Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1242
Views
0
Helpful
3
Replies

HSRP on WAN, no L2 connection between routers

clinicare-ca
Level 1
Level 1

‎08-15-2008 09:37 PM - edited ‎03-06-2019 12:50 AM

I have a couple HSRP related questions.

Scenario

We have recently moved into a data centre providing us with 2 ethernet links to the internet. They are running HSRP on both of their switches, and both switches are in "active" state and are isolated from each other.

We purchased 2 x 2821 routers for our devices. We are planning to run HSRP between our routers as well.

The problem is the data centre's switches do not communicate with each other (aka not connected to each other) and therefore our router's HSRP does not work because our routers are also not connected to each other on the WAN side. If I place a L2 switch between our routers and the Data Centre switches, not only does the ISP's HSRP start to work, but our does as well, this is expected.

I spoke with the data center and they said that their switches are running HSRP in active active? Where both switches are active.

My question is, is this normal for a data centre to assume we are bringing an L2 switch in (they suggested I do this when I asked them about this)? Given all the redundancy configured and required, this L2 switch would be a single point of failure. Are there any configurations in which I could make this scenario work without an L2 switch? Or should I demand that the data centre connect their switches? See attached diagram.

Second question:

I am also running HSRP on the LAN side of things on the same routers. What happens in the scenario when RouterB is the LAN's active HSRP router, but RouterB's WAN is down (not link). Should I use HSRP with SLA's to track pings out the WAN interface of the routers, would that then make the router with the "down" WAN link to go into standby for the LAN? Is this is the best solution for this scenario?

Labels:
Preview file
21 KB
0 Helpful
3 Replies 3

battyjohn
Level 1
Level 1

‎08-15-2008 11:00 PM

Hello, with reference to your second question:

Firstly set the HSRP prioritys so that you have the router you want being active (Highest priority wins). Then use standby tracking of the interfaces to reduce the priority of the Active router such that if its links off the network go down, it becomes the standby router. There are two ways to do this:

On global configuration mode:

track 1 interface S0/0 line-protocol

Then on the interface configure:

standby 1 track 1 decrement 50

or

on the interface just do:

standby 1 track fastethernet 0/1 50

The first option is more flexible. One thing to be wary of is if you are running standby between your routers and switches on the same subnet but want them to be separate, use different standby groups or they will all be attempting to negotiate between each other, especially fun when authentication is configured!

With reference to your first question, this is where multilayer switches can be more helpful, as you can create SVI's and connect the two together without the need for another switch. Without a LAN switch it may be difficult to resolve this problem.

0 Helpful

lamav
Level 8
Level 8

‎08-16-2008 03:33 AM

We have recently moved into a data centre providing us with 2 ethernet links to the internet. They are running HSRP on both of their switches, and both switches are in "active" state and are isolated from each other.

That's preposterous. If the switches are not connected to each other and each switch is active, then they're not really running HSRP. There has to be an L2 adjacency/common subnet that the VIP and the routers sit on.

I spoke with the data center and they said that their switches are running HSRP in active active? Where both switches are active.

No such thing. Are you sure they didn't mean GLBP?

Are there any configurations in which I could make this scenario work without an L2 switch? Or should I demand that the data centre connect their switches? See attached diagram.

Is it possible to simply run an L2 link (trunk) between your switches? Yours and the DCs devices are on the same vlan, so their switches should pass HSRP Hellos using that link, if you can create it.

[EDIT] I just remembered you dont have switches. Problem. If you want the L2 adjacency for HSRP, you'll need to use two 3750s, instead of the 2821s. [EDIT]

As for your second question, I think deploying an SLA solution makes perfect sense. It's done all the time.

HTH

Victor

0 Helpful

clinicare-ca
Level 1
Level 1
In response to lamav

‎08-16-2008 07:21 AM

Thanks for the replies!

This is the email from the data centre:

"On my side both switches where you connected to can not see each other.

Both switches are in "active" HSRP state.

The only way these two switches can see each other is a switch on you side. On data centre side two interfaces with

physical IP 1.1.1.1 and 1.1.1.2 are isolated from each other. Technically this is like two routers and these two routers

need L2 connection (HSRP using multicast) to see each other. This L2 connection suppose to be your switch."

I do have those 3110g switches in a stack (basically cisco 3750's but for an IBM blade center), I am resisting using those

because I have only 4 external ports on each, and I would be using 3 on each for this. 1 for DC switches, 1 for router

WAN, 1 for router LAN trunk.

I also find it ridiculous for the DC to be running HSRP on their switches, but not providing any L2 link between them and

relying on me providing an L2 link for their HSRP to work as well as mine. I think we will be speaking with the DC and get

them to resolve this.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card