Re: Single vlan with multiple gateways

cmparish5 · ‎12-06-2018

So here is a question. I want to trunk the same vlan/subnet together between three geographically separated sites. Lets say vlan10 associated to subnet 10.1.1.0 /28.

Obviously I can create a single routed SVI interface at SiteA with IP address 10.1.1.1 /28 to act as the routed gateway for all three sites but then if a device on vlan 10 at SiteB wishes to speak to a device on Vlan 20 also at SiteB, it must first send it's traffic over the trunk to it's Gateway at SiteA. Then from SIteA be routed back to SiteB.

So rather then do this, can I simply set up at all three sites a routed SVI Gateway for the Vlan10 subnet?

paul driver · ‎12-06-2018

Hello

That would be a waste of network BW just so to communicate between a vlan on the same site.

How are these sites connected at present?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

cmparish5 · ‎12-06-2018

Exactly, which is why I do not want a single SVI for the subnet spanning multiple sites. I want an SVI gateway at each of the three sites for the shared subnet.

For this topology within our network the sites would be connected to one another fully meshed over a Layer 2 ELAN network.

a.alekseev · ‎12-06-2018

use HSRP with the same vip and group but different authentication between sites

cmparish5 · ‎12-06-2018

Can HSRP support a secondary virtual IP on top of 3 real IP's? I've only seen it done with 2 real IPs. And if so, in HSRP you have a priority so the subnet traffic for Vlan10 would still use only one of the three sites as it's gateway which I want to avoid for the aforementioned waste of BW.

a.alekseev · ‎12-06-2018

not secondary!

just run hsrp on three sites with the same virtual ip and hsrp group but use different authentication.

cmparish5 · ‎12-06-2018

Sorry I meant to say Standby IP. Not Secondary. So are you saying use the same Stanby IP at all three sites? Because that still requires setting one Standby with a priority greater then the Standby IP at the other two sites which means I'm back to traffic still only using the gateway at one site.

a.alekseev · ‎12-06-2018

all three must be active

cmparish5 · ‎12-06-2018

I tnink your talking about Gateway Load Balancing Protocol (GLBP) where you have multiple Gateways all active. HSRP always acts Active/Standby.

a.alekseev · ‎12-06-2018

I'm talking about HSRP

If you can you may run mpls + evpn and have anycast gateway.

If you cannot so try this trick with hsrp.

site 1
!
interface Vlan50
ip address 10.10.50.2 255.255.255.0
standby 50 ip 10.10.50.1
standby 50 authentication text SITE_1

site 2
!
interface Vlan50
ip address 10.10.50.3 255.255.255.0
standby 50 ip 10.10.50.1
standby 50 authentication text SITE_2

site 3
!
interface Vlan50
ip address 10.10.50.4 255.255.255.0
standby 50 ip 10.10.50.1
standby 50 authentication text SITE_3

cmparish5 · ‎12-06-2018

Okay, let me lab that up. I havent used authentication with HSRP before so I'm intrigued. Thanks!

The Farmer · ‎11-21-2023

So did you work it out in the end?.. I have 2 DCs, 1000 miles apart and have different management Vlans in each DC, but as servers get migrated from DC1 to DC2, the customer traffic IP on the customer traffic vlan, e.g. 10.2.1.0/24 goes across, with traffic shuttling across a 1000 mile link, causing significant latency... if original gateway in DC1 is 10.2.1.1 can I use 10.2.1.254 as a gateway in DC2, so that it routes locally in DC2 or back across the trunk, depending on where the traffic needs to go

Joseph W. Doherty · ‎11-21-2023

You certainly can have local gateways. The problem is, how do hosts "know" which gateway is local.

Of course if hosts have static IPs, you can set the desired gateway.

Richard Burts · ‎11-22-2023

Am I understanding correctly that 10.2.1.0/24 is configured and active at both sites? How are the sites connected.

If a user at one site accesses a server which has moved to the other site I don't see how you can avoid latency.

I like Joseph's point that you certainly can have 2 gateways for a subnet (one at each site) but the difficulty is how does the user device know which gateway tp use? Static configuration could accomplish this but is this a realistically feasible solution?

HTH

Rick

paul driver · ‎11-23-2023

Hello

@cmparish5 wrote:
Obviously I can create a single routed SVI interface at SiteA with IP address 10.1.1.1 /28 to act as the routed gateway for all three sites but then if a device on vlan 10 at SiteB wishes to speak to a device on Vlan 20 also at SiteB, it must first send it's traffic over the trunk to it's Gateway at SiteA. Then from SIteA be routed back to SiteB.

This is you best and viable option, the traffic will need traverse a interconnect anyway and if vlan traffic needs to route off the vlan then it will need to hit a routed interface anyway, so just have 3 routed SVI and the 3 sites, it will also cut down on BUM traffic if you had a large single vlan

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul