cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1726
Views
3
Helpful
4
Replies

Spanning tree influenced HSRP Standby Priority?

a.kiprawih
Level 7
Level 7

Hi,

I have 2 x core switches with HA/redundancy (hsrp for vlans). The switches are linked via DOT1 trunk. 10 Vlans exists (vlan 1 to vlan 10). Core 2 hosts 3 active Vlans (with higher hsrp standby priority, lower in core2).

Example:

Core 1 ? Vlans with higher spanning tree (8192): 1,2,3,4,5,6,7,8,9,10

Core 1 ? Vlans with higher hsrp standby priority (150): 1,2,3,4,5,6,7

Core 1 ? Vlans with lower/default hsrp standby priority (100): 8,9,10

Core 2 ? Vlans with lower spanning tree (16384): 1,2,3,4,5,6,7,8,9,10

Core 2 ? Vlans with higher hsrp standby priority (150): 8,9,10

Core 2 ? Vlans with lower/default hsrp standby priority (150): 1,2,3,4,5,6,7

Some access switches are dual-homed to core1 and core2, others single-homed.

Both core1 and core2 host link to other sites - core1 to site A via a L3 device (sw1), core2 to site B via a L3 device (sw2).

Spanning tree priority for all Vlans are set higher (8192) in Core1, and lower in Core 2 (16384).

Questions:

1. Will the outbound traffic from vlan in core 1 with higher spanning tree priority and hsrp standby priority be affected if it wanted to go to site B which need to pass through the core2 switch?

2. Will the outbound traffic from vlan in core2 with lower spanning tree priority but higher hsrp standby priority be affected if it wanted to go to Site A which need to pass through the core1 switch?

3. Am I right to say that for the vlan design, Layer 2 should follow Layer 3 priority assignment, meaning if a Vlan is configured with higher spanning tree priority in core1, the hsrp standby priority must also set to higher. Is this a best practice approach?

The reason I asked is because :

1. I need to verify, specifically on the existing vlan design and priority assignment.

2. I encountered problems where a dual-homed switch belongs to Vlan with higher spanning tree and hsrp standby priority in core1 cannot reach site B (connected in core2). Same issues with to a vlan in core2 with lower spanning tree priority but higher standby priority that cannot reach site A via core1 switch. Even if the uplink to core1 is disconnected, hoping that route/path selection will automatically flow through core2, the traffic still unable to pass through.

Is the problem occurred due to difference in spanning tree and hsrp standby priority in core1 and core2 for the same vlan? The solution approach is to connect core1 to sw2, and core2 to sw1 directly (criss-cross) via routing port (L3).

Welcome any suggestions & input.

Thanks

AK

4 Replies 4

ananddiwakar
Level 1
Level 1

Hie AK,

The good practice in a LAN would be to match STP root with HSRP primary. In a core switch, for the VLANs having LOWER STP priority, HSRP priority should be higher and vice versa. For example in your case

Core 1: VLANs 1 to 7 STP = 8192, HSRP = 150

VLANs 8 to 10 STP = 16384, HSRP = 100

Core 2: VLANs 1 to 7 STP = 16384, HSRP = 100

VLANs 8 to 10 STP = 8192, HSRP = 150

This is to keep same L3 switch as STP root and HSRP primary.

Of course even if you do not configure like this, there should not be any problem with communication. Communication from all VLANs to both the sites should work fine even in your current scenario.

While implementing this you may want to look further in details for the VLAN assignment on switches which are not dual homed to cores.

Hi Anand,

That is something that I am trying to achieve - spanning tree and hsrp priority for vlans should be similar (same higher or lower) in both core1 or core2.

But I do not get better picture why in core1, when I do 'sh ip route ', it gives me multiple path/route instead of one absolute path. And those multiple path/route are actually pointing to the IP belongs to Vlans interface IP.

It was solved by connecting the core1 and core2 to the sw1 and sw2 to reach destination site A and B respectively. BTW, I am using eigrp as routing protocol.

Any idea?

Thanks

AK

Well, STP and HSRP priorities should not be similar. If STP is LOWER then the switch should have HIGHER HSRP priority for those VLANs. This is because switch having lower STP priority becomes STP root but in HSRP, switch having higher priority becomes primary.

As for the issue you have faced, it seems some kind of looping. Would it be possible for you to post the diagram so as to get clear idea.

What I meant with "spanning tree and hsrp priority for vlans should be similar (same higher or lower) in both core1 or core2" was to have specific Vlan set with higher spanning tree priority (8192) and hsrp 150, compared to the configuration on the other switch with lower STP priority (16384) and lower HSRP (100 - default).

For the communication/routing issue, I have 1 x dot1q trunk between the core switches. This is the only way core1 and core2 can communicate (routing and Vlan communication).

Other than that, all looks quite straight forward. My eigrp only advertise network ID and does not enabled auto summary (meaning no auto-summary).

Thanks

AK

Review Cisco Networking for a $25 gift card