10-25-2021 04:08 AM
Hi Guys
when running hsrp between 2 data centres across a lan link, what are people doing these days, in the design guide when running OTV etc it says you should block the hsrp multicast traffic effectively creating anycast gateways on each site.
What if you don't run OTV, should you still put this in the design and enable HSRP active on each local DC by blocking the frames?
we are not running Nexus, we run Cat 9600s
10-25-2021 04:17 AM - edited 10-25-2021 04:18 AM
If you streched VLAN, you do not have dymmy gateway both the sides ( means same gateway IP), you do not need to block HSRP, you can configure more members part of the HSRP group to failover.
10-27-2021 03:21 AM
Hi
so are you saying you cannot do it if we are not using OTV ? what is special about OTV which allows this to work? would the normal way in our situation then to use multiple hsrp groups as you suggested? meaning the servers on each site would need a different vip ?
cheers
10-25-2021 04:24 AM
Hello,
I assume you are talking about FHRP isolation in OTV ? How many HSRP enabled devices are at each data centre location ?
10-25-2021 06:21 AM
Hi
We are not using OTV, it is just a stretched vlan, and yes I mean FHRP isolation.
Can this be done over a normal layer link, or would we just configure multiple groups and have to assign the servers Gateway on each end of the link to use different group IP ?
Cheers
10-27-2021 07:37 AM
There are couple ways to slice and dice this. You can use different HSRP groups for sure. I have one customer that blocks HSRP hellos over the ethernet link between the DC's so both gateways are active on the same IP at the local DC.
10-27-2021 08:02 AM
Hi Elliot, if you used different hsrp groups, you would need to have the servers use different gateway IP's on each site right?
If you blocked hsrp hellos, would you not also need to block the arp replies etc else it would not work and you would have things complaining of duplicate ip's etc ?
10-27-2021 01:23 PM
Yes, you would need to have servers use different gateways if you use different HSRP groups. I haven't seen the config for this, but I don't think you would need to block ARP requests. If the other side saw an ARP for the same IP and MAC address, that shouldn't bother it. I think you would want to leave that open or the gateway failing at one DC would break the ability of the other one to respond. As far as I know, they only blocked HSRP hellos. I haven't labbed any of this up, so YMMV.
10-29-2021 02:01 AM
Hi Elliot
It seems to be an option when using OTV so I cannot see why it wouldnt work without OTV as it is doing the same thing, I am suprised more people arent doing this?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide