cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
219
Views
0
Helpful
2
Replies

HSRP, GRE and BGP all in a bucket

Gregg Hughes
Beginner
Beginner

Good afternoon, all!

I'm trying to wrap my head around a router topology we have. I need to know under what circumstances the topology will still fail without failing over. If you get my drift.

I have two datacenters with two perimeter routers in each. Router A and B in Datacenter 1, and router C and D in Datacenter 2. Each perimeter router is connected by one interface to an ISP. The other two interfaces are in a PortChannel configuration. The portchannel carries the HSRP configuration and is the bridge over which hello packets are exchanged.

Each router is also configured with SLA. They are tracking one or more remote hosts, such as Google, a root nameserver, and a public NTP server, all targets answering pings. 

I also have GRE tunnels between WAN interfaces in the two datacenters. TunnelW is set up between Router A and Router C, and TunnelX between RouterA and RouterD. Tunnels Y and Z are similarly set up between Router B and the two routers C and D in Datacenter 2. I only have one /24 public IP block, so I have these tunnels and static routes to direct packets destined to Datacenter2 but coming in to Datacenter1 Router A via BGP and vice versa.

If HSRP detects a failure either on the WAN interface or in reaching the remote host, the router fails over and its peer becomes active. 

Question: in the case of a remote host routing failure, the WAN interface would remain up and still trying to contact the remote host. Would the GRE tunnel also remain up, and would its peer in the other datacenter still try to route packets through the tunnel? Or is there an additional step HSRP takes to broadcast the router's status, and the tunnel would appear down to the peer and drop the route? 

The object of the game is to touch on as many points of failure as practical and either engineer a failover or at least recognize that there is a possibility that a router may fail in such a way that HSRP failover does not occur.

Any thoughts on how this design fulfills the game object?

Thanks to all for looking!

Gregg

2 Replies 2

Jon Marshall
VIP Community Legend VIP Community Legend
VIP Community Legend

It's not clear exactly how this works.

It sounds from your description like you are running HSRP between router pairs in each DC but then why would you need GRE tunnels so I'm guessing I am not understanding.

In answer to your specific question if the WAN interface remains up then the GRE tunnel does as far as I can see ie.HSRP simply controls which router is active nothing more.

It's difficult to say more without more details.

Jon

cofee
Contributor
Contributor

Question: in the case of a remote host routing failure, the WAN interface would remain up and still trying to contact the remote host. Would the GRE tunnel also remain up, and would its peer in the other datacenter still try to route packets through the tunnel? Or is there an additional step HSRP takes to broadcast the router's status, and the tunnel would appear down to the peer and drop the route? 

I am not quite sure what you mean by host routing failure. If I understand it correctly you are using WAN interfaces at both sites for GRE tunnel, so if the WAN interface (underlay) goes down  and GRE tunnel which is the overlay, will go down and in that situation standby HSRP neighbor should take over if everything is configured properly like tracking the wan interface and decrease its priority so the standby router can take over.

At Datacenter 2 you can have static routes configured towards Datacenter 1, pointing to active routers tunnel address and also have a floating static route pointing to standby tunnel address so if the primary router's tunnel is down it can remove that route and install the floating route. But you may have to use IP SLA because routers at datacenter 2 wouldn't know that primary router at datacenter 1 has lost its WAN connectivity/GRE tunnel.

Please let me know if there is something that I misunderstood.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers