05-19-2022 06:53 AM
Hi guys,
We have a site with two primary and secondary layer 3 switches.
HSRP is configured on both.
192.168.1.2 as the Primary LAN interface
192.168.1.3 as the Secondary LAN interface
192.168.1.1 as the VIP
Both routers have been set up as a DHCP server.
We have issues with the primary WAN.
So no access to primary router but it's up, and no access to the switch. Nor remote hands.
We are think to force failover by setting the Secondary LAN interface with that 192.168.1.1 VIP.
But that would mean to reboot the switch and PC's because of the arp cache right?
Or would there still be issues due to the primary having that VIP also, as it will still give it out DHCP to new devices when arp are requested?
05-19-2022 06:58 AM - edited 05-19-2022 07:06 AM
HSRP track WAN interface "as I reply for your previous post"
DHCP must send to client the default GW as VIP of HSRP not router IP.
this make any HSRP active router reply to DHCP request with GW point to VIP.
05-19-2022 07:11 AM
Hi,
We just saw your reply after my colleague posted the second post for the cisco vendors.
We are doing that now for cisoc routers.
But for the drayrek, we are unable to configure WAN tracking.
But we are trying to break it down and understand the theory aspect of it.
As if manually assign the VIP to the secondary drayrek interface.
The DHCP would be given out by both primary and secondary drayrek router as they are still connected to the LAN.
But 192.168.1.1 will lay on both primary drayrek as the VIP, because primary still remains master. And secondary as we manually assigned the IP to the LAN side to try force it to failover.
But still not working on the drayteks.
Wondering if ARP cache whereby it is still binding the VIP to the virtual mac coming from the primary router.
05-19-2022 07:13 AM
config any IP SLA and use EEM and shut down the LAN this force the router to be standby.
05-19-2022 07:22 AM
We can't configure anything on the primary draytek as we can't remote on to it as WAN is down.
And we don't have remote hands to unplug or shutdown the LAN interface for the primary draytek on site.
So primary still remains up with the VIP I assume and giving out DHCP, and using the VIP 192.168.1.1 as the default gateway.
As well as the secondary, as we now have configured the LAN interface to use 192.168.1.1 to try point traffic to the secondary instead
05-19-2022 07:26 AM - edited 05-19-2022 07:26 AM
there is one solution BUT I don't test it
config one transit VLAN,
config HSRP active with static default route toward HSRP standby,
this make HSRP active even if it receive the traffic it will forward it to standby when it WAN is down.
05-19-2022 07:35 AM
But then that means.
I would need to configure that on the primary or active draytek.
I don't have access to the primary device, via the LAN nor the WAN.
Cannot remote on to it. Nor do we have remote hands.
I can only configure on the secondary or standby device as that is reachable because of the WAN.
I can configure a transit vlan. But then new dhcp requests which would be a broadcast, will go to the primary active also, and will reply back and assign the new devices
05-19-2022 08:13 AM
Friend you don't have access to active HSRP,
OK
make DHCP reply with only one IP which is standby and standby will have default route toward active.
any traffic come toward standby will forward to active.
also please config IP SLA to make sure that WAN connect to active is UP if not then the default route will be remove.
that what can we do with one router.
if anyone other have any other idea that they can help you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide