cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1210
Views
0
Helpful
2
Replies

HSRP and advertised routes

jpearson
Level 1
Level 1

Have two routers (A and B) setup on the same LAN (10.208.16.x/24). A is the primary and B is secondary HSRP routers.

Since the two interfaces are both up, both routers advertise the route to 10.208.16.x/24. When I set the metrics the same, everything works as long as both routers and interfaces keep working. To keep asymmetric routes from occuring, I have changed the metric for the path to router A to make it preferred. Everything is stable. If router A fails or the Interface fails or goes DOWN (keyword), then B takes over and the only route the system sees if to B. However, if the interface on router A does not go DOWN, router A will continue to advertise the route (a preferred route) to 10.208.16.x/24. The cases I have found when the router A interface does not go down are when the VLAN is corrupted between routers A and B, and when a switch link failure splitting a VLAN into two segments. In both cases, I effectively get TWO primary HSRP routers and routes advertised by both for the same subnet.

Several Questions:

1) How can I link the advertisement of an Interfaces IP subnet to the state of HSRP (Primary-advertise; Secondary-don't).

2) How can I make HSRP work (with some help) in a split LAN situation? (At least until I can get it fixed.)

3) Is there any configuration (on the HSRP side to a single LAN) that avoids this problem?

2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello James,

1)

HSRP just provides a virtual default gateway and actually does not interact with routing protocols and IP routing table.

HSRP priority can be manipulated with tracking.

so you may be able to change the HSRP priority based on the existance of a specific route.

see

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_eot.html#wp1054818

the reverse to change parameters of an advertised route depending on HSRP state should not be possible.

to be noted that unless firewalls are on the path asymmetric routing is not a problem at all: the return traffic can come back from the HSRP standby router.

if firewalls are involved the primary device has to advertise with a lower metric the subnet as you have already done

2) if the vlan is splitted both routers will become HSRP active because they don't see each other HSRP hello messages.

both routers will advertise the IP subnet associated to the vlan because their L3 interface is up/up.

in this case no complex tracking would help each router promotes itself to HSRP active.

IP connectivity is a problem for return traffic: traffic has 50% percent probability to go back to the right router.

the best thing is to provide link redundancy for inter-switch communication so that this split event is made unlike because it would require multiple link failures

an etherchannel between the two switches is a common choice acting as L2 trunk and permitting all client vlans.

Hope to help

Giuseppe

I think even with L2 trunk between the two switches there is still some issues with the asymmetric traffic. I have read that you need to modify the arp timer to match the mac aging timer or vice versa.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco