cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3007
Views
7
Helpful
16
Replies

HSRP and non-Cisco Switches

fvalpondi
Level 1
Level 1

Hi everyone,

I just wanted to ask you about HSRP interoperating with non-Cisco switches.

I got two Cisco 2800s with four different interfaces (3x FastEth, 1x ISDN).

HSRP will be configured for three of them (the fourth is an ISDN connection, and as far as I know, HSRP does not work with ISDN interfaces).

Well, the both routers will be connected in each network to a non-cisco switch (i proposed Catalyst, but the Boss said it had to be with unmanaged D-Link).......

My question is:

- HSRP uses a well-known MAC address for identify the interfaces.

- The switch will register this MAC address in the MAC-Table for each router. It means that he active link will have the well-known HSRP-MAC address.

- What will happen if the router fails? After all, the HSRP-MAC address will still be in the Forwarding Table of the switch, right?

- Will it not be a problem for the switch this issue?

- Which solution do I have? The switch is non-managed......

Thanks a lot! ;-)

Best regards,

Fabio

3 Accepted Solutions

Accepted Solutions

simontibbitts
Level 1
Level 1

Hi Fabio.

You will have a problem as when the standby router takes over from the active then it sends a gratuitius ARP which then changes the MAC table on the switch and also changes the ARP table on the devices.

This link is good at understanding the process, if you scroll down a bit you can see that a 'I' action happens when and 'Event 3' happens.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic15

Simon

View solution in original post

- If R1 is the active router (and R2 the Standby), the 0000.0c07.acXX address will be linked to the Port 3 - Yes

- If PC1 or PC2 try to communicate the outer world, will jump over R1 - Yes

- If R1 fails, the 0000.0c07.acXX address will still be linked to the Port 3 of the switch, right - No depoends on the below.

- When R2 activates, the switch will have the address 0000.0c07.acXX in Port 3 as well as Port 4. Am I right - R2 will send an ARP Broadcast, the switch should re-write it's cam/mac address table pointing the virutal mac address to port 4

- What happens then if PC1 or PC2 try to reach t he outer world? - if the above step is OK, there will be no issues

- When I say that the switch is unmanaged is that it has no menus or confugration options. That means I cannot change agings - Should not make a great deal of difference, what modle is the switch>

View solution in original post

Hello Fabio,

what Simon is saying is that when an HSRP switchover happens the new active device will send out a Gratuitous ARP.

The frame has a destination of broadcast and a MAC source = HSRP VIP MAC addres.

in this way switches CAM tables are updated.

This should work even with unmanaged switches like the ones you have to use.

Actually without that gratuitous ARP HSRP would be of no use with any type of LAN switches it is a needed step.

PCs ARP tables are not affected by this message because it restates known information

Hope to help

Giuseppe

View solution in original post

16 Replies 16

andrew.prince
Level 10
Level 10

- HSRP uses a well-known MAC address for identify the interfaces - YES 0000.0c07.acXX

- The switch will register this MAC address in the MAC-Table for each router. It means that he active link will have the well-known HSRP-MAC address - YES

- What will happen if the router fails? After all, the HSRP-MAC address will still be in the Forwarding Table of the switch, right - YES

- Will it not be a problem for the switch this issue - Should not be an issue

- Which solution do I have? The switch is non-managed...... Please clarify

Hi Andrew,

thanks for your response.

Actually the first two points were not questions, but statements that lead to the question.

Just suppose I have this topology:

PC1----|1 3|----R1--|

···········|·····|············|--- outer world (rest of the network)

···········|·····|············|

PC2----|2 4|----R2--|

- If R1 is the active router (and R2 the Standby), the 0000.0c07.acXX address will be linked to the Port 3.

- If PC1 or PC2 try to communicate the outer world, will jump over R1.

- If R1 fails, the 0000.0c07.acXX address will still be linked to the Port 3 of the switch, right?

- When R2 activates, the switch will have the address 0000.0c07.acXX in Port 3 as well as Port 4. Am I right?

- What happens then if PC1 or PC2 try to reach t he outer world?

- When I say that the switch is unmanaged is that it has no menus or confugration options. That means I cannot change agings, ...

thanks! :-)

- If R1 is the active router (and R2 the Standby), the 0000.0c07.acXX address will be linked to the Port 3 - Yes

- If PC1 or PC2 try to communicate the outer world, will jump over R1 - Yes

- If R1 fails, the 0000.0c07.acXX address will still be linked to the Port 3 of the switch, right - No depoends on the below.

- When R2 activates, the switch will have the address 0000.0c07.acXX in Port 3 as well as Port 4. Am I right - R2 will send an ARP Broadcast, the switch should re-write it's cam/mac address table pointing the virutal mac address to port 4

- What happens then if PC1 or PC2 try to reach t he outer world? - if the above step is OK, there will be no issues

- When I say that the switch is unmanaged is that it has no menus or confugration options. That means I cannot change agings - Should not make a great deal of difference, what modle is the switch>

But...it would depend if the switch erases the "old" association to P3 when it receives the ARP from R2 in the P4.

If the switch is not able to do that, it could be the case, that one address was registered by the two ports...!

As this D-Link switch is crap, I do not know how it works...there is not even a "serious" manual...

Well does it have a model number??

Have you tested this??

The switch is the D-LINK DES1024D.

An alternate switch (if the D-Link does no work correctly) could be the Siemens Scalance X-200 Series.

I still have not implemented this upgrade for the network. I will do it in the next weeks.

thanks again for your help!

The manual does state is has an 8k mac address table, but nothing about timeouts etc.

A simple lab test would be two connect to pc's to it - have a constant ping going from one to another, then just swap over one of the cables from one port to another - same thing as HSRP.

You just time and count the lost pings.

Yes, when I get the 2nd router I'll do the tests and let's see....I hop it will work :-)

simontibbitts
Level 1
Level 1

Hi Fabio.

You will have a problem as when the standby router takes over from the active then it sends a gratuitius ARP which then changes the MAC table on the switch and also changes the ARP table on the devices.

This link is good at understanding the process, if you scroll down a bit you can see that a 'I' action happens when and 'Event 3' happens.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic15

Simon

Hi Simon,

thanks for the answer.

The problem should only be at the Switch, since the PCs will mantain the HSRP-Mac address. right?

Well, I suppose that if the router fails completely (including link down), the switch will deactivate the interface.

But if the failure of the switch is not a power-caused failure...the link may still be active, even if it is not able to send the hellos.

"But if the failure of the switch is not a power-caused failure...the link may still be active, even if it is not able to send the hellos."

HSRP is first gateway redundancy your router is redundant here NOT switch.

Suppose if the switch fails or not doing what is supposed to do. Then your HSRP is working but your switch is not, Then PC will not be able to reach outside network.

If your switch is working properly (even though you cannot manage it) HSRP will work properly. means if active router fails and standby router will take over and your PC will be able to reach outside network.

Hi,

yes, I meant router not switch. I made a mistake when writing...!! sorry! :-)

"Well, I suppose that if the router fails completely (including link down), the switch will deactivate the interface"

Let say your router R1 is working and its outgoing interface (connected to outside network is down). In this situation your PC will not be able to reach outside network as R1 is still active but it cannot rout traffic. For things to work in this situation you have to use the feature of tracking interface of HSRP so when its interface is down the priority decrements and standby router can take over.

I had already planned the tracking. Anyway, thanks for the recomendation!

Review Cisco Networking for a $25 gift card