02-23-2011 08:06 PM - edited 03-03-2019 06:13 AM
Hi everybody,
Currently I'm working on the design of a customer network that has a HQ some Branches and almost the 90% of the services and servers are deployed on a Datacenter. The HQ, all the branches and the Datacenter are interconnected throuhgout an ISP MPLS WAN.
Every branch and the HQ will be segmented with VLANs to reduce the LAN broadcast. Some branches and the HQ have redundancy of routers by means of HSRP. (Se the figure below or attached file to get an approach).
My questions are:
Thanks in Advance
02-23-2011 09:19 PM
Your core switch is a single point of failure. You may want to reconsider.
For wan redundancy you could make trunks between the wan routers and core switch and create sub interfaces on the wan routers for each vlan using hsrp or vrrp addressing of the default gateway for each vlan.
Sent Cisco Technical Support iPhone App
02-24-2011 07:41 AM
Hi,
Thanks for the advice about the core switch. By now I only have this one available, but even if I have another core switch:
I have this doubt because if I user the option 2 then: I know that if my Primary Router fails, the Secondary goes up. But imagine the failure is on the Core Switch, that doesn't mean the Primary router failed, so can I assure that the Secondary Router starts to work to keep my WAN connection??
If the option is the number 1 then: I don't have free interfaces on the routers to do redundant connection to the two core switches.
Also could you send me some information about the configuration and deployment of HSRP o VRRP??
Thanks
02-24-2011 10:04 AM
If you add a second switch in the core you would just do what you call option 2. That way if either your core switch or your wan router go down it will use the backup path. Your single core switch will work for now.
Here is a link that discusses HSRP configuration:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080094e90.shtml
What you want to consider is you will be doing subinterfaces on each of your WAN routers - IE interface fastethernet 0/0.1; interface fastethernet 0/0.2 and interface fastethernet 0/0.3 etc for each VLAN. You dont have to make the ethernet 0/0.# number match the VLAN, but I would suggest it just to make troubleshooting easier. You would put the standby commands for each VLAN that you want HSRP to run on under the subinterface. I will show you one example - lets say you want to use 10.1.1.254 as the default gateway for vlan 1 - you could do something like this:
On router A
interface ethernet 0/0.1
ip address 10.1.1.252 255.255.255.0
standby 1 preempt
standby 1 ip 10.1.1.254
standby 1 priority 210
standby 1 track serial 0/0
On router B
interface ethernet 0/0.1
ip address 10.1.1.253 255.255.255.0
standby 1 preempt
standby 1 ip 10.1.1.254
standby 1 priority 200
standby 1 track serial 0/0
And of course you would do the same for each subinterface on each router.
To verify it is working, you could just type 'show standby' on the routers.
VRRP is configured similarly to HSRP, except it doesn't use the third IP address like HSRP does.
I am assuming you have the MPLS / WAN redundancy worked out via routing protocols???
Hope this helps!! Rate it if it does
08-27-2013 06:54 AM
I have installed on my core two Catalyst 4506, and would like to configuration the HSRP using a only one default gateway IP shared between all my VLANs (Subnets), this is possible?
08-22-2015 07:58 PM
if i may understand it, are you asking if it is possible to use one default gateway to beused by multiple vlans? well that is not possible as each vlan represents 1 network which and every network has its own default gateway which is within its network.
01-13-2015 07:23 PM
Yes, It is possible, This is the setup example in that case: Basic configuration
Setup Sub Interfaces on a Router: (do the same for each VLAN)
en
conf t
int gi 0/1
no ip address
int gi 0/1.10
encapsulation dot1q 10
ip address 192.168.10.1 255.255.255.0
HSRP Setup: (do the same for each VLAN)
int gi 0/1.10
standby 10 ip 192.168.10.10
DHCP Setup: (do the same for each VLAN)
ip dhcp pool vlan10
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
SWITCH port configuration (TRUNK)
interface FastEthernet0/1
switchport trunk allowed vlan 1-99
switchport trunk encapsulation dot1q
switchport mode trunk.
That is just the basic setup in order to have HSRP woriking on Router on a stick set up.
All the connections between Switches and Routers will be on VLAN1 (default) the Access ports will be assigned to the correct VLANs.
10-15-2015 05:54 PM
hi stamador, thank you for the answer.
I`m pretty new to IT so forgive me if my question is totally newbie...
reading your answer, I noticed you wrote on the DHCP setup:
"DHCP Setup: (do the same for each VLAN)
ip dhcp pool vlan10
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1"
but doesn`t the DHCP need to give the fake-IP address created by the HSRP (i.e. 192.168.10.10)?
isn`t the whole point to avoid the need to mess with the client`s DG configuration? if DHCP gives them the REAL physical IP address and the router fails, won`t we have to configure their new DG manually? I think the whole point of HSRP is to give a virtual-IP and the clients don`t need to know what physical interface is actually behind it...am I wrong?
can you elaborate why you made the DHCP give the "real" IP and not the standby IP?
thanx a-lot
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide