01-24-2012 02:08 AM - edited 03-07-2019 04:30 AM
Hello Everyone!
I am Prashant. Planning to implement HSRP in layer 3 switch. This is the first time I am trying this out. So I am little bit nervous at the moment. Wanted your suggestion to implement this protocol. Here are the details:
We have two numbers of Cisco 4900 ME Switches. Basically want LAN failover from these devices. There are about 400 users in our network. I have attached rough network topology for your reference(Please excuse since I am not good at Microsoft Visio). Please let me know implementation of the HSRP in these switches. Two distribution switches(Cisco 4900 ME Switches) are connected to 4 Access switches and these are connected to the LAN. Please elaborate the configuration for the HSRP.
Thanks in advance!!!!!
01-24-2012 03:09 AM
Hi,
Below is a topology & set of configuration which may help you
Configuration (Assumption)
====================
There are 3 VLANs in your network. VLAN 10, VLAN 20, VLAN 30.
ME4900-SW1 config
interface vlan 10
ip address 192.168.10.2 255.255.255.0
ip helper-address
standby 10 ip 192.168.10.1
interface vlan 20
ip address 192.168.20.2 255.255.255.0
ip helper-address
standby 20 ip 192.168.20.1
interface vlan 30
ip address 192.168.30.2 255.255.255.0
ip helper-address
standby 30 ip 192.168.20.1
Now on Switch-2
ME4900-SW2 config
interface vlan 10
ip address 192.168.10.3 255.255.255.0
ip helper-address
standby 10 ip 192.168.10.1
standby 10 priority 90
interface vlan 20
ip address 192.168.20.3 255.255.255.0
ip helper-address
standby 20 ip 192.168.20.1
standby 20 priority 90
interface vlan 30
ip address 192.168.30.3 255.255.255.0
ip helper-address
standby 30 ip 192.168.20.1
standby 30 priority 90
Verification Commands
show standby
show standby brief
show standby interface vlan
NOTE : This configuration is to always have Switch-1 routing / switching the traffic. i.e Primary Gateway. The best design would be to have traffic equally load-shared between two switches. For that adjust the priorities accordingly. Remember, the default HSRP priority is 100. So, lower one would be standby. Also, you may have to play around with spanning-tree root bridge priorities.
For example : Assume that, you need only Switch-1 to be catering the traffic (always). Then you need to have the root bridge priority configured as below
On Switch-1
spanning-tree vlan 10, 20 , 30 priority 4096
On Switch-2
spanning-tree vlan 10,20,30 priority 8192
Remember, lowest priority is BETTER
Now, lets assume you have configured VLAN 10's gateway as Switch-1 (HSRP priority) & other vlan 20 & 30 as Switch-2 (HSRP priority), you may now need to adjust your spanning-tree root bridge as well. Below is the config
On Switch-1
spanning-tree vlan 10 priority 4096
spanning-tree vlan 20,30 priority 8192
On Switch-2
spanning-tree vlan 10 priority 8192
spanning-tree vlan 20,30 priority 4096
Do some reading before your begun to understand better. Hope i was clear in answering your question.
Thanks
Vivek
*Please rate if helpful
01-24-2012 05:00 AM
Hi Prashant,
When you say 400 users, I am guessing you must have vlans.
So you need HSRP (virtual default gateway) for all the vlans. Which means say you have two switches and configured vlan-10 in both switches, untill you configured per vlan hsrp there is only default gateway availabile in one switch if that switch goes down then the default gateway will be unavailable.
So you need to configure per vlan HSRP, which give you virtual or standby default gateway for each vlan.
This is what called per vlan HSRP.
See the below link for more informaiton.
http://www.firstdigest.com/2009/04/cisco-how-to-configure-hsrp-for-load-balancing-traffic/
Please rate all the helpfull posts.
Regards,
Naidu.
07-23-2015 04:10 PM
Hi Vivek,
Thanks For explaining. I have very similar config as above. I shut the vlan 10 on switch 1 but on the switch 2 the vlan 10 is still up but when my client tries to ping the 10.133.10.1 for vlan 10 is not able to ping. My question is when i shut the vlan 10 down on switch 1 the HSRP should failover to switch 2 and i still should be able to ping the HSRP gateway rt ? I also cant ping the 10.133.10.1 from switch 1. Can you please help ?
please see below config.
switch 1
Vlan10 - Group 10
State is Init (interface down)
16 state changes, last state change 1d06h
Virtual IP address is 10.133.10.1
Active virtual MAC address is unknown
Local virtual MAC address is 0000.0c07.ac15 (v1 default)
Hello time 3 sec, hold time 10 sec
Preemption enabled
Active router is unknown
Standby router is unknown
Priority 130 (configured 130)
Group name is "hsrp-Vl10-10" (default)
Show standby
Vlan10 - Group 10
State is Init (interface down)
16 state changes, last state change 1d06h
Virtual IP address is 10.133.10.1
Active virtual MAC address is unknown
Local virtual MAC address is 0000.0c07.ac15 (v1 default)
Hello time 3 sec, hold time 10 sec
Preemption enabled
Active router is unknown
Standby router is unknown
Priority 130 (configured 130)
Group name is "hsrp-Vl10-10" (default)
sh standby brief
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 130 P Init unknown unknown 10.133.10.1
switch 2
Vlan10 - Group 10
State is Active
28 state changes, last state change 1d06h
Virtual IP address is 10.133.10.1
Active virtual MAC address is 0000.0c07.ac15
Local virtual MAC address is 0000.0c07.ac15 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.432 secs
Preemption enabled
Active router is local
Standby router is unknown
Priority 120 (configured 120)
Group name is "hsrp-Vl10-10" (default)
Sh standby
Vlan10 - Group 10
State is Active
28 state changes, last state change 1d06h
Virtual IP address is 10.133.10.1
Active virtual MAC address is 0000.0c07.ac15
Local virtual MAC address is 0000.0c07.ac15 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.128 secs
Preemption enabled
Active router is local
Standby router is unknown
Priority 120 (configured 120)
Group name is "hsrp-Vl10-10" (default)
sh standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl10 10 120 P Active local unknown 10.133.10.1
07-23-2015 10:10 PM
Hello,
Check whether the standby switch learns the ARP for the host address
sh ip arp
Then check it learns for mac.
Also please unshut vlan 10 and check
sh standby brief to ensure both knows about each other. Else there could be some topology issues.
Thanks,
Madhu.
*** Please rate useful posts****
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide