HSRP for automatic failover

Alexander Beirlant · ‎02-26-2016

We are getting 4k series routers in our branches, but we would like to have some redundancy. First we were looking at 1x 4451. But just 3 days ago we had one of our routers (3800 model) break after a reload during maintenance, and due to weather and logistical issues of our support provider, the site of 500+ people was unproductive for the following work day.

This made us consider putting in 2 routers in each branch with HSRP. The problem here is the cost of both router and extra circuits. So we thought of going with 2x 4331's. Initially we decided on 4451's because the 4331's do not have enough slots for all the cards we required. However if we went with 2x 4331's we would have enough slots for all the cards and modules we need. However that brings us to the point that the MPLS circuits would be on one router and the internet DMVPN Circuits on the other router (both types of circuits terminate at our head-end). In this case HSRP would no longer work.

Both routers would have to share the same IP address. I was looking at GLBP and PFR, but not if it is even feasible and if it is best practice. We also run WAAS.

e.ciollaro · ‎02-27-2016

Hi Alexander,

if you want to have full redundancy you need to have each router connect to Internet and to MPLS. If doubling the WAN links is too expensive I think that the only way to survive to a routers failure is to have a free WAN card on each router and manually disconnect WAN link form the broken router and reconnect it to the other one (obviously not the best solution). Have you got a slot for an extra card ?

I don't understand why you say that "In this case HSRP would no longer work". In normal condition you can use HSRP, it's enough to use an IGP between the two routers so that both has routes for MPLS networks and the default to Internet. The active HSRP router will route traffic to the other one. Isn't it ?

Finally in my experience is more likely to have a failure on WAN links then on routers (especially if they have a RPS) so if I had to choose, I would prefer one router and two WAN links instead of two router and single WAN circuit.

Bye

enrico

Joseph W. Doherty · ‎02-27-2016

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Finally in my experience is more likely to have a failure on WAN links then on routers

Ditto. In my experience what often "breaks" a device is "touching" it. Interesting, OP mentions break was after a reload done for maintenance. That said, having a second router does provide that extra bit of redundancy.

What you might also consider, if cost is a major factor, is using a secondary router that's a smaller model than the primary router. It would struggle with normal work load, but if you use QoS, you might be able to insure it might handle important traffic effectively. I call this my "compact spare tire" approach.

Anyway, also like Enrico, I'm confused by how HSRP wouldn't work, and I also agree, usually an IGP should be able to manage failure situations between two routers.

Alexander Beirlant · ‎02-29-2016

So there is no technology like VSS for routers that would see this as 1 logical unit? How would HSRP work properly with PFR (we are extensively using PFR in our environment)?

Joseph W. Doherty · ‎02-29-2016

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I'm unaware of a Cisco VSS like technology for any of its routers.

Why would you be using HSRP with (as a target of?) PfR? (Or, why would you be using HSRP with [as a target of?] dynamic routing?)

Alexander Beirlant · ‎02-29-2016

HSRP for automatic failover should the primary go down. PFR for load balancing traffic between the MPLS and the INET circuits.

e.ciollaro · ‎02-29-2016

If WAN links are xEthernet you could use a couple of stacked layer3 switch and configure their SVI in HSRP.

e

Alexander Beirlant · ‎02-29-2016

We also need WAAS, voice PRI's, Virtual servers, ... Switches cannot all run that, but these routers can...

Branch router redundancy questions