There are several things in this environment that I do not understand. The post shows two router and two switches. And it talks about core switches. But it is not clear whether SW1 and SW2 are the core switches or are the core switches other switches not shown? And it does not explain what the routers connect to on the outbound side. Do they both connect to an ISP, do they connect to different ISPs, or do they connect to something that is not an ISP?

The post talks about vlan 10 connecting the 2 routers and 2 switches and allowing each of these devices to see 3 EIGRP neighbors. It does not tell us whether there are other devices in vlan 10 or not.

The original post mentions the default route from the core switches which suggests that the core switches are configured for layer 3 routing. But it does not tell us whehter the intention is to do the inter vlan routing on the routers or on the core switches. And the original post does not tell us whether the core switches are running EIGRP for the other vlans that may be configured on the switches.

If we make some assumptions we may be able to offer suggestions about this question. If we assume that SW1 and SW2 are the core switches, and assume that they are doing the inter vlan routing, and assume that they are running EIGRP on the user vlans (or are redistributing the subnets of the user vlans into EIGRP), and if we assume that vlan 10 is used only to connect the routers and the switches then we are able to say that this is a good design which does provide redundancy (assuming that both routers have essentially similar connections outbound. The routers do not need a separate physical connection. And with using EIGRP between the routers and the switches there is really not much need for HSRP. HSRP is most useful when there are devices that use arp to locate their next hop device and have a single IP configured as their gateway. But that is not the case with SW1 and SW2 running EIGRP.

HTH

Rick

Hi Guys

Looks like I have put on a confusing post, sorry about that. I have quickly drawn up a diagram, please see attached.

So clients connected to the access switches go to the core switches where the gateways are for all access devices. The core switches are running HSRP so providing an Active/Standby gateway per vlan.

The core switches then have a default route to the routers. There are 2 routers, each connecting into a separate ISP for redundancy. The WAN is an MPLS running DMVPN with EIGRP running over it. The routers are running HSRP to present a single gateway (VIP) to the cores.

So the reason for running EIGRP between the routers and core switches is so I can advertise my local subnets over the DMVPN to other branches.

My question is, currently if we look at R1, it has a neighbour relationship with R2, S1, and S2 over a single VLAN. Other VLANs have been passived out. Is that a good way to configure the routing between the routers and the core switches.

I hope that that is clearer. 

Thanks

You definitely want to use passive for the client vlans so that is a good thing.

The only thing that is unclear is why you are running HSRP on the routers.

If you want to favour one router over the other then you could influence the EIGRP metrics rather than run HSRP.

What is the reasoning for using HSRP ie. is only link meant to be active and the other purely for failover ?

Jon

Yes the reason for HSRP on the routers is primarily for an active and standby gateway. Although I have performance routing running on the routers so traffic is load balanced out the DMVPN where possible.

The reason to provide redundancy in the network is to provide an alternate path in case of some failure of a network device. There are several ways to provide redundancy in a routed network.

HSRP is especially useful in cases where devices are configured with a single gateway IP address and have difficulty when that single address becomes unavailable. This is typically the case when PC hosts in a network segment have a single gateway configured.

A dynamic routing protocol is another way to provide redundancy. By running EIGRP between the switches and the routers you have provided a different mechanism to deal with the failure of a device.

In this implementation which uses both HSRP and EIGRP you have deployed two mechanisms to deal with failure of a single device. Either one by itself would work and would provide failover capability if a device fails. Running HSRP with a configured static default route negates most of the benefit of running EIGRP. So my question is why use both mechanisms?

HTH

Rick

Hi 

Tanks for all the responses. I think it has made me better understand HSRP and EIGRP in terms of redundancy. Yes I can see now there is no point on using both. 

Even for PFR where all traffic is initially sent to 1 router which decides which exit path to use, I suppose I can use either HSRP or EIGRP although the design guide discusses using HSRP. 

But I can now see in this setup, as I want the core switch subnets advertised out for now, EIGRP would be the better options.

Sorry for the unclear post but it was more to do with my confusion. 

Thanks

I am glad that this discussion has given you a better understanding of the issues. Providing redundancy can be a very important part of setting up a network and frequently there are choices to be made between various alternatives that are available. Given the environment that you describe and especially with the need to advertise the core switch subnets I would agree that running EIGRP is the optimum choice.

HTH

Rick

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising  out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

PfR too?  That's just on the two routers, correct?  PfR is injecting routes into EIGRP?

Like Rick, still unclear why you have HSRP between the routers and the two core switches, or are using static routing on the core switches in addition to EIGRP.

In the past, I've used static routing on L3 switches (w/o IP Services license) to routers hosting mHSRP, as I wasn't running a dynamic routing protocol on the switches, but that's not the case here.

I'm also unclear the advantage of running R1, R2, S1 and S2 within the same VLAN, so they each see each other as directly connected EIGRP neighbors.  This for PfR?  Or, our you trying to insure S1 or S2 see ECMP to R1 and R2?

Do not S1 and S2 "know" your whole EIGRP topology?  The only reason for using a default route is for directing to the HSRP virtual GW?  Is the default route actually used?

Joe

Agreed, not sure why EIGRP and HSRP which is why I asked about default gateways.

Jon