Solved: Re: Vrrp and vlan

BenjaminBelpaire3711 · ‎08-28-2019

Hello,

at my workplace we have 2 routers put together with VRRP into a virtual router. Router X being master and Y back-up. All our vlans have basicly the same config.

A colleague of mine wanted to try somthing with a new vlan and added it on router Y. For this vlan he didn't config vrrp so that specific vlan is only running on router Y.

My question now is, when everything is set-up with vrrp should this vlan be set-up with vrrp on both physical routers aswell? We tried to get an IP adress on a client for that specific vlan but it didn't work. Is vrrp the cause?

Giuseppe Larosa · ‎08-28-2019

Hello Benjamin,

it is fine to define the new Vlan and IP subnet only on router Y, but router X needs to be informed of its existence.

with shared Vlan I mean a DIFFERENT vlan to give Router X a valid IP next-hop for the specific static route.

Example:

new vlan is 781 and new IP subnet is 10.20.221.0/24

vlan 50 is shared between RX and RY 10.20.50.2 on RX and 10.20.50.3 on RY

then on RX you can do the following:

ip route 10.20.221.0 255.255.255.0 10.20.50.3

I hope now it is more clear with the example.

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎08-28-2019

Hello Benjamin,

>> My question now is, when everything is set-up with vrrp should this vlan be set-up with vrrp on both physical routers aswell?

Yes, VRRP requires both routers to be connected to the same Vlan / IP subnet to work

>> We tried to get an IP adress on a client for that specific vlan but it didn't work. Is vrrp the cause?

No, verify if you have configured an ip helper-address <DHCP-server> on the new SVI for the new Vlan.

Also the IP subnet of the new Vlan has to be advertised in IGP for example in EIGRP or OSPF.

also on the DHCP server a new DHCP pool of addresses for the new subnet needs to be configured.

Hope to help

Giuseppe

BenjaminBelpaire3711 · ‎08-28-2019

The DHCP pools are made and the SVI has the ip helper-address for both of the dhcp servers. So that's not the problem. We also have a static route for the whole range (we got a /19 and split it up in different subnets but the /19 has a static route ready on the routers).
Router Y, which is back-up in all the vrrp setups, is the one that has the new vlan. This Vlan is only configured on router Y and not on router X. The new vlan doesn't have vrrp set-up yet.

Giuseppe Larosa · ‎08-28-2019

Hello Benjamin,

Router X needs a specific static route pointing to Router Y on a shared Vlan to know that the new subnet is alive.

If the /19 aggregate route points to RX and RX does not know about the new IP subnet packets are silently dropped = sent to Null0.

Hope to help

Giuseppe

BenjaminBelpaire3711 · ‎08-28-2019

Hello Giuseppe,

what if it's not a shared vlan? Since the Vlan is only known on router Y. At the moment our network is redundant. we wanted to test something and made a new vlan. We only made it on router Y so if router Y would crash every vlan would still work but the new one we made because only router Y has it in it's config.

Giuseppe Larosa · ‎08-28-2019

Hello Benjamin,

it is fine to define the new Vlan and IP subnet only on router Y, but router X needs to be informed of its existence.

with shared Vlan I mean a DIFFERENT vlan to give Router X a valid IP next-hop for the specific static route.

Example:

new vlan is 781 and new IP subnet is 10.20.221.0/24

vlan 50 is shared between RX and RY 10.20.50.2 on RX and 10.20.50.3 on RY

then on RX you can do the following:

ip route 10.20.221.0 255.255.255.0 10.20.50.3

I hope now it is more clear with the example.

Hope to help

Giuseppe