JD

There is an alternative to using static routes or running a routing protocol.

If you add a vlan 112 L3 interface on the Atlanta switch it would work because then you have a directly connected route in the routing table. So the Atlanta switch can then route the packet onto vlan 112 and then it is L2 switched across the trunk link to Houston. You would need to create L3 vlan interfaces for all the Houston vlans on the Atlanta switch and vice versa.

You would then run HSRP between these interfaces but you would need to make sure the HSRP active interface for all Atlanta vlans was the Atlanta switch and the same for Houston.  What could happen for example is if vlan 112 had it's HSRP active gateway in Atlanta and it wanted to send traffic to another vlan in Houston then the packet would have to go across the fibre link to it's HSRP active gateway in Atlanta, be routed, and then sent back across the link.

So you can find if the HSRP gateways are not setup properly you can overutilise the 200Mb link.

As to which is best, it's difficult to say.  When you move a server you are going to get the scenario i described above anyway with either setup. The only way to avoid this is to use something like MHSRP where you have 2 HSRP active addresses but that would mean changing the default gateway on the server (but not the IP/subnet mask) when it moved between buildings.

Jon

Thanks, Jon. a couple of things... How do you know there already is a L3 in Atlanta? I'd like to check it out. Also, I may be getting confused here, but if I run this command, I'm affecting the default gateway that my clients on the 10.11.1.x use?:

int vlan 10

ip address 10.11.1.2  255.255.255.0  <-- note the IP address assigned to the interface has changed

standby ip 10.11.1.1    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 10

standby preempt

10.11.1.1 is the gateway that my clients on the 10.11.1.x network use is their nic settings as their default gateway in this scenrario, right? I ask, because in our actual network, we use 10.11.1.2 as our DG, so I want to make that I adjust the config changes accordingly.

And if this works on vlan 10, then I need to redo this with all vlans? (each with their respective IPs).

Also, if is doesn't work on vlan 10 (for whatever reason) how do I back out my changes and restore the config to how it was before (without reloading the switch).

JD

Thanks, Jon. a couple of things... How do you know there already is a L3 in Atlanta?

If you look at your routing table for Atlanta you can see vlan 10 has a directly connected interface so that means there is a L3 interface for that vlan. Do a "sh ip int brief | include Vlan" and you will see.

Also, I may be getting confused here, but if I run this command, I'm affecting the default gateway that my clients on the 10.11.1.x use?:

You are but only for a brief moment while HSRP is configured. You need to use the actual address in use now as the VIP in the HSRP config. The VIP is the IP in the "standby ip ".  So that is why i said you need to make sure you use the IP currently in use as the VIP.  I used 10.11.1.1/2/3 as an example. You can use any spare address from that subnet for the IPs assigned to the physical interfaces but you must make sure you use the existing IP on the interface as the VIP in the HSRP config. Otherwise, as you say, you would have a problem with the default gateway setting on the clients.

And if this works on vlan 10, then I need to redo this with all vlans? (each with their respective IPs).

Yes you do on both switches. And it is worth reiterating that you must make the correct switch HSRP active for it's own vlans. See previous post for explanation and again please come back if you need to.

Also, if is doesn't work on vlan 10 (for whatever reason) how do I back out my changes and restore the config to how it was before (without reloading the switch).

For vlan 10 on the Atlanta switch you can simply remove all the HSRP config and reassign the VIP IP to the physical interface and on the Houston switch shutdown the L3 vlan 10 interface  because it wasn't in use before. For vlan 112 you would do the opposite ie. remove the HSRP config from the vlan 112 switch and reassign the VIP to the physical interface and on the Atlanta switch shutdown the L3 vlan 112 interface because it wasn't in use before.

There should be no need to reload either of the switches.

Jon

Jon, thanks for your help.

I havn't made the change yet. I wanted to ask if you could look over the changes I plan on making and see if my interpretation is correct.

The vlan's that are primary in atlanta are 10, 192 and 172. Gateways end in .2 (10.11.1.2, 192.168.40.2, 172.16.1.2). The vlans for Houston are 112, 41, 772 (10.11.2.2, 192.168.41.2, 172.16.2.2).

I found two extra open IP's in each range. Please see below the commands I plan to run, and let me know if they look right to you. Also, I'm assuming that it is best to do one HSRP at time. ie, if I do the hsrp in ATL, I should immediatly do it in HOU for said vlan... or does it not matter?

Atlanta switch

===========

int vlan 10   <-- trusted

ip address 10.11.1.4  255.255.255.0  <-- note the IP address assigned to the interface has changed

standby 1 ip 10.11.1.2    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby 1 priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 10

standby 1 preempt

int vlan 192  <-- Web

ip address 192.168.40.4  255.255.255.0  <-- note the IP address assigned to the interface has changed

standby 2 ip 192.168.40.2    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby 2 priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 192

standby 2 preempt

int vlan 172  <-- Transit

ip address 172.16.1.4  255.255.255.0  <-- note the IP address assigned to the interface has changed

standby 3 ip 172.16.1.2    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby 3 priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 172

standby 3 preempt

int vlan 112 <--DR Trusted

ip address 10.11.2.7 255.255.255.0

no shut

standby 4 ip 10.11.2.2  --> then add this line for HSRP -

int vlan 41  <--DR web

ip address 192.168.41.4 255.255.255.0

no shut

standby 5 ip 192.168.41.2  --> then add this line for HSRP -

int vlan 772 <-- DR Transit

ip address 172.16.2.4 255.255.255.0

no shut

standby 6 ip 172.16.2.2 --> then add this line for HSRP -

Houston switch

============

you need create a L3 vlan interface for vlan 10 (because there won't be one)

int vlan 10

ip address 10.11.1.6 255.255.255.0

no shut

standby 1 ip 10.11.1.2  --> then add this line for HSRP -

int vlan 192

ip address 192.168.40.5 255.255.255.0

no shut

standby 2 ip 192.168.40.2  --> then add this line for HSRP -

int vlan 172

ip address 172.16.1.6 255.255.255.0

no shut

standby 3 ip 172.16.1.2  --> then add this line for HSRP -

int vlan 112   <-- DR trusted

ip address 10.11.2.6 255.255.255.0  <-- note the IP address assigned to the interface has changed

standby 4 ip 10.11.2.2    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby 4 priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 112

standby 4 preempt

int vlan 41 <-- DR Web

ip address 192.168.41.3  255.255.255.0  <-- note the IP address assigned to the interface has changed

standby 5 ip 192.168.41.2    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby 5 priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 41

standby 5 preempt

int vlan 772  <-- DR Transit

ip address 172.16.2.3  255.255.255.0  <-- note the IP address assigned to the interface has changed

standby 6 ip 172.16.2.2    <-- this is the original IP which is now the VIP and is the default gateway of the clients

standby 6 priority 110    <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 772

standby 6 preempt

Again, many thanks.

i forgot to mention that this how my vlans look now:

ATL:

garfield#sh ip int brief

Interface              IP-Address      OK? Method Status                Pro

Vlan1                  unassigned      YES NVRAM  up                    up

Vlan10                 10.11.1.2       YES NVRAM  up                    up

Vlan72                 unassigned      YES NVRAM  up                    up

Vlan172                172.16.1.2      YES NVRAM  up                    up

Vlan192                192.168.40.2    YES NVRAM  up                    up

Vlan222                unassigned      YES manual up                    up

Vlan310                10.3.3.3        YES manual up                    up

HOU:

calvin#sh ip int brief

Interface              IP-Address      OK? Method Status                Protocol

Vlan1                  unassigned      YES NVRAM  up                    up

Vlan5                  192.168.130.2   YES NVRAM  up                    up

Vlan10                 unassigned      YES NVRAM  up                    up

Vlan41                 192.168.41.2    YES NVRAM  up                    up

Vlan70                 unassigned      YES NVRAM  up                    up

Vlan112                10.11.2.2       YES NVRAM  up                    up

Vlan172                unassigned      YES NVRAM  up                    up

Vlan192                unassigned      YES NVRAM  up                    up

Vlan222                unassigned      YES NVRAM  up                    up

Vlan722                172.16.2.2      YES NVRAM  up                    up

Message was edited by: Jorge Diaz

JD

That all looks good.

In terms of the order to do them. You need to do them so that you ensure the right switch becomes active first ie. Altanta becomes active for it's own vlans and the same for Houston. What i would do is -

1) On the Altanta switch change the config for vlans 10, 172 & 192. This will involve a quick blip so connectivity will be lost temporarily. But it is short.

2) On the Houston switch change the config for vlans 41, 112, 772. Again there will be a loss of connectivity but it is very short. 

Once you have done this then you can do the rest at your leisure with no downtime because the active gateway is already up and running due to 1) and 2) above.

What you should not do is create the new L3 vlan interfaces first ie. for Atlanta you should not create L3 vlan interfaces for the Houston vlans before doing 1). If you do this there could be problems eg. -

you create a L3 vlan on Atlanta for vlan 41 with an HSRP VIP of 192.168.41.2 but you are already using this address on the existing Houston L3 vlan interface (because you haven't changed it yet). So both switches will think they are responsible for 192.168.41.2.

Does the above make sense ?

I suggest though, that you pick one vlan and do the config at both ends, again making sure you config the active switch first. This is to make sure it is all working and if it isn't it will be a lot easier to back out of. If you do this you can then run

"sh standby brief" on both switches. If you picked vlan 10, for example, you should see from the output of the command that Atlanta is the active switch for this HSRP group and Houston is standby. On the Houston switch it should show Atlanta as active.

Jon