HSRP (Hot Standby Routing Protocol)

(princek K) #4

Hi Rene i lab this on a real cisco equipments and the lab was awesome thank you very much. Please can you make a video training on how to setup a complete ACS server and snmp configuration for a newly cisco switch/router. Moreover, we will like to see more of a recommended way of designing and implementing cisco configuration a network thank you.

0 Likes

(Rene Molenaar) #5

Hi Princek,

I’ll probably do some ACS tutorials/videos. I’m currently adding some ASA tutorials and ACS will be a nice addon. I already have a lesson for SNMPv3 on Cisco IOS router:

About the designing part, anything in particular you are looking for? There’s a lot to cover when it comes to network design.

0 Likes

(alok d) #6

Hey,
In above example, why choose layer 3 switches instead of routers? Also, IP SLA pings forever but at what time interval ping occurs?

Thanks,
AD

0 Likes

(Rene Molenaar) #7

Hi AD,

It doesn’t matter much if you use switches or routers for this, functionality is the same.

If you have a lot of inter-VLAN traffic then using L3 switches is more efficient than using a router for routing. It would make sense to configure HSRP / VRRP on the switches then.

Rene

0 Likes

(Srinivasan C) #8

Hi Rene,
My Understanding is ICMP redirect message is disabled on HSRP enabled Router to avoid instablity
and to maintain the virtual ip address. Please correct me If my understanding is wrong…and also
can you explain and describe the usage of command “standby redirect” ?

Thanks,
Srini

0 Likes

(Rene Molenaar) #9

Hi Srini,

That’s right, by default HSRP disables ICMP redirects but since IOS 12.1(3)T you can enable it.

ICMP redirects are used when a host uses a router as its default gateway while there is a better path. For example, let’s say we have a subnet with one host and two routers; R1 and R2.

R2 has a default route to the Internet, R1 has a default route to R2. When the host uses R1 as its default gateway then R1 will send ICMP redirects to the host to tell it to use R2 instead.

When you would redirect hosts away from your HSRP routers then there’s no point using them…that’s why ICMP redirect is disabled by default.

You can enable ICMP redirect for HSRP with the “standby redirect” command but if you require this, it would be wiser to check your design and make some changes so you don’t require this…

Rene

0 Likes

(Srinivasan C) #10

Hi Rene,
Thanks for your prompt response.
Can we use “interface tracking” command to avoid using “standby redirect command”?

Thanks,
Srini

0 Likes

(Rene Molenaar) #11

Hi Srini,

Interface tracking only helps to deal with upstream interfaces. Here’s an example of what ICMP redirect is about, just imagine that R1 is replaced with two routers running HSRP:

Rene

0 Likes

(Thomas K) #12

Rene,
Hi. Couple questions/validations when you have time.

  1. I know it is best practice to have the HSRP hold timer be at least 3x’s the hello, but I did some lab testing and it appeared to work ok for instance with the hold time 2x’s the hello. Is this expected - is the idea just to have the hold time be large enough to not cause an unnecessary transition and that is what Cisco found to be best practice?
  2. What are the benefits of HSRP v2 over v1 - is it just the increased number of HSRP group numbers supported?
  3. If I have more than two routers that are part of the HSRP group do the remaining routers just stay in listen mode? Up to how many can I have?
  4. It appears that if the HSRP hello and hold timers are mismatched between two routers that are part of the same HSRP group that the router that is “active” dictates the timers that will be used? Is this always the case?

Suggestion - might want to update the command syntax for the ip sla tracking for the “track 1 rtr 1 reachability” with the newer “track 1 ip sla 1 reachability” in the last part of the lesson.

Many thanks
Thomas
5.

0 Likes

(Rene Molenaar) #13

Hi Thomas,

  1. It’s more of a best practice yes. The hold time is basically how long the router waits before it considers the other neighbor to be gone. With 3 hellos, you could miss two and the third hello will reset the hold timer.

  2. There are a couple of improvements. I could type them here but there’s a good Cisco document that describes the changes:
    http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-hsrp-v2.html

  3. There’s no limit on the number of HSRP routers, they will remain in listen mode. Most of the times you will only see two routers though, one active and the other is there in case the first one fails :slight_smile:

  4. The active HSRP router will send the hello and hold timers. The other routers will use these and it overrides whatever they configured locally. It doesn’t cause any errors.

Rene

0 Likes

(Arnel B) #14

Fantastic explanation as usual, thanks Rene! :wink:

0 Likes

(John M) #15

Rene

Could you by any chance please put more of the config in here for this lab. For example at the start of your configurations for Switch A there is only one interface that you give the configurations to! I know some folks have managed to get this fully configured but I think I am seeing some fuzzy areas where a little more of the configuration could help really lock this knowledge down for (at least) for me. Sorry if you sense that I am being a pest!

There is much to be garnered from actually sitting at the command line of live routers and switches and putting in a full configuration. Its my opionion that even if you don’t fully get what you’re doing just the keying in the interfaces helps solidify the entire learning process.

Maybe you can tell me to take a hike yet I know I’d benefit from more keyboard work…

John M

0 Likes

(Rene Molenaar) #16

Hi John,

I just took another look at this lessons and figured I could improve it a bit. I just recreated it with new device names, better interface numbers and there’s a startup + final configuration file for each device. I think this will be helpful, let me know what you think of it :slight_smile:

Rene

0 Likes

(Mohan B) #17

“Want to try this example yourself? Here you will find the startup configuration of each device.”

This is the best thing ever, Please Please include this in all of your examples. Awesome article again Keymaster!!

0 Likes

(Rene Molenaar) #18

Hi Mohan,

Glad to hear you like it. In all new lessons I’m adding the startup + final configurations. I’ll see what I can do for all current posts.

Rene

0 Likes

(Abdelrahman R) #19

Hi Rene,

if I have two WAN interfaces , could I track both of them under HSRP interface as below:

interface Vlan1
 ip address 192.168.1.1 255.255.255.0
 standby 1 ip 192.168.1.254
 standby 1 priority 110
 standby 1 preempt delay minimum 60
 standby 1 timers msec 100 msec 300
 standby 1 track 1 decrement 20
 standby 1 track 2 decrement 30

track 1 interface Ethernet 0 line-protocol
track 2 interface Tunnel1 line-protocol

as the two WAN interfaces are ( Tuneel1: DMVPN Spoke ) and Ethernet 0 ( normal EFM interface ) .

0 Likes

(Abdelrahman R) #20

sorry in above code there is mistake

interface Vlan1
 standby 1 track 2 decrement 30

0 Likes

(Rene Molenaar) #21

Hi Abdelrahman,

Yes that shouldn’t be a problem.

Rene

0 Likes

(Hakam A) #22

Hi Rene
why you said that HSRP v1 support up to 255 group but said the opposite when you talked about vrrp (said vrrp support up to 255 but HSRP up to 16)?

0 Likes

(Rene Molenaar) #23

Hi Hakam,

Where did you see that? I’ll check it.

HSRPv1 should support group number 0-255 and HSRPv2 supports 0-4095. VRRP supports group numbers 1-255, it is limited to 16 addresses per group though.

Rene

0 Likes