In that diagram the links between the distribution and the access layer are Layer 2, with the inter-distribution link being Layer 3. This means that both distribution switches must have all of the access VLANs defined on them, and here is why....
This is typically referred to as a V-topology, since given the two distribution switches and any particular access switch, the L2 links form a V. HSRP communicates across multicasts for it's hellos, which will be propogated from the active distro switch down to the access switch and then subsequently will be forwarded up to the standby distro switch.
The idea behind the V topology is that if either the active distro switch or the link to the active distro switch goes down, the standby will notice the drop of hellos and will grat-arp the virtual MAC for the VIP and will then start forwarding traffic.
Does that make more sense? if not please let me know and we can try and clear up any other particular points.
Travis, yes then my second part:
If right distribution switch DOES have VLAN 20 as well, then in case of this failure between D and A on left side, both distribution switches will be Active for VLAN 20 (they will both lose HSRP hellos in VLAN 20). So the returning traffic might come on the wrong left side and be then dropped (directly connected VLAN20 down).
Am I right this can/will happen?
Both Distribution switches will have all of the VLANs - that is how this works. If you don't have the VLANs on both switches, you cannot fail over for L2 forwarding.
Yes, there is a failure potential. You can resolve that by tracking the uplink port for that access switch under the VLAN, so that if the port goes down, the SVI goes down as well.
Well tracking would not help as it works by comparing self tracked priority to the priority of other HSRP member and this will be missing in this scenario.
In other words D would only decrease priority and that's it. It would be still Active with decreased priority and SVI 20 would not be shutted down.
Just to be on a same page, in posted figure:
-consider uplink from left A to left D fails - VLAN 20 affected
-left D and right D are at the moment both active for VLAN 20
-on Core there is traffic returning to host within VLAN 20
-Core sees summarized routes from both D
-Core selects left D to send this traffic on
SVI 20 should be down/down now - so traffic destined to VLAN 20 should be dropped. But if this is it, there is no real redundancy with this L3 interlink approach.
Todd, I think you misunderstood me. I meant using EOT : http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/fthsrptk.html
By tracking the link state/line status of the local uplink on the distros, you can then shut down the SVI if the physical link goes down. This then avoids the black hole issue if the SVI was being routed to dynamically.
With that said, any time you summarize you run the risk of black holing traffic, regardless of HSRP. I would not advocate summarization in this case for obvious reason which you've discovered.
With a L2 link between the distribution switches, you have to rely on STP (whatever variant you are running), and that adds another caveat to bring up. STP root has to be where the HSRP Active(primary) will be, and when HSRP fails over, STP should as well.
With that said, with the L3 link between the devices, you avoid the STP issue and rely on EIGRP. Cisco has done studies(whcih I'd have to look up to find, but I can if you'd like) that says for typical campus design, routed to the access via EIGRP with tuned timers results in quicker convergence than even the best deployment of RPVST+(or any other L3 protocol for that matter).
FWIW the project I'm currently on, we're routing all the way to the access layer in the campus, so EIGRP controls it all. Say hello to equal cost load balancing by default.
Today had a chance to lab this on real switches. Well when VLAN is down HSRP tied with this SVI is down as well (well it's logical after all). So right D is then getting route via routing protocol running over interlink. Therefore this design is proven to be usable now.
States on right D would be:
HSRP: Init unknown/unknown