . Gig0/1 - Inside network. In the LAN I have qty#2 3560 with enhanced image and servers with Dual NIC for redundancy.

    I want to VLAN the n/w and use OSPF as routing protocol. Iam planning to create a Etherchannel between the 2 switches and run OSPF also.

    Planning to have HSRP failover for Servers from Switch1 to switch2.

    Now from Switch1 , port1 connects to ASA gig 0/1, but incase if Sw1 fails, with HSRP functioning, SW2 will takeover

    the traffic, how the servers can go online dynamically ?

    Thanks in advance

    MS

  • RELEVANCY SCORE 3.20

    DB:3.20:Vpn + Firewall + Routing Protocol jp



    Is it already possible to use VPN (IPsec) combination with Cisco firewall feature set and a routing protocol like OSPF?

    I know it is possible to use VPN + OSPF when using GRE, but then FFS is not supported....

    Thanks! Richard

    DB:3.20:Vpn + Firewall + Routing Protocol jp


    The cisco pix do not deal with ospf. You would still need gre over ipsec to have ospf through it.

    Regards,

  • RELEVANCY SCORE 3.19

    DB:3.19:Isdn Interface - Policy Based Routing pa



    Hi all,

    I got new problem here when using the PBR with ISDN backup link.

    I have 2 routers A B, A is leased line router and B is ISDN router. The purposed is customers leased line connected to Router A, if leased line failed then their router will dial to router B.

    I use PBR to segregate the traffic among customers. So they can't reach each other, they only can reach my internal LAN. HSRP is configured between R-A and R-B LAN and always active in R-A.

    If the HSRP active in R-B, then i got problem with this ISDN router.

    The ISDN interface is always in up/up state, even no dial in. This caused the traffic always forward to isdn.

    How can we make isdn interface protocol down state, up state when incoming call is make.

    regards

  • RELEVANCY SCORE 3.19

    DB:3.19:Routing Protocol Type:?? 1c



    Hi,

    What is mean mean by passenger, carrier and transport routing prototcol ??    

    DB:3.19:Routing Protocol Type:?? 1c


    Abhinay,

    Okay, I see the point. The passenger protocol is the protocol you want to carry over a network that does not understand it (or you do not want the network to see it). For example, you may want to tunnel IPv6 packets over an IPv4-only network. Thus, the IPv6 would become the passenger protocol here.

    The carrier protocol is the one that is used to encapsulate the passenger's protocol packets as its own payload. In my example, tunneling IPv6 packets over IPv4 network would require that each IPv6 packet is inserted into an IPv4 packet and the resulting IPv4 packet is transported through the IPv4 network. Thus, the IPv4 becomes the carrier protocol.

    Anytime we say "X-over-Y" if related to tunneling, the "X" is the passenger protocol and the "Y" is the carrier protocol, as packets of the type X are carried inside packets of the type Y. Common examples include IPv6-over-IPv4, CLNS-over-IPv4, even IPv4-over-IPv4 and so on.

    The transport protocol in this case, or better said, a tunneling protocol is an additional protocol used to facilitate this tunneling. For example, putting IPv6 packets into IPv4 packets is easy and straightforward, but you may require various additional functions for this tunnel:

    Multiple passenger protocols over a single tunnel. You somehow need to identify the type of the passenger protocol, and the IP Protocol header field may not have enough values to express all possible existing protocols you could tunnel over IP.Sequencing. The IP is actually unable to make sure that tunneled packets arrive in their original order, and it may be your requirement that the individual tunneled packets must be processed in their original order.Authentication. You may require that the tunnel is authenticated before transferring data over it.Keepalives. You may require an active test whether the tunnel is indeed capable of transporting data end-to-end. The IP as a best-effort connectionless protocol does not have any means to provide you with this test.Dynamic session establishement and teardown, differentiating multiple sessions within a single tunnel.

    If you need any of these functions then you have to use the additional tunneling protocol. Nowadays, the most popular tunneling protocols are GRE (Generic Routing Encapsulation) and L2TP (Layer 2 Tunneling Protocol), not counting the MPLS Pseudowires (they are rather special and I don't want to cover them here).

    If the GRE is used then the GRE header is placed into the carrier protocol payload just before the passenger protocol datagram comes in. If you create an IPv6-over-IP tunnel using the GRE tunneling protocol, the resulting packet would look like:

    Carrier IPv4 header | Tunneling GRE header | Passenger IPv6 packet

    Best regards,

    Peter

  • RELEVANCY SCORE 3.19

    DB:3.19:Smi Routing Protocols That Converge Rapidly 3s



    HSRP - Does the Standard Multilayer Image provide a routing protocol that can converge as rapid or near rapid (10/20ms) as when using EIGRP and HSRP together...Basically, is the Enhanced Mutilayer Image the best choice for achieving the fastest fault tolerant recovery times?

    DB:3.19:Smi Routing Protocols That Converge Rapidly 3s


    I believe standard only supports RIP,EIGRP stub and static routing . If you need ospf and standard eigrp then you need Enhanced.

  • RELEVANCY SCORE 3.18

    DB:3.18:Issue With Hsrp xm



    Hi all,

    I have running HSRP for remote client on my two 6500 for redudancy on Layer 3 interface.

    The problem is if my primary router gets reloaded and come up, HSRP process start and comes fast as active but still routing protocol not coverge with my other side of network and due to that Traffic from client comes to HSRP active router and then drops till routes get convered for destination and my voice call gets drop.....

    I could try "preempt delay" but there are some limitation for this....

    Can any body suggest good solution for this ??

    REgards,

    Chintan

    DB:3.18:Issue With Hsrp xm


    chintan

    If you want to make OSPF converge more quickly there is an option to configure OSPF with shorter time for hello and for deal interval which will make it converge more quickly.

    If you want REALLY fast convergence of OSPF Cisco introduced a feature in 12.2T called OSPF fast HELLO which results in the fastest convergence of OSPF. This link should give you information to help you get started:

    http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00801039b1.html

    HTH

    Rick

  • RELEVANCY SCORE 3.17

    DB:3.17:3750 Stack - What If One Dies? cm



    Suppose two 3750's are connected in a stack configuration - SwitchA and SwitchB.

    If I have a router connected to g0/0 on SwitchA, and then SwitchA dies, I'm out of luck - connection to the router is lost.  What's the best way to add redundancy here? Is it to have a second router, which connects to SwitchB, and a routing protocol or HSRP?

    DB:3.17:3750 Stack - What If One Dies? cm


    Hi,

    I'd say having /30 connections in the core is not a typical solution.

    You are saving your address space, but it's limiting possible future smooth redesign.

    IMHO, a good compromise is using /28 for L3 connections inside DCs - if you need to put more devices to the subnet in future (an IPS, e.g.), it's still possible without readdressing.

    Regarding the WAN connection:

    While peering via Ethernet to an MPLS cloud, we are using following design in our network:

    Two provider CE routers peering to two our CE routers (full mesh) via BGP in one subnet.

    If you use two different switches for L2 connection,  there's no single point of failure. And due to BGP attributes you can play with routing preferences a lot :-)

    HTH,

    Milan

  • RELEVANCY SCORE 3.16

    DB:3.16:Glbp Generates Glbp: Api Active Virtual Address X.X.X.X Not Found Messages 8x


    Core Issue
    Gateway Load Balancing Protocol (GLBP) is similar to Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP) in function, providing redundancy and load balancing for IP networks. This ensures that user traffic immediately and transparently recovers from first hop router failures.  GLBP works by making use of a single virtual IP address that is configured as the default gateway on the hosts.
    Beginning with Cisco IOS  Software Release 12.2, the GLBP implementation has been modified by removing it from the IP routing process with which it was coupled earlier. It is now a separate process. When required, the IP routing process queries the GLBP process to find if the address is already in use by GLBP.

    Resolution
    GLBP generates the GLBP: API active virtual address x.x.x.x not found message if the x.x.x.x address being queried by the IP Routing process is not in use by GLBP. This message is seen if the debug glbp command is issued on the router. This is just an informational message indicating a normal situation, that GLBP is not already using the address being queried by the IP routing process, and it does not require any corrective action.

    For information on the GLBP feature, operation and configuration, refer to GLBP - Gateway Load Balancing Protocol or the article GLBP overview and features.

    DB:3.16:Glbp Generates Glbp: Api Active Virtual Address X.X.X.X Not Found Messages 8x

    Core Issue
    Gateway Load Balancing Protocol (GLBP) is similar to Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP) in function, providing redundancy and load balancing for IP networks. This ensures that user traffic immediately and transparently recovers from first hop router failures.  GLBP works by making use of a single virtual IP address that is configured as the default gateway on the hosts.
    Beginning with Cisco IOS  Software Release 12.2, the GLBP implementation has been modified by removing it from the IP routing process with which it was coupled earlier. It is now a separate process. When required, the IP routing process queries the GLBP process to find if the address is already in use by GLBP.

    Resolution
    GLBP generates the GLBP: API active virtual address x.x.x.x not found message if the x.x.x.x address being queried by the IP Routing process is not in use by GLBP. This message is seen if the debug glbp command is issued on the router. This is just an informational message indicating a normal situation, that GLBP is not already using the address being queried by the IP routing process, and it does not require any corrective action.

    For information on the GLBP feature, operation and configuration, refer to GLBP - Gateway Load Balancing Protocol or the article GLBP overview and features.

  • RELEVANCY SCORE 3.15

    DB:3.15:Rep (Resilience Ethernet Protocols), Asymmetric Routing And Hsrp af



    https://sasipra.wordpress.com/2013/05/06/rep-resilience-ethernet-protocols-asymmetric-routing-and-hsrp/

    DB:3.15:Rep (Resilience Ethernet Protocols), Asymmetric Routing And Hsrp af


    https://sasipra.wordpress.com/2013/05/06/rep-resilience-ethernet-protocols-asymmetric-routing-and-hsrp/

  • RELEVANCY SCORE 3.15

    DB:3.15:Ospf Priority 18



    Hi,

    Soon I will be using OSPF as routing protocol. We have configured Fastethernet sub-interfaces and using HSRP between the two routers. In serial interface I have defined the priority to make DR and BDR, so just wanted to know do I have to assign the priority for all the FastEthernet sub-interfaces so I can control which router becomes DR and BDR for particular segment or is there any other way to increase the priority of all the Fastethernet interfaces.

    Thanks

    DB:3.15:Ospf Priority 18


    Why are you concerned about which router is dr and bdr in this situation? The priority will only help with initial convergence, so you might not end up with the "right" router dr and bdr anyway, even when setting the priority. A higher priority router will not "bump" a lower priority router from being dr when it comes on the link.

    Russ.W

  • RELEVANCY SCORE 3.15

    DB:3.15:Ospf Using 2 Routers And Vrrp/Hsrp p7



    Hi all

    just a quick one, if I have 2 multilayer switches using hsrp or vrrp, and a wan router connects to one of them using a vlan for routing. Which router will ospf using for its route? or will it load balance to both of them as they are equal cost and advertising the same routes to the WAN ?

    cheers

    Carl

    DB:3.15:Ospf Using 2 Routers And Vrrp/Hsrp p7


    Disclaimer

    The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

    Liability Disclaimer

    In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

    Posting

    If you're using a VLAN for routing, OSPF would normally see each other OSPF router as an adjacent neighbor on the shared subnet and as such neighbors would have the same exit interface (the VLAN) it would see them as equal cost.  This also assumes you're not trying to form adjacencies using FHRP IPs (nor is this desirable as FHRP moves between routers but OSPF sends its own LSAs).

  • RELEVANCY SCORE 3.14

    DB:3.14:Hsrp Eigrp Two Default Routes kk



    Hi,

    I have a question concerning EIGRP routing on a L3 switch behind a HSRP HA pair of routers which connect to a WAN.

    HSRP is operating as should be and when R1 fails, or an interface thereon, R2 becomes the active. All good.

    However there are now two default routes in the route table on the L3 switch. One is routing traffic to the R2 real IP which is expected but also there is the old default route to R1's real IP.

    Using EEM we can overcome this but is there another simpler method to prevent this occurring?

     

    ThanksF

    DB:3.14:Hsrp Eigrp Two Default Routes kk


    Hello F,

     

    Please can you attach a small topology diagram?

     

    Regards

    Shreeram

  • RELEVANCY SCORE 3.14

    DB:3.14:Dual Stack Hsrp On 3560 3a



    forgive me if the question has already been answered,i tried searching but coudnt get a definitive answer.

    the query is does 3560 with lattest ios, support hsrp for ipv4 and ipv6 simultaneously on same SVI { AFAIK it doesnt }

    in case it doesnt what could be the best practice that provides high availability

    we are planning to run dual stack on our network

               

                     

    we have 4 3560 switches and we are using hsrp for ipv4

    1.C1,C2 provide hsrp gateway to D1 D2               

    2.D1,D2 provide hsrp gateway to C1,C2                

    3.D1,D2 provide hsrp gateway to hosts

                ------------          ------------

               |           |          |            |

               |    C1   |----------|    C2    |

               | 3650   |          |   3650  |

               ------------          ------------

                 |      \  hsrp   /     |

                 |       \         /      |

                 |        \       /       |

                 |         \     /        |

                 |          \   /         |

                 |           \ /          |

                 |            \           |

                 |           / \          |

                 |          /   \         |

                 |         /     \        |

                 |        /       \       |

                 |       /         \      |

                 |      /   hsrp   \    |

            ------------            ------------

            |            |           |            |

            |    D1    |           |     D2   |

            |  3650   |           |    3650 |

            ------------            ------------

                 |         hsrp           |

                 |------------------------|

                     |     |     |     |

                    [ ]   [ ]   [ ]   [ ]

                            hosts

    we would have prefered if we could implement the same in ipv6

    but incase we cant run hsrp for ipv4 and ipv6 simultaneously on same SVI

    what will be the best practice out of following scenarios to run ipv6

    we wont be touching the existing ipv4 network.

    1 igp between C1,C2,D1,D2 block  and using NUD to provide first hop redundancy at host level

    {number of routes are less than 100}

    2 static routing between C1,C2,D1,D2 block  and using NUD to provide first hop redundancy at host level

    in this case is it possible to use ip sla tracking

    3 any other approach that i might have missed

          

    regards,

    DB:3.14:Dual Stack Hsrp On 3560 3a


    http://packetlife.net/blog/2011/apr/18/ipv6-neighbor-discovery-high-availability/

  • RELEVANCY SCORE 3.14

    DB:3.14:Filter Hsrp Multicasts cs



    We have a redundant 6506 configuration feeding multiple 2950-48G switches for users, printers, and other systems. The MSFCs on the 6506s act as gateways for the VLANs on the 2950s using HSRP. We would like to tweak the timers down on HSRP but we don't want to consume host ports on the 2950s with excess multicast traffic that they don't need. We know we can filter the multicast traffic altogether on those ports but that would prevent us from utilizing any kind of multicast applications within a given VLAN or across VLANs should we choose to implement multicast routing at a later date. We don't necessarily want to enable multicast routing now as we don't have any applications that need it. Is there any way we can use IGMP Snooping or CGMP to filter the unnecessary HSRP multicasts on those switchports?

    Thanks,

    Tyler West

    Functionally Multicast Illiterate

    DB:3.14:Filter Hsrp Multicasts cs


    I believe this both helps me and doesn't help me. The following was pulled from the document link you pointed me to.

    "In general, addresses from 224.0.0.1 to 224.0.0.255 are reserved and used by various protocols (standard or proprietary, such as Hot Standby Router Protocol (HSRP)). Cisco recommends that you not use these for GDA in a multicast network. CGMP and IGMP snooping do not work with this reserved address range."

    If I'm reading this correctly, I am not going to be able to do what I originally wanted to do. I cannot use either CGMP or IGMP snooping to filter HSRP multicasts. At least it does resolve the question I had. The document also gave me a bit of a "duh" moment. The whole reason I'm seeing the multicasts on every port on a given VLAN is because the switch has not learned the multicast MAC addresses (because they are destination and not source) and is flooding. If I know exactly what ports my HSRP routers are on then I should be able to manually configure multicast CAM entries on those ports and the flooding should stop. Does that sound correct?

    Tyler

  • RELEVANCY SCORE 3.13

    DB:3.13:Tracking In 7200 js



    I have two 7200 routers connected back to back, and an ATM link conneced to each router in one side and in the other side we have firewalls connected via Ethernet and (HSRP) between these two...

    My concern is, if there is any way two to configure the ATM interface to be forced to shutdown when ever the Ethernet comes down, without running any routing protocol?

    DB:3.13:Tracking In 7200 js


    Thanks a lot for your clarification. I believe it may be reached by using the object tracking (SAA) to achieve your target.

    Please check below, sorry for not able to help much on it.

    http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00801541be.html

  • RELEVANCY SCORE 3.13

    DB:3.13:High Availability Redundancy - Dc (For Routing Protocol) 38



    Dear Friends,

     

      Sharing a proposed architecture of datacentre (image attached). Where we are using below devices.

     

    1) Two routers for MPLS WAN (Rtr-1 Rtr-2)

    2) Two L3 core switches  (CSW-1 CSW-2)  -- with Etherchannel

    3) Two Perimeter firewall  (PF-1 PF-2) -- connected with DMZ

    4) Two Internal Firewall (IF-1 IF-2)

    5) Two L2 Access Switch ( ASW-1 ASW-2)  -- from where datacentre servers are connecting (zones). Etherchannel between both these switches.

     

    All Connectivity will be in High availability/redundancy mode. We have planned to run First HSRP instance between MPLS routers. Second HSRP instance between Perimeter firewalls and Third HSRP instance between Internal Firewalls.

     

    Although we feel that our high availability and redundancy purpose will be fulfilled with above mentioned process, but still request to please have a look into scenerio and advice if routing protocols (with their purpose) are also need to be implement between any of the devices.

     

    Thanks.

     

    DB:3.13:High Availability Redundancy - Dc (For Routing Protocol) 38


    Hello.

    If you use ASA as firewalls, you won't have an option to run HSRP there, but ASA has built-in HA solution.

    Also I doubt if it's a good idea to plug MPLS to the same FW, as Internet connection (but it's a matter of security requirements).

    PS: if you don't need a lot of throughput between DC and DMZ, then you might find FWSM useful.

    PS2: what switch will be servicing your DMZ zone?

  • RELEVANCY SCORE 3.12

    DB:3.12:One Pix 2 External Connections Using Hsrp On Same Subnet 7c



    I have one ISP with 2 connections on the same subnet using HSRP. I want to route specific traffic over one of the 2 using one PIX can this be done? right now the PIX is routing outside traffic to the virtual IP.

    Objective:

    1.Route all DMZ traffic outbound on the virtual NIC

    2.Route inside traffic going to the internet out the 2nd connections pointing to the physical IP bypassing HSRP.

    What would be best another PIX or adding a router on the outside and do some policy routing? Is there any good documentation?

    DB:3.12:One Pix 2 External Connections Using Hsrp On Same Subnet 7c


    If you want to load-balance. Here is another option:

    You can define an additional HSRP group on the two routers. This new group should prioritize the other (currently unused) router. You can divide you default route into two default routes 1/1 and 0/1, each pointing to two different next-hops (VIP).

    HTH.

  • RELEVANCY SCORE 3.12

    DB:3.12:4500-E Hsrp Ipv6 33



                       Hello,

    I have a DMZ where we currently have IPV4 and HSRP for vlan redundancy. We are looking to duel stack with IPV4 and IPV6. Where can I find duel stack configuration examples using interlan routing with IPV6. My current platform is 4500-E's and Supervisor 6-E running 15.1 (2) SG.

    Also what would the vlan setup look like. Listed below is what I am looking at.

    int vlan 22

    ipv6 address ?

    ipv6 enable

    standby version 2

    standby 22 ipv6 autoconfig

    standby priority 120

    no ipv6 redirects

    no ipv6 unreachables

    ipv6 nd ra suppress

    no shut

    DB:3.12:4500-E Hsrp Ipv6 33


    Hello David,

    I would say you would like to set up something closed to HSRP on your IPv6 network, for that I would recommend you to follow the next document:

    http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080b9119e.shtml

    Intervlan routing:

    https://supportforums.cisco.com/docs/DOC-23384

    Basically it would be almost the same

    IPv6 rocks man, it keeps almost the same configuration but improves a lot our network

    Regards

  • RELEVANCY SCORE 3.10

    DB:3.10:Design Question zm



    I would like some advice on setting up a routing plan for a small business. We use about 50 physical switches and about 25 VLANs. We currently use 2 3550 switches in a collapsed core model that perform routing and are setup using HSRP. I would like to build a stack of about 4 3750G switches and was wondering the following: from a design perspective, would it be better to configure 2 of the switches in the stack to run HSRP an take care of the campus routing, or would it be better to use a two dedicated routers and set them up using HSRP in a router on a stick configuration to handle campus routing? Thanks for any advise.

    Ken

    DB:3.10:Design Question zm


    Agree with Rick, stack of 3750s is much better.

    If possible, you might also consider connecting high bandwidth hosts directly to that stack, e.g. servers. If your plans for 4 3750Gs don't provide sufficient ports to do that, also consider adding more 3750Gs to the stack.

    Since the stack provide redundancy, you only need one HSRP instance.

  • RELEVANCY SCORE 3.10

    DB:3.10:Max. Of Groups Using Hsrp kd



    Anyone out there who knows the maximum number of HSRP groups that I can have on a single router? I have a combination of Cat4K6 L3 routing module and a 3662 router. If you could also be kind enough to show me the link to the appropriate documentation. Thanks in advance for your help.

    Regards

    Vincent

    DB:3.10:Max. Of Groups Using Hsrp kd


    To the extent that each HSRP group is to be assigned a unique MAC address (the normal mode of operation because too many boxes ignore gratuitous ARPs), the limit is 3 on 802.5 token ring and 256 on other media (see page 13 of RFC 2281).

    Many older Cisco routers (such as the 4xxx and 25xx) only support a single HSRP group due to hardware limitations (search CCO for "HSRP and Lance").

    As always, your mileage may vary...

    Vincent C Jones

    www.networkingunlimited.com

  • RELEVANCY SCORE 3.09

    DB:3.09:How Hsrp Supports Mpls Vpns 8d


    Core Issue
    Hot Standby Router Protocol (HSRP) provides redundancy for IP networks, ensuring that user traffic immediately and transparently recovers from first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address, which is configured as the default gateway on the hosts. From the group of routers configured in a HSRP group, the one with the highest priority functions as the active router and the one with the second highest priority functions as the standby router. The active router assumes the role of forwarding packets sent to the virtual IP address. If the active router fails, the standby takes over as the new active router. The active router responds to all Internet Control Message Protocol (ICMP) and Address Resolution Protocol (ARP) queries sent to the virtual IP address. 
    Multiprotocol Label Switching (MPLS) VPN provides a method to implement VPNs in the form of a peer-to-peer model and provides the benefits of both overlay and peer-to-peer models. In MPLS VPN, the Provider Edge (PE) router is the one where most of the functionality is implemented and configured. Apart from the default global routing table, the PE routers maintain separate instances of routing tables, called Virtual Routing and Forwarding (VRF) tables, for each customer whose routing requirements are different. They provide isolation between them.

    Resolution
    Before the introduction of the "HSRP Support for MPLS VPNs" feature, HSRP used to add the ARP entries and IP hash table entries to the default routing table instance, even if the interface was part of a VRF. This was causing ARP and ICMP echo requests for the HSRP virtual IP address to fail. With this feature, the entries are added to the IP routing table belonging to the VRF.
    This feature enables the use of HSRP for providing PE router redundancy when connected over a LAN. The PE routers can be configured to track their connections to the rest of the network and have their HSRP priorities adjusted to assume the active or standby role, depending on whether they have a route to the destination.

    For more information about this feature, refer to these documents:
    The HSRP Support for Multiprotocol Label Switching Virtual Private Networks section of Hot Standby Router Protocol Features and FunctionalityHSRP Support for MPLS VPNs

    DB:3.09:How Hsrp Supports Mpls Vpns 8d

    Core Issue
    Hot Standby Router Protocol (HSRP) provides redundancy for IP networks, ensuring that user traffic immediately and transparently recovers from first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address, which is configured as the default gateway on the hosts. From the group of routers configured in a HSRP group, the one with the highest priority functions as the active router and the one with the second highest priority functions as the standby router. The active router assumes the role of forwarding packets sent to the virtual IP address. If the active router fails, the standby takes over as the new active router. The active router responds to all Internet Control Message Protocol (ICMP) and Address Resolution Protocol (ARP) queries sent to the virtual IP address. 
    Multiprotocol Label Switching (MPLS) VPN provides a method to implement VPNs in the form of a peer-to-peer model and provides the benefits of both overlay and peer-to-peer models. In MPLS VPN, the Provider Edge (PE) router is the one where most of the functionality is implemented and configured. Apart from the default global routing table, the PE routers maintain separate instances of routing tables, called Virtual Routing and Forwarding (VRF) tables, for each customer whose routing requirements are different. They provide isolation between them.

    Resolution
    Before the introduction of the "HSRP Support for MPLS VPNs" feature, HSRP used to add the ARP entries and IP hash table entries to the default routing table instance, even if the interface was part of a VRF. This was causing ARP and ICMP echo requests for the HSRP virtual IP address to fail. With this feature, the entries are added to the IP routing table belonging to the VRF.
    This feature enables the use of HSRP for providing PE router redundancy when connected over a LAN. The PE routers can be configured to track their connections to the rest of the network and have their HSRP priorities adjusted to assume the active or standby role, depending on whether they have a route to the destination.

    For more information about this feature, refer to these documents:
    The HSRP Support for Multiprotocol Label Switching Virtual Private Networks section of Hot Standby Router Protocol Features and FunctionalityHSRP Support for MPLS VPNs

  • RELEVANCY SCORE 3.08

    DB:3.08:Hsrp ax



    Will HSRP support Appletalk protocol?

    DB:3.08:Hsrp ax


    No need to. AppleTalk clients and IPX clients dynamically seek out gateways off of their local network.

    If an AT or IPX computer loses connection to the one gateway it was using, it will just look for another. As long as there's a second router or L3 switch on the same cable-range and zone name (AT) or the same net number and frame type (IPX), the computer will find it and adjust automatically.

    HSRP was developed to provide IP computers with a similar robustness that is transparent to the end user.

    Hope this helps.

  • RELEVANCY SCORE 3.07

    DB:3.07:Which Protocol Routing Is The Best In A Conection With Isp ? 3m



    My question is: which protocol routing is the best (RIP2, BGP, IGMP, HSRP, IGRP, OSPF) to establish to connection with my ISP, or if it is very complicated to configuration of these protocols with the ISP and therefore is better to configure the routes manually.

    DB:3.07:Which Protocol Routing Is The Best In A Conection With Isp ? 3m


    How will you achive load balancing with ospf or static routes?

  • RELEVANCY SCORE 3.07

    DB:3.07:How To Configure Ipsec Redundancy With Hsrp ? 7d



    Hi,

    I want to configure IPSec redundancy with HSRP. Frame-relay as primary and ISDN as backup link. no dynamic routing. I referenced the following site but I cannot figure out exactly. how to treat the static routing(maybe I need floating routing) and the requirement of standby trap in case of serial interface down. please give me some configuraiton tip or related URL.

    http://www.cisco.com/warp/public/cc/techno/protocol/ipsecur/ipsec/prodlit/dplip_in.htm

    Thanks,

    DB:3.07:How To Configure Ipsec Redundancy With Hsrp ? 7d


    http://www.cisco.com/warp/customer/707/ipsec_feat.html

  • RELEVANCY SCORE 3.07

    DB:3.07:Configure Hsrp On Two Routers And Do Layer 3 Ip Routing On A Core Switch mm



    Hi ,

    Please help me configuration of HSRP with 3750 switch and two routers for internet backup.

    Regards,

    Easwar

    DB:3.07:Configure Hsrp On Two Routers And Do Layer 3 Ip Routing On A Core Switch mm


    Hi Eashwer,

    How did you go with this? Did you deploy the solution yet?

    Kishore

  • RELEVANCY SCORE 3.07

    DB:3.07:Ip Multicast Issues d1


    Core Issue
    IP multicasting provides a method to send information to a group of hosts at the same time, which is different from the normal IP unicast routing that sends information only to one specific host at a time. IP multicast relies on a data distribution tree built by a multicast routing protocol to deliver packets from the source to the receivers when they are connected to different networks. The most common issue in a multicast network is packets transmitted by the source not reaching receivers. Other issues could be related to the formation of the distribution tree itself, and unwanted flooding in LAN environments that use switches.

    Resolution
    One of the common causes of packets not reaching receivers is Reverse Path Forwarding (RPF) check failure. Once a multicast data distribution tree is formed using a multicast routing protocol, routers use RPF check to forward multicast packets from one interface to another. The RPF check verifies whether the packet arrived on the correct interface pointing toward the source to avoid loops. RPF failures may occur when there are multiple paths between devices that forward multicast traffic from a source to receivers, and the unicast routing topology is not congruent or the same as the data distribution tree of multicast topology.
    Another reason packets may not reach receivers is that the Time To Live (TTL) value of packets is not set enough to reach the receivers available in the various parts of the network. The TTL value of a packet is decremented at every hop as in unicast routing, and a packet is not forwarded if its TTL value is less than the threshold value that can be configured under an interface on the router to define multicast boundaries.

    Another multicast issue could be related to the building of the data distribution tree itself. Each multicast routing protocol has its own mechanism to build and maintain the tree. Dense mode protocols rely on flood and prune behavior, which should not cause problems. Sparse mode protocols rely on a device functioning as Rendezvous Point (RP) to build the tree for a multicast group, and every router in the network needs to know the RP-to-group mapping. This is done through manual configuration or automatic information distribution, which also involves some basic configuration. There are also mechanisms like filters available to control the distribution of RP information. Improper configuration of these features could lead to failure in building the distribution tree and affect the forwarding of multicast traffic.

    In LAN environments, comprising LAN switches (which is just a Layer 2 (L2) device forwarding packets based on MAC addresses) will lead to unwanted flooding of packets to parts of the network where there are no receivers. There are methods like Internet Group Management Protocol (IGMP) snooping and proprietary Cisco Group Management Protocol (CGMP) which avoid this unwanted flooding. Improper configuration of these features, or placement of source and receivers connected across the switch can still lead to unwanted flooding, which needs to be addressed.

    Using Multicast with HSRP.  When using multicast in an HSRP environment, care must be used in configuring multicast with the physical IP address as opposed to the HSRP logical address as the IP Address. If the HSRP address is used, multicast traffic will not be sent.
    For more information on these issues and how to solve them using various commands, refer to the IP Multicast Troubleshooting Guide.

    Source and Destination Physical Connectivity
    Source and destination exist on different subnetwork

    DB:3.07:Ip Multicast Issues d1

    Core Issue
    IP multicasting provides a method to send information to a group of hosts at the same time, which is different from the normal IP unicast routing that sends information only to one specific host at a time. IP multicast relies on a data distribution tree built by a multicast routing protocol to deliver packets from the source to the receivers when they are connected to different networks. The most common issue in a multicast network is packets transmitted by the source not reaching receivers. Other issues could be related to the formation of the distribution tree itself, and unwanted flooding in LAN environments that use switches.

    Resolution
    One of the common causes of packets not reaching receivers is Reverse Path Forwarding (RPF) check failure. Once a multicast data distribution tree is formed using a multicast routing protocol, routers use RPF check to forward multicast packets from one interface to another. The RPF check verifies whether the packet arrived on the correct interface pointing toward the source to avoid loops. RPF failures may occur when there are multiple paths between devices that forward multicast traffic from a source to receivers, and the unicast routing topology is not congruent or the same as the data distribution tree of multicast topology.
    Another reason packets may not reach receivers is that the Time To Live (TTL) value of packets is not set enough to reach the receivers available in the various parts of the network. The TTL value of a packet is decremented at every hop as in unicast routing, and a packet is not forwarded if its TTL value is less than the threshold value that can be configured under an interface on the router to define multicast boundaries.

    Another multicast issue could be related to the building of the data distribution tree itself. Each multicast routing protocol has its own mechanism to build and maintain the tree. Dense mode protocols rely on flood and prune behavior, which should not cause problems. Sparse mode protocols rely on a device functioning as Rendezvous Point (RP) to build the tree for a multicast group, and every router in the network needs to know the RP-to-group mapping. This is done through manual configuration or automatic information distribution, which also involves some basic configuration. There are also mechanisms like filters available to control the distribution of RP information. Improper configuration of these features could lead to failure in building the distribution tree and affect the forwarding of multicast traffic.

    In LAN environments, comprising LAN switches (which is just a Layer 2 (L2) device forwarding packets based on MAC addresses) will lead to unwanted flooding of packets to parts of the network where there are no receivers. There are methods like Internet Group Management Protocol (IGMP) snooping and proprietary Cisco Group Management Protocol (CGMP) which avoid this unwanted flooding. Improper configuration of these features, or placement of source and receivers connected across the switch can still lead to unwanted flooding, which needs to be addressed.

    Using Multicast with HSRP.  When using multicast in an HSRP environment, care must be used in configuring multicast with the physical IP address as opposed to the HSRP logical address as the IP Address. If the HSRP address is used, multicast traffic will not be sent.
    For more information on these issues and how to solve them using various commands, refer to the IP Multicast Troubleshooting Guide.

    Source and Destination Physical Connectivity
    Source and destination exist on different subnetwork

  • RELEVANCY SCORE 3.07

    DB:3.07:Hsrp Limited To 16 Groups? 7f



    The PFC2 supports a maximum of 16 unique Hot Standby Routing Protocol (HSRP) group numbers. You can use the same HSRP group numbers in different VLANs. If you configure more than 16 HSRP groups, this restriction prevents use of the VLAN number as the HSRP group number.

    Anyone know any way around this? I have more than 16 vlans that need to have their default gateway participate in these HSRP groups

    -Denny

    DB:3.07:Hsrp Limited To 16 Groups? 7f


    The HSRP group is per interface. So let's say you have 20 vlans. Each one can still have a group 1 (for example). The group 1s are not all common HSRP groups so you should be fine.

    -denise

  • RELEVANCY SCORE 3.07

    DB:3.07:Hsrp And Gre Tunnel 13



    I have location A and location B and C connecting to location A using serial interfaces with frame-relay encapsulation and GRE Tunnel configure on the interfaces. I am using EIGRP as routing protocol.

    I also configured the HSRP on location B and C to track my serial interfaces so when B is down I can still be up using C. HSRP seems to be working as expected, Serial interface goes down and it comes back up but my GRE Tunnel doesn't.

    For instance, if serial on router B goes down router C takes over without problem. Now, router A removes the router to router B since it is down. GRE Tunnel on router B is down, of course. When serial on B comes back up the GRE tunnel on the router stays down.

    Any advice?

    DB:3.07:Hsrp And Gre Tunnel 13


    Sorry I can't provide you with my configuration right now but I do use a dynamic routing protocol. It is EIGRP.

    As I said before, the tunnel remains down in both sides, router A and B. I forgot to mention that I am also using keepalives on the GRE tunnel.

    Thanks for your help

  • RELEVANCY SCORE 3.06

    DB:3.06:Hsrp Problems With Ospf jk



    hello all,

    I have an architecture problem. Here is my network

    architecture:

    /---------------Router B---------------\

    Router A LAN

    \---------------Router C---------------/

    On the LAN side, HSRP is configured (Router C is

    active). OSPF is used as routing protocol on each

    router.

    If Router C fails, HSRP works well and packets pass

    through router B after 10 seconds. But when Router C

    comes up again, HSRP immediately (in 10 seconds)

    redirects packets on Router C but OSPF routing table of Router C isn't effective before 1 minute so during 1 minute every packets are dropped. What can I do to avoid this problem?

    Thanks for your help.

    DB:3.06:Hsrp Problems With Ospf jk


    You can use the "standby preempt delay 60" directive to keep HSRP from immediately failing back to the primary router.

    http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipras_r/1rfip2.htm#xtocid34

    Mick.

  • RELEVANCY SCORE 3.06

    DB:3.06:Hsrp Taking A Long Time To Recover xd


    I was trying to do a HSRP test by reaching loopbacks of two routers from my pc. My PC can reach 192.168.100.151/32 almost immediately, however 192.168.100.150 takes 20sec to reach after i remove te1/1. I would like to find out if there's misconfiguration of my HSRP...

    HSRP configuration for C7609-1

    interface Vlan101

    ip address 192.168.101.1 255.255.255.0

    ip router isis

    standby version 2

    standby 101 ip 192.168.101.3

    standby 101 timers msec 500 msec 1500

    standby 101 priority 110

    standby 101 preempt delay minimum 5

    standby 101 track TenGigabitEthernet1/1 20

    end

    router isis

    net 49.0001.1921.6810.0150.00

    is-type level-1

    nsf cisco

    C7609-1#

    HSRP configuration for C7609-2

    interface Vlan101

    ip address 192.168.101.2 255.255.255.0

    ip router isis

    standby version 2

    standby 101 ip 192.168.101.3

    standby 101 timers msec 500 msec 1500

    standby 101 preempt

    end

    router isis

    net 49.0001.0192.1681.1510.00

    is-type level-1

    nsf cisco

    C7609-2#

    HSRP events

    C7609-1#

    *Aug  8 08:59:48.359: HSRP: Vl101 Grp 101 ARP src 192.168.101.101 tgt 192.168.101.3, reply with mac 0000.0c9f.f065

    C7609-1#

    *Aug  8 08:59:58.503: %TRACKING-5-STATE: 1 interface Te1/1 line-protocol Up-Down

    C7609-1#

    *Aug  8 08:59:58.503: HSRP: Vl101 Grp 101 Track 1 object changed, state Up - Down

    *Aug  8 08:59:58.503: HSRP: Vl101 Grp 101 Priority 110 - 90

    C7609-1#

    *Aug  8 08:59:59.991: HSRP: Vl101 Grp 101 Standby router is unknown, was 192.168.101.2

    *Aug  8 08:59:59.991: HSRP: Vl101 Nbr 192.168.101.2 no longer standby for group 101 (Active)

    *Aug  8 08:59:59.991: HSRP: Vl101 Nbr 192.168.101.2 Was active or standby - start passive holddown

    C7609-1#

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 Active: j/Coup rcvd from higher pri router (100/192.168.101.2)

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 Active router is 192.168.101.2, was local

    *Aug  8 09:00:47.023: HSRP: Vl101 Nbr 192.168.101.2 is no longer passive

    *Aug  8 09:00:47.023: HSRP: Vl101 Nbr 192.168.101.2 active for group 101

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 active 1-0, passive 0-1

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 Active - Speak

    *Aug  8 09:00:47.023: %HSRP-5-STATECHANGE: Vlan101 Grp 101 state Active - Speak

    C7609-1#

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 HA send sync state Speak

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 Redundancy "hsrp-Vl101-101" state Active - Speak

    *Aug  8 09:00:47.023: HSRP: Vl101 Removed 192.168.101.3 from ARP

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 Deactivating MAC 0000.0c9f.f065

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 Removing 0000.0c9f.f065 from MAC address filter

    *Aug  8 09:00:47.023: HSRP: Vl101 Grp 101 HA send sync hellotime 500 and holdtime 1500

    *Aug  8 09:00:47.023: HSRP: Vl101 IP Redundancy "hsrp-Vl101-101" update, Active - Speak

    C7609-1#

    *Aug  8 09:00:48.783: HSRP: Vl101 Grp 101 Speak: d/Standby timer expired (unknown)

    *Aug  8 09:00:48.783: HSRP: Vl101 Grp 101 Standby router is local

    *Aug  8 09:00:48.783: HSRP: Vl101 Grp 101 active 0, passive 1

    *Aug  8 09:00:48.783: HSRP: Vl101 Grp 101 Speak - Standby

    *Aug  8 09:00:48.783: %HSRP-5-STATECHANGE: Vlan101 Grp 101 state Speak - Standby

    C7609-1#

    *Aug  8 09:00:48.783: HSRP: Vl101 Grp 101 HA send sync state Standby

    *Aug  8 09:00:48.783: HSRP: Vl101 Grp 101 Redundancy "hsrp-Vl101-101" state Speak - Standby

    *Aug  8 09:00:48.783: HSRP: Vl101 IP Redundancy "hsrp-Vl101-101" standby, unknown - local

    *Aug  8 09:00:48.783: HSRP: Vl101 IP Redundancy "hsrp-Vl101-101" update, Speak - Standby

    C7609-1#

    Timeout when te1/1 is removed

    The virtual IP and 192.168.100.151/32 has minimum disruption, but the 192.168.100.150/32 has long disruption which I suspect could be related to ARP cache, but I would like to confirm with you all....

    C7609-2 route to loopback

    C7609-2#sh ip route 192.168.100.0

    Routing entry for 192.168.100.0/32, 2 known subnets

      Attached (1 connections)

    i L1     192.168.100.150 [115/20] via 192.168.70.1, 00:11:33, Vlan70

                             [115/20] via 192.168.40.1, 00:11:33, Vlan40

                             [115/20] via 192.168.30.1, 00:11:33, Vlan30

                             [115/20] via 192.168.1.1, 00:11:33, Port-channel1

    C        192.168.100.151 is directly connected, Loopback0

    C7609-2#

    C7609-1 route to loopback

    C7609-1#sh ip route 192.168.100.0

    Routing entry for 192.168.100.0/32, 2 known subnets

      Attached (1 connections)

    C        192.168.100.150 is directly connected, Loopback0

    i L1     192.168.100.151 [115/20] via 192.168.70.2, 00:12:40, Vlan70

                             [115/20] via 192.168.40.2, 00:12:40, Vlan40

                             [115/20] via 192.168.30.2, 00:12:40, Vlan30

                             [115/20] via 192.168.1.2, 00:12:40, Port-channel1

    C7609-1#

    Hope experts from here can help to clarify....I believe the HSRP configuration is fine... but the long period of timeout to 192.168.100.150 might be due to ARP cache and not the HSRP...

    DB:3.06:Hsrp Taking A Long Time To Recover xd


    Hi,

    Thank you for your reply. Anyway we have found out the problem.

    The long recovery time was actually not HSRP but STP...I have neglected that the network is a mixed of L2 and L3 redundancy...

  • RELEVANCY SCORE 3.06

    DB:3.06:Hsrp Routing Issue zf



    Basically, I m using two routers, router A and router B. Lease line on router A while ISDN on router B. On production time, only lease line is used as primary route. But, if lease line fails, all traffic will route to router B to trigger the ISDN. Really need all experts here to help on how to create the routing to establish this design. Thank you.

    DB:3.06:Hsrp Routing Issue zf


    Hi,

    Here is some link.

    If both lines in the same router

    http://www.cisco.com/warp/public/129/bri-backup-map-watch.html

    Each line in different router. I was planning this, until I found a simple setup using HSRP as what Rick recommended. In the LAN, since OSPF is use, it doesn't matter whether you use HSRP or not

    http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094052.shtml

    Troubleshooting Demand Circuit keeps bringing up the link

    http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009481b.shtml

    Advantages and disadvantages

    http://www.cisco.com/warp/public/123/backup-main.html

    Regards,

    Dandy

  • RELEVANCY SCORE 3.06

    DB:3.06:Hsrp Or Vrrp km



    I wanted to know which high availability protocol is good in a network environment with cisco switch router.

    HSRP or VRRP though we all know HSRP is a cisco standard but my colleagues are suggesting VRRP over HSRP.

    I would like feedback from my colleagues in this NetPro Forum that which one is better HSRP or VRRP and advantages of using HSRP.

    Thanks in advance.

    DB:3.06:Hsrp Or Vrrp km


    Hello,

    Take a look at the enclosed .pdf, a very useful comparison of redundancy protocols, I hope this will help you to choose the appropriate protocol based on your requirements.

    Good work.

  • RELEVANCY SCORE 3.06

    DB:3.06:Active Mls Entries With Hsrp ca



    Total Active MLS entries = 862

    MSFC 10.10.2.252 (Module 15) entries = 835

    MSFC 10.10.2.251 (Module 16) entries = 27

    ------------------

    I am looking for an explanation of the output above. I have two MSFCs configured for HSRP in this switch. This switch is a VTP client. I have full HSRP redundancy between this switch and the VTP server switch. In short there are two switches with two MSFCs each and each MSFC can route all intervlan traffic if in active mode. The MSFCs in each switch are identical except for the HSRP requirements for each VLAN interface. Module 15 is primary and module 16 is in standby for the VLANs assigned on the switch. I can reload module 15 and the transition is seamless to the connected users and servers. The output of SHOW STANDBY shows several state changes of VLANs that exist only on this switch as well as for VLANs that exist only on the VTP server switch. The changes of state do not coincide with any manual configuration changes. It is obvious that routing updates are taking place but the only place I can find that would affect this is the trunk between the switches. I would expect to see discards from the output of SHOW MAC on the trunk port if the trunk went down. This would cause the routing update but we would also see the outage while the trunk progressed through the STP states. I am using EIGRP as a routing protocol on the MSFCs.

    What is the school of thought when using EIGRP and load-sharing intervlan routing responsibilites between MSFCs? Should the EIGRP default maximum-paths be changed from 4 to 1?

    Any input appreciated.

    Thanks

    DB:3.06:Active Mls Entries With Hsrp ca


    Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

    If anyone else in the forum has some advice, please reply to this thread.

    Thank you for posting.

  • RELEVANCY SCORE 3.06

    DB:3.06:Hsrp Ip Routing Tracking xd



    I have 3 routers- see diagram. R2 is active hsrp with R1. what i am trying to do is track ip routing eth0/2 and eth0/3 on R2. if both interfaces loose EIGRP routes from R3, them decrement hsrp priority to 20. based on the configuration below, it looks like the tracking ip-routing only monitor the line-protocol for the interfaces not the routing reachability. can someone perhaps advise how to go about using hsrp based on ip routing (eigrp) on R2.

    track 1 interface Ethernet0/2 ip routing

    !

    track 2 interface Ethernet0/3 ip routing

    !

    track 100 list boolean and

    object 1

    object 2

    !

    !

    !

    interface Ethernet0/0

    no ip address

    shutdown

    half-duplex

    !

    interface Ethernet0/1

    ip address 192.168.151.252 255.255.255.0

    half-duplex

    standby 1 ip 192.168.151.254

    standby 1 timers 1 3

    standby 1 priority 115

    standby 1 preempt delay minimum 60

    standby 1 authentication secret

    standby 1 name LAB

    standby 1 track 100 decrement 20

    R2#sh ip route eigrp

    D 192.168.254.0/24 [90/409600] via 192.168.3.3, 00:00:15, Ethernet0/3

    [90/409600] via 192.168.2.3, 00:00:15, Ethernet0/2

    D 192.168.1.0/24 [90/307200] via 192.168.151.253, 00:00:15, Ethernet0/1

    [90/307200] via 192.168.3.3, 00:00:15, Ethernet0/3

    [90/307200] via 192.168.2.3, 00:00:15, Ethernet0/2

    R2#sh standby brief

    P indicates configured to preempt.

    |

    Interface Grp Prio P State Active Standby Virtual IP

    Et0/1 1 115 P Active local 192.168.151.253 192.168.151.254

    DB:3.06:Hsrp Ip Routing Tracking xd


    Hello Francisco,

    see the following link the ip route option

    http://www.cisco.com/en/US/docs/switches/lan/catalyst3750e_3560e/software/release/12.2_35_se2/configuration/guide/swhsrp.html#wp1074918

    track object-number ip route ip-address/prefix-length {metric threshold | reachability}

    metric threshold I think is AD, reachability if it can be accessed

    so if this works define track for some routes of interest that are learned from EIGRP

    Hope to help

    Giuseppe

  • RELEVANCY SCORE 3.05

    DB:3.05:Glbp Vs. Hsrp 1k



    currently, we are using hsrp protocol in a standard v topology using 6509 w/sup 720. within this design we have multiple odd and even vlans coming from our idf's into these 6509 for load balancing purpose. overall, will I receive greater divides from glbp or hsrp in my current environment. finally, if you are using glbp please provide any feedback regarding its overall performance within your network environment.