hello mark,

but active active between sites with DCI.

thanks.!

sorry what exactly do you mean between sites  , what i am talking about is LAN active active same VPC domain same LAN network not between data centres or different physical sites

I have two remotes sites with nexus 7000 and I want them to be configured as active active, i want to have the same virtual ip for hsrp in both sites.

thanks.

But your end devices/switches would need to be linked to both 7ks which would require multiple Layer 2 links between the remote sites , do you have that type of physical design between them

Yes I have a L2 & L3 dark fiber,  what I was reading i that for have and active/active site I just need to work with Hsrp Isolate between sites.

thanks.

Ok if that's the design you want to go ith you would be looking at something like this in terms of physical setup so end devices are dual homed and use the vlan vip in hsrp as the gateway , the cls would represent a 7k each site , never seen this really done before with 7ks I have seen remote 6500 setups alright just make sure you use the right optics for the distance etc there are no limitations on vpc distance so it should work in theory but its the amount iof links that would be required , you could always not use vpc but it kind of defeats the purpose of using 7ks

Hello Mark,

The topology is some thing like that, but the configuration will be

CLS01

key chain HSRP
key 1
key-string 7 cisco

interface Vlan101
no ip redirects
ip address 10.3.0.2/16
no ip arp gratuitous hsrp duplicate
hsrp version 2
hsrp 0
authentication md5 key-chain HSRP
preempt
ip 10.3.0.1

!

key chain HSRP
key 1
key-string 7 cisco1

interface Vlan101
no ip redirects
ip address 10.3.0.5/16
no ip arp gratuitous hsrp duplicate
hsrp version 2
hsrp 0
authentication md5 key-chain HSRP
preempt
ip 10.3.0.1

 !!

ip access-list DENY_HSRP_IP
10 deny udp any 224.0.0.2/32 eq 1985
20 deny udp any 224.0.0.102/32 eq 1985
30 permit ip any any

!!!!

Interface Po1

 ip port access-group DENY_HSRP_IP in

this is the config im working with.

thanks.

Hello Mark,

Thanks for you info, I will check the "priority" will this give any type of impact when I add this commands to my hsrp?  should I apply this on very hsrp or global?

thanks!

The priority is just to say which side is active , as HSRP by default is standby/active

GLBP is active/active by default that why iot may suit the design your trying to do , HSRP by default has  a priority of 100 but its recommended to set each side

Mark

One more question, in this enviorment,the one I have with hsrp, how will traffic work between sites? if one server in site A falls down, will traffic go to site B?

thanks!

Hi

yes if you physical topology is correct in HSRP and your device fails traffic will switch over to Site B , your always best to use ip sla and tracking with HSRP and track a route upstream , so if the users cant reach that anymore (circuit has failed ) traffic will switch over to site B , otherwise the HSRP will only kick in if the chassis itself failed which is unlikely in 7ks as there stable platforms usually

quick example of HSRP with tracking

https://bytesforbits.wordpress.com/2010/06/27/10/