Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2114
Views
0
Helpful
3
Replies

L3 Switching Commands

Go to solution
dbuckley77
Level 1
Level 1

‎05-20-2015 06:56 AM - edited ‎03-08-2019 12:05 AM

I am new to L3 switching and I have seen some interfaces on our switches setup in two different ways.  Can someone please explain the commands below?

 

 

 

interface Vlan5
 ip address 10.100.5.253 255.255.255.0
 ip helper-address 10.100.5.50
 ip ospf authentication message-digest
 ip ospf message-digest-key 5 md5 7 14251D1E1801387A
 standby 0 ip 10.100.5.1
 standby 0 timers msec 250 msec 750
 standby 0 priority 110
 standby 0 preempt

 

interface Vlan111
 ip address 10.100.111.254 255.255.255.0
 ip helper-address 10.100.5.50
 vrrp 10 ip 10.100.111.1
 vrrp 10 timers learn
 vrrp 10 priority 110
 vrrp 10 authentication text vlan111

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-20-2015 07:07 AM

The "ip helper-address .." command is for DHCP requests ie. any DHCP requests from clients in that vlan will be forwarded to 10.100.5.50 which is your DHCP server.

Note you don't actually need that command on the vlan 5 interface as that is the same IP subnet but you do need it on vlan 111.

The OSPF part is simply using authentication to peer with another L3 device so you need to tell it that plus give it a key.

The standby commands are for HSRP so there should be another L3 switch with a vlan 5 also with those commands and connected to this switch. Both switches share the virtual IP 10.100.5.1 but only one is active for it at any one time.

The clients have their default gateway set to the VIP so if the active switch fails then the other switch can take over and the clients can still use the same IP.

VRRP is another way of doing the same thing although why you are running HSRP and VRRP on the same switch I am not sure.

Jon

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎05-20-2015 07:03 AM

interface Vlan5
 ip address 10.100.5.253 255.255.255.0
 ip helper-address 10.100.5.50--------helper address to reach dhcp server off the subnet
 ip ospf authentication message-digest ----OSPF neighbour authentication for security
 ip ospf message-digest-key 5 md5 7 14251D1E1801387A----again authentication
 standby 0 ip 10.100.5.1--------using HSRP redundency must be another connected switch thats it VIP address , running similar with vlan 5 so it can failover to it if there is an issue with this switch
 standby 0 timers msec 250 msec 750--last 3 are more HSRP commands
 standby 0 priority 110
 standby 0 preempt

 

interface Vlan111
 ip address 10.100.111.254 255.255.255.0
 ip helper-address 10.100.5.50
 vrrp 10 ip 10.100.111.1---vitual ip address will be the same on both switches participating
 vrrp 10 timers learn -------This is another form of HSRP but open standard does the same thing provides redundency between vlans on diff switches
 vrrp 10 priority 110
 vrrp 10 authentication text vlan111

 

http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/9234-hsrpguidetoc.html

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/12-4/fhp-12-4-book/fhp-vrrp.html

0 Helpful

Go to solution
Ciro Gustavo Mele
Level 1
Level 1
In response to Mark Malone

‎11-19-2015 04:48 PM

Thank you for this post about hsrp and links.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-20-2015 07:07 AM

The "ip helper-address .." command is for DHCP requests ie. any DHCP requests from clients in that vlan will be forwarded to 10.100.5.50 which is your DHCP server.

Note you don't actually need that command on the vlan 5 interface as that is the same IP subnet but you do need it on vlan 111.

The OSPF part is simply using authentication to peer with another L3 device so you need to tell it that plus give it a key.

The standby commands are for HSRP so there should be another L3 switch with a vlan 5 also with those commands and connected to this switch. Both switches share the virtual IP 10.100.5.1 but only one is active for it at any one time.

The clients have their default gateway set to the VIP so if the active switch fails then the other switch can take over and the clients can still use the same IP.

VRRP is another way of doing the same thing although why you are running HSRP and VRRP on the same switch I am not sure.

Jon

0 Helpful
Customers Also Viewed These Support Documents