01-14-2014 07:25 PM - edited 03-01-2019 07:29 AM
I am considering using fabricpath as DCI within a campus network with two data centers. Understand HSRP localization not supported yet until Anycast HSRP is available. Will the workaround below work (both control and data plane): Configure the same HSRP group ID on both pairs of HSRP switches but configure a different authentication string. This will prevent the pair in Data Center East from becoming HSRP peers with the pair in Data Center West. When you do this, however, the pairs will still detect that their VIP is in use (by the other pair). This detection can be disabled in NX-OS with the “no ip arp gratuitous hsrp enable” command. The only thing i am not too sure is whether in the data plane, this will work ? Has anyone tried this out ? Thanks Eng Wee
Solved! Go to Solution.
01-18-2014 12:38 PM
Yes, that's why Anycast HSRP was developed. You do not need the HSRP localization with that. There are few trade-offs running FabricPath for DCI. Here are these :
- Dark fiber between DC's. You have a campus enviornment so getting this should not be an issue.
- Default gateway preferably out of one of the DC's, ie. Traffic will always leave and come back from the same DC. You will solve this using the Anycast HSRP.
- Unknown unicast and bcast will be shared across DC's.
-Your MDT traffic (Multicast/Unknown unicast/Broadcast) will also be hair pinned between the DC's. Even if you have source and receivers as the same site, your traffic will go all the way to the MDT root (which might be at the remote site) and come back to the same site. You need to carefully plan the MDT root placement and use the new FP multiple topologies feature to overcome this behaviour upto some extent. The ability to create multiple FabricPath topologies will alleviate this issue to a certain extent, in that groups of ‘local’ VLANs can be constrained to a particular site, while allowing ‘cross-site’ VLANs across the DCI link.
One point to remember that all your Leaf and Spine switches should support this new Anycast HSRP TLV which is exchanged in IS-IS control plane. So you need to upgrade all the boxes to support this TLV bit.
Hope this helps.
-amit singh
01-15-2014 01:24 AM
Just realised that anycast HSRP feature is available in NXOS 6.2. But not sure if it can be used for fabricpath HSRP localization. Based on my understanding from config guide, looks like it should work for fabricpath HSRP localization. Any comments appreciated. Thanks Eng Wee
01-18-2014 12:38 PM
Yes, that's why Anycast HSRP was developed. You do not need the HSRP localization with that. There are few trade-offs running FabricPath for DCI. Here are these :
- Dark fiber between DC's. You have a campus enviornment so getting this should not be an issue.
- Default gateway preferably out of one of the DC's, ie. Traffic will always leave and come back from the same DC. You will solve this using the Anycast HSRP.
- Unknown unicast and bcast will be shared across DC's.
-Your MDT traffic (Multicast/Unknown unicast/Broadcast) will also be hair pinned between the DC's. Even if you have source and receivers as the same site, your traffic will go all the way to the MDT root (which might be at the remote site) and come back to the same site. You need to carefully plan the MDT root placement and use the new FP multiple topologies feature to overcome this behaviour upto some extent. The ability to create multiple FabricPath topologies will alleviate this issue to a certain extent, in that groups of ‘local’ VLANs can be constrained to a particular site, while allowing ‘cross-site’ VLANs across the DCI link.
One point to remember that all your Leaf and Spine switches should support this new Anycast HSRP TLV which is exchanged in IS-IS control plane. So you need to upgrade all the boxes to support this TLV bit.
Hope this helps.
-amit singh
01-19-2014 05:49 PM
Hi Amit, Thanks for the reply. Any idea if Anycast HSRP is supported in N5K or N6K ? THanks Eng Wee
01-20-2014 05:53 AM
Yes coming up with end of the Feb/Early March release on N5K/6K.
You should be all set with this.
Cheers,
-amit singh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide