Re: HSRP with two 5509 with 30 vlans

yhatami · ‎10-10-2002

I am getting ready to setup a 5509 to do HSRP with a current 5509 I have set up before. The current 5509 have about 30 VLANs. The steps bellow are my plan, but where I have question mark, I need to verify if its correct or not and why?

1. create vlans and the same name on the new switch.

2. create the vlans interfaces with the ip address on less than the current 5509’s vlans interface.

3. change the current 5509 vlan ip address to two less that its original address.

4. configure the standby ip address as the original ip address of the current vlan interface, so I do not have to change the default gateway of all devices.

5. on the current RSM, setup standby priority of 15 vlan inteface with value of 200 and other 15 vlan interface with standby priority of 100. for the new RSM do the same opposite.

6. set up the second switch to vtp server mode with same name????

7. create MHRSP for load balancing???

8. make current switch to be the root for 15 vlans and make the second switch to be the root for the other 15 vlans.

9. if I configure all the vlan interfaces to do hsrp, how can I remotely telnet or monitor the primay and secondary 5509?

10. Do I need to setup ospf or eigrp between the 5509’s??? or how Eigrp or ospf can be useful in this situation.

thisisshanky · ‎10-10-2002

You can put the second switch in same VTP domain. If the current switch is VTP server, the other can be configured as VTP client.

At step 5, you are configuring switch 1 as active router for 15 vlans, and switch 2 as active router for remaining 15 vlans. But if you do it this way, All PCs in a vlan (say vlan 1), will have always switch 1 as active router and switch 2 as standby router. (ofcourse during failover status of HSRP does changes from switch 1 to switch 2, but all the PCs will share one default gateway, all the time).

Or you can use MHSRP, in which you will create multiple HSRP groups say group 1 and 2. All vlans will be members of standby groups 1 and 2. But For group 1, you can decide, which router is active, and for group 2, you can decide, which router is active. So vlan 1, can have switch1 as active for group 1, while in group 2, it would have switch 2 as active. The advantage of this is, if you have 100 pcs in vlan 1, you can split them up into 50 - 50, the first 50 pcs would use switch 1 as active router, while second 50 would use switch 2 as active router. This sounds like a more effective load balancing configuration, than the first.

To remotely monitor the primary and secondary routers. If you are configuring MHSRP, you will be deciding, for each vlan, which switch is going to be active. So you can use the corresponding virtual ip addresses ( of that group) to monitor them.

You dont really need to set up a routing protocol between both of them, because both have the knowledge about all the vlans (all 30). But if there are more vlans in the current switch, than in the new one, then you should consider about routing with a protocol.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

yhatami · ‎10-10-2002

I should have the back up and the primary switch as vtp server??? if I set up the back as a vtp client I can not creat any vlan. or if the primary fails, the back has no vlan database, so therefore I was asking if i can have back switch and the primary switch i vtp server mode as long as the vtp domain name matches?

the problem with doing mhsrp here is all pc are configrue with the primary's RSM's vlan interface ip address as the gateway, so in order not to changing everybody's gateway is to change the primary's current ip to one less then its now and change the standby address as the current vlan inteface ip address. Can I create group across the vlans? i.e can i put vlan 1-10 in group 1 even though they are in differen subents? and put 20-30 in group 2?

to telnet to a switch A if it is the active router for group 1 (172.16.10.254) To telnet to swtich B which is active for group 2 172.16.20.254. is that what you are saying? this way you can telnet and monitor both switches???

thisisshanky · ‎10-10-2002

You cannot create or assign the same group number to all vlans ( or like what u wanted 1-15 in same HSRP group). Each vlan should have a unique HSRP group created. MHSRP might not be suitable for you, since, you have to change the default gateway on PCs.

Related to monitoring, what you have replied is correct.

And also. You can configure both of them as servers. Actually vtp server is the default setting on all switches.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

yhatami · ‎10-10-2002

just to clarify things.

1. I can have both switch A, B in VTP-Server mode to back one another.

2. Create the same VLAN numbers and name on the second switch to match the first switch.

3. Assign the current switch the root for 15 vlans and assign the second switch the root for the other 15 vlans.

4. On the RSM assign 15 vlan interfaces standby with priority 150 and the other 15 with priority of 100 for load sharing.

5. you can monitor both switches based on the which vlans its active for.

6. you can not assign MHSRP, with interfaces across subnet or vlan?? MHSRP only works if the interfaces are on the sam subnet??

thisisshanky · ‎10-10-2002

If you create 30 vlans (say 1 through30 ) in RSM 1, the same 1 through 30 has to be configured in RSM 2. Also you have put each vlan in a single HSRP group. That means you need 30 HSRP Groups to be defined.

vlan 1 - standby group 1

vlan 2 - standby group 2

etc....

vlan 30 - standby group 30.

This is applicable in both the RSMs. You cannot put two vlans in same HSRP group. Now for the first 15 vlans (that is first fifteen groups) you can set the active router as RSM1, while the next 15 vlans (next fifteen groups) you can set active router as RSM 2.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus