02-04-2008 08:39 PM - edited 03-05-2019 08:55 PM
Hi Guys,
I have two 3825 Cisco routers connected to a datacenter using two private circuits:
one private 100 MB ether connection as primary
one private DS3 as backup circuit
I am using all static so no IGP is used.
I have configured these two routers having the 100 MB as my primary link on my primary router and the DS3 as secondar/backup on my secondary router.
I have the following configuration but it is not working and I don't know why.
I would appreciate if some one could help me in right direction please as I do not trust the config being all right!
Primary Router:
interface FastEthernet0/0
description secondaary router
ip address 10.10.1.1 255.255.255.0(Ip addresss for the 100 MB Ethet link on my primary router)
no ip redirects
duplex auto
speed auto
standby 1 ip 10.10.1.2
!
(This puts both routers interfaces in the same subnet, with a common standby group of 1 on that link. So both routers
are responsible for acting together as the virtual router 10.10.1.2 Hosts are configured with a static default gateway,
IP address that of the virtual router, 10.10.1.2 Virtual router)
!
standby 1 timers 5 15
standby 1 priority 95
standby 1 preempt
standby 1 authentication username
standby 1 track Ether Interface for 100 MB ckt (GE0/0) on this router
Secondar Router:
interface FastEthernet0/0
description secondaary router
ip address 10.10.1.3 255.255.255.0 (Ip addresss for the 100 MB Ethet link on my primary router)
no ip redirects
duplex auto
speed auto
standby 1 ip 10.10.1.2 (This puts both routers interfaces in the same subnet, with a common standby group of 1 on that link. So both routers
are responsible for acting together as the virtual router 10.10.1.2 Hosts are configured with a static default gateway,
IP address that of the virtual router, 10.10.1.2 Virtual router)
!
standby 1 timers 5 15
standby 1 priority 95
standby 1 preempt
standby 1 authentication username
standby 1 track Interface of the DS3 Circit on this router
do I need to specify anything in the Global coonfig too?
I have attached a .txt file for this configuration. I wonder if I have missed something, may be at the global command level? I don't think there is any?
Thanks,
Mike
02-04-2008 09:06 PM
Masood
I see that you describe them as primary and secondary. But in the configuration you have given them both priority of 95. If you want one to be reliably the primary then its priority should be higher than the secondary (and probably not more than 10 greater as long as you are using track).
Your post says it is not working but is not specific about what is not working. Can you clarify what is not working so that we can understand it better?
It would also help if you would post the output of show standby from both routers.
HTH
Rick
02-04-2008 09:09 PM
Hi
What do u mean by not working???can u be more specific..
From ur config ,u have configured both router with same priority(ie,95).Hence the election for active will be based on highest IP address of the interface.So the secondary router will become active in this case.
So to make the primary router active,increase the priority.by default its 100.
arun
02-04-2008 09:13 PM
Thanks very much for your quick response. I really appreciate that.
You are right, I was taking a closer look at what I did and realized that. I have raised the primary to 100 now.
how should I make the physical connectiuon between them?
I mean how should I link these two routers together? I used ether0/1 on both with cat 5 cables and may be I have done my physical ocnnection wrong?
Thx,
Mike
02-04-2008 09:44 PM
the reason i have gotten confused on the physical connection between the two routers are due to the fact that i have 2 circuits from 2 different IPSs, one ether and the other DS3 (which doesn't connect to a fe of ge interface on the secondar router)so, primary has ether on ge0/0 and secondar has Ds3 on the Ds3 line card, how these two will know about each other?
please advise.
Mike
02-05-2008 07:42 AM
Hi Arun,
when we have Ip adddress for the vitual router in the HSRP configuration and have multiple VLANs on teh Switch connected tio these routers(Core switch with L3 VLANs), then how can I have the IP address of the virtual router as the defaultgatway for our hosts ad servers?
shouldn't the IP address for the the vlan interface be the default gateway for all the hosts on that VLAN?
I am really vonfused here as which one should act as teh default gatway? the Virtual router Ip address or the VALN interfaces Ip addresses for hosts on those VLAN?
Please advise.
Mike
02-06-2008 09:16 PM
Mike
I am not sure whether I am confused about your situation or whether you are confused about HSRP. HSRP is generally configured on the interfaces which are used for connecting users. If you have multiple VLANs where users are connected, then you would usually configure HSRP on each VLAN interface. Each VLAN would have its own shared/firtual HSRP address and that address would be the dafault gateway for the hosts connected on that VLAN.
If there is something that I have not understood please clarify for me.
HTH
Rick
02-06-2008 09:23 PM
Rick,
You are right! you see first I configured HSRP to go on our new router and then I realized that I am going to have 3 VLANs on my L3 4500 core switch and from there to my routers. I will have two circuits, one 100 MB as primary terminated on one 3845 and a Fractional DS3 terminating on the secondary router, from two different IPSs.
I didn't know that I can specify VLAN interfaces fro HSRP! now that you mention that, I guess I need to make some changes to my HSRP configuration for two VLANs, one for internal office and the other one for external. I will be using VLAN1 for managemnet purposes.
do you think I only need to replace the actual physical interfaces in my HSRP configuration and add the vlan interfaces, like int vlan2 and int vlan3?
would the virtual router stays the same?
Thanks,
Mike
02-06-2008 09:35 PM
Mike
There would be a separate virtual router for each VLAN.
HTH
Rick
02-06-2008 09:39 PM
this is what confuses me? based on my previous reply where i attached files outlining configuration, please see if you can clear me on this issue.
I really appreciate your support.
Thx,
Mike
02-06-2008 09:38 PM
Hi Mike,
Rick has explained in well........ :)
Please refer to this link ,to clarify more..
Yes u can replace the configuration from interface to the vlan svi or interface and the virtual address still can be kept same,with condition that it sould be one IP in the subnet of that particular vlan,and this need to b ethe gateway for device in that vlan.
arun
02-06-2008 10:18 PM
hi Arun,
i will be having two vlans on the 4500 and each with its own IP address of course. switch will be connected to two routers via transit links with /30 IP addresses.
now, with two vlans, which vlan IP address should be listed as the IP for the virtual router in the HSRP?
also, the switch will do the routing and i don't know how HSRP can do the switching since the actual vlan interfaces are on the 4500 core switch and not the routers?
I am confused and need help to clarify the points of confusion please.
as far as my comment that it wan't working, i was doing testing on a test router and that was not accurate. I also fixed the priority and gave the primary a priority of 100 and the secondar a priority of 95 which i should bring it lower.
Thx,
Mike
02-06-2008 09:37 PM
Hi Rick,
actually something just hit my mind which has caused more confusion for me!. Please look at the attached MS-Word document that outlines the configuration on the 4500 switch and the text fileoutlining the HSRP.
since my vlans are L3 and on the switch, I will be having transit links between the switch and the routers and for this reason the router will be doing the routing but the switch does. now, given this scenario how should I address the HSRP and the interfaces?
Please advise,
Mike.
02-06-2008 10:32 PM
What i understand from the attachment you send is
1.You have got one L3 switch and two routers
2.The link between the switch and router are L3.
3.U have 2 vlans on inside network
If so,let me tell u that HSRP is normaly used for the redundancy of gateways.
Your vlan boundary end at L3 switch as u are configuring the vlan routing there itself.
and since u have got only one L3 switch i dont thing u can achive the gateway redundacy per vlan there .
Now you are configuring HSRP at routers,but both the routers are connected by L3 links to switch.For HSRP to work the link should be L2,since both the inside interface of routers
need to be in same subnet along with the virtual address.
With the little experience i have,a possible workaround i feel would be configure the links as L2 towards router,do a router on stick configuration for vlan communication,and do the hsrp configuration in the subinterface and give the default gateway for each vlan host as this virtual address ....
here your switch will act as a L2 switch!!!!!!!!!
Experts pls conform if i make sense????
arun
02-07-2008 06:09 AM
Hi Arun,
this is exactly what I was afriad of!
Thinking about my L3 transit links to the router and ending all at the switch as you expained well.
Ii understand, you are suggesting creating L2 trunks connecting the switch to the router and by creating subinterfaces on the router make that work, correct? is this what youmean by the router on stick configuration?
I did that once long ago and I am realy not confortable configuring it but i wonder if you guys can put in in the right direction please?
router on stick and L2 trunks on a L3 Switch, i can use some help!
Thx,
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide