HSRP (Hot Standby Routing Protocol)

Lessons Discussion
206

Hello Paul

That’s a very interesting experiment you performed, and it’s very useful for all of our readers. So it seems that when you issue the shutdown command, the router sends a resign packet before it actually goes down. This causes the standby router to assume the active role. This behavior is not standardized, and you may see slightly different behaviors in different model devices.

Now if instead of shutting down the interface you simply unplugged the port, you would not see a resign packet, and you would likely need to have the hold time expire before the standby router becomes active. Such an experiment would be more appropriate with real devices, I don’t know how a device in CML would react to the disconnection of a link like that. If you do try it out let us know.

I hope this has been helpful!

Laz

207

Dear Lazarus,

I have some doubts on HSRP design when using two cases.

Case 1 : Using hsrp on both the distribution switches and connect these two distribution switches with L2 link.
And downstream switches are access layer switches.

Case 2: Using hsrp on both the distribution switches and connect these two distribution switches with L3 link.
And downstream switches are access layer switches.

Could you please make me understand what are the advantages and disadvantages on the above designs traditionally.

Because when I use case 1 in my design.
Whenever I make SVI interface shutdown on primary switch the end user pc will not able to reach gateway even the secondary switch is still operational.

I see stp is blocking the backup link with blk port. How can I overcome this issue by forwarding the traffic even when the primary SVI is going down manually as shutdown.

Please advise on this.

Thanks…
Mahesh

208

Hello Maheshwaran

HSRP, like all First Hop Redunandcy Protocols (FHRPs) is designed to be used to provide redundant gateways for end-user devices. So if you do deploy HSRP at the Distribution Layer, you must make sure that your connection to your Access switches is only via Layer 2. It should look something like this:

image
image733×535 43 KB

Now having said that, should your connection between the distribution switches be an L2 connection or an L3 connection? Well, it depends. :slight_smile: Both will actually work. The important thing here is to have a path between the two switches so that the SVIs on which you’ve configured HSRP can communicate. Those SVIs should be on the same Layer 2 segment.

Case 1: If you have an L2 link between the switches, and make it a trunk, and you have included the VLANs on which the SVIs using HSRP reside, then HSRP messages will be sent directly over that L2 link like so:

image
image675×530 89.3 KB

Case 2: If you have an L3 link between the switches, that link cannot be used to exchange HSRP messages. However, the SVIs will still be able to communicate over the L2 links with the access switches like so:
image
image697×515 90.6 KB

Which should you choose? Well, that depends. Both will work, but if you choose case 1, you are creating a Layer 2 loop, and thus STP will block one of the ports to prevent the loop. This may result in what you are seeing, a blocked port leading to the redundant gateway. This is why you must ensure that STP priorities are set so that the active HSRP switch becomes the STP root bridge and the standby becomes the secondary root bridge.

If you choose case 2, you don’t have issues with STP, since the L3 link between the switches prevents the creation of a Layer 2 loop. But this results in fewer redundant links (i.e. the link between the switches), so there is a tradeoff.

Adjust the STP root bridge priorities accordingly and see your results, and let us know.

I hope this has been helpful!

Laz

1 Like