Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5181
Views
5
Helpful
6
Replies

wasted addresses with HSRP

Go to solution
josedelpino
Level 1
Level 1

‎04-29-2012 01:04 PM - edited ‎03-07-2019 06:24 AM

Hi guys

Basically I'm working on a project that is to implement redundancy in a small ISP in my country,

currently there is only one switch cisco 2950 and 2651XM router, the idea is it to be this way:

Cisco.jpg

Some time ago I ask what technology could be used to implement redundancy and HSRP was the answer, which was fantastic because it does what I need, but I have a problem with wasting public addresses,

I Have Several public addresses in my router and are / 30 the first valid address for my router and the second to the client obviously,

but I want to add another router as shown in the diagram and does not suffice me a / 30 and need a / 29 for HSRP.

Example:

Before HSRP:

Core1: 190.0.0.1/30

Client: 190.0.0.2/30

After HSRP:

Core1: 190.0.0.3/29

Core2: 190.0.0.4/29

Virtual Router: 190.0.0.1/29

Client: 190.0.0.2/29

Wasted addresses: 190.0.0.5, 190.0.0.6

There are over one hundred clients with public address and this represents a waste of hundreds of public addresses.

Is there any way to avoid this?

Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mlund
Level 7
Level 7

‎04-30-2012 05:59 AM

HI

It can be done if You use private adressess for the hsrp and then configure a

standby ip 190.0.0.1 secondary

You also need a static route so the router knows where the address is, like this

ip route 190.0.0.0/30 ethernet0 ( or whatever interface You use)

see this thread for an example on the same theme.

https://supportforums.cisco.com/thread/2130942

/Mikael

View solution in original post

6 Replies 6

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎04-29-2012 07:36 PM

If the client is using a public address to connect to you, and if the connection is Ethernet, and if you want to provide redundancy using HSRP, then there is not any way to do that and keep the subnet as /30.  As you mention in your post you need 1 address for client and 3 addresses for routers (1 virtual and 2 physical).

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
ROBERTO TACCON
Level 4
Level 4

‎04-30-2012 01:16 AM

ASA FIREWALL HA pair uses one IP per unit per IP subnet/subinterface: TOTAL 2 IP addresses

HSRP on routers require actually three addresses per IP subnet/subinterface one VIP and one per router: TOTAL 3 IP addresses

VRRP may work with two ip addresses per IP subnet/subinterface: TOTAL 2 IP addresses

VRRP can assign same ip address to the interface as the gateway address, so it saves one ip address

GLBP on routers require actually three addresses per IP subnet/subinterface one VIP and one per router: TOTAL 3 IP addresses

0 Helpful

Go to solution
mlund
Level 7
Level 7

‎04-30-2012 05:59 AM

HI

It can be done if You use private adressess for the hsrp and then configure a

standby ip 190.0.0.1 secondary

You also need a static route so the router knows where the address is, like this

ip route 190.0.0.0/30 ethernet0 ( or whatever interface You use)

see this thread for an example on the same theme.

https://supportforums.cisco.com/thread/2130942

/Mikael

Go to solution
ROBERTO TACCON
Level 4
Level 4
In response to mlund

‎05-02-2012 06:51 AM

The configuration is not supported by Cisco TAC.

0 Helpful

Go to solution
josedelpino
Level 1
Level 1

‎05-02-2012 05:23 PM

Thank you very much guys, especially mlund. I tested this in GNS3 and it works perfectly but I'm not sure is if it will not be a problem to use private addresses.

0 Helpful

Go to solution
roeenakar
Level 1
Level 1

‎06-17-2015 12:54 AM

hi,

the solution you are trying to config have one main problem, try to flap the active/standby ports

and you will notify that the comunication gone and not start to work until you clear the arp of the vip address from the remote router (customer side).

to make it work you need to clear manually the arp and try again.

i made a small script thart give the solution:

enjoy:

R1 - remote site (customer side)

ip sla monitor 1
 type echo protocol ipIcmpEcho 1.1.1.1
 timeout 100
 threshold 100
 frequency 1
ip sla monitor schedule 1 life forever start-time now

event manager applet ARP
 event syslog pattern "1 rtr .*Up->Down" period 2
 action 1.0 syslog msg "arp cleared by my script"
 action 2.0 cli command "en"
 action 2.1 cli command "clear ip arp 1.1.1.1"
!
interface FastEthernet0/1
 ip address 1.1.1.2 255.255.255.0

R2 my hsrp
 
interface FastEthernet0/0
 ip address 192.168.0.1 255.255.255.0
 standby version 2
 standby 2 ip 192.168.0.254
 standby 2 ip 1.1.1.1 secondary
 standby 2 priority 109
 standby 2 preempt

ip route 1.1.1.0 255.255.255.252 FastEthernet0/0

R3 my hsrp

interface FastEthernet0/0
 ip address 192.168.0.2 255.255.255.0
 standby version 2
 standby 2 ip 192.168.0.254
 standby 2 ip 1.1.1.1 secondary
 standby 2 preempt

ip route 1.1.1.0 255.255.255.252 FastEthernet0/0

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card