Solved: HSRP configuration - possible routing loop

ohareka70 · ‎06-01-2017

Hello,

W is my primary site
B is my DR site

Could someone check this one for me please?

ip route 10.0.0.0 255.0.0.0 192.168.180.1 track 11 site B
ip route 10.0.0.0 255.0.0.0 192.168.180.199 255 track 12 site B

ip route 10.0.0.0 255.0.0.0 192.168.180.1 track 11 site W
ip route 10.0.0.0 255.0.0.0 192.168.180.199 255 track 12 site W

I was told to configure them both the same like this on both routers to avoid a loop in my network

But they then both go out via the same firewall interface of 192.168.180.1

Is this correct?

Should the B site not be like this so it goes out via the other firewall

ip route 10.0.0.0 255.0.0.0 192.168.180.1 255 track 11 site B
ip route 10.0.0.0 255.0.0.0 192.168.180.199 track 12 site B

thanks

Reza Sharifi · ‎06-01-2017

Hi,

If the firewalls are configured as active/stand-by than the first config is correct. The traffic will always traverse the primary until there is failure.

HTH

View solution in original post

Reza Sharifi · ‎06-01-2017

Hi,

If the firewalls are configured as active/stand-by than the first config is correct. The traffic will always traverse the primary until there is failure.

HTH

ohareka70 · ‎06-01-2017

Reza, The firewalls are configured as active/active. Both are passing traffic to the internet

thanks

Kevin

cofee · ‎06-01-2017

I looked at the drawing and couldn't figure out where 10.0.0.0/8 terminates and also routers that have HSRP configured which location they are at? Is this a lab environment or real network?

As far as static routes are concerned both routes will be installed in the RIB because I didn't notice user configured AD tied to the static routes.

Please let me know if I missed anything.

ohareka70 · ‎06-05-2017

Got it working

B-side (i changed the default route)

ip route 0.0.0.0 0.0.0.0 192.168.180.1 250 track 1

ip route 0.0.0.0 0.0.0.0 192.168.180.199 track 2

thanks for your help