Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNP) > Discussions

_Communities

1097 Views 5 Replies Latest reply: Apr 30, 2012 8:58 AM by Elvin Arias RSS

Currently Being Moderated

HSRP Weird Questions:

Apr 27, 2012 12:28 PM

Vijay Swaminathan 491 posts since
Aug 29, 2008

Hi Experts:

 

I would like to following question on HSRP clarified:

 

1. Does HSRP has any limitation on the # of standby in the group??

2. My understanding on HSRP State transition is:

 

Disabled --> Init ---> Listen ---> Speak --> Standby ---> active

 

Is there any possibility that the HSRP Speaking switches can stay at the states INIT (interface down ??)   / LISTEN / SPEAK? and not move to standby / active?

 

3. Any idea why the Virtual IP address configured needed on both active and standby??

 

I labbed it up (ofcourse on GNS3) and following are my observation.....

 

ACTIVE:

 

!

interface Vlan10

ip address 10.10.10.2 255.255.255.0

standby 1 ip 10.10.10.4     >> Configured Virtual IP

standby 1 priority 150

standby 1 preempt

end

 

 

Standby:

 

Current configuration : 99 bytes

!

interface Vlan10

ip address 10.10.10.3 255.255.255.0     >>> Virtual IP not Configured:

standby 1 ip

standby 1 priority 101

end

 

The standby learns Virtual IP from ACTIVE.

 

DSW2#sh standby | i Vir

  Virtual IP address is 10.10.10.4 (learnt)

DSW2#

 

and it is learnt even when the Active is down. Just to illustrate, i shut down the interface on active and the output on standby is shown below:

 

DSW2#sh standby

Vlan10 - Group 1

  State is Active

    8 state changes, last state change 00:00:08

  Virtual IP address is 10.10.10.4 (learnt)

  Active virtual MAC address is 0000.0c07.ac01

    Local virtual MAC address is 0000.0c07.ac01 (v1 default)

  Hello time 3 sec, hold time 10 sec

    Next hello sent in 0.112 secs

  Preemption disabled

  Active router is local

  Standby router is unknown

  Priority 101 (configured 101)

  IP redundancy name is "hsrp-Vl10-1" (default)

DSW2#

 

A ping from Host works

 

HOST#traceroute 1.1.1.1

 

 

Type escape sequence to abort.

Tracing the route to 1.1.1.1

 

 

  1 10.10.10.3 92 msec 8 msec 80 msec   >>> Goes through the standby

  2 10.10.13.1 40 msec *  84 msec

HOST#

 

4. Do the Virtual IP configured on both active and standby have to match??

 

as an example, the following work:

 

Active:

 

interface Vlan10

ip address 10.10.10.2 255.255.255.0

standby 1 ip 10.10.10.4

standby 1 priority 150

standby 1 preempt

end

 

Standby:

interface Vlan10

ip address 10.10.10.3 255.255.255.0

standby 1 ip 10.10.10.1

standby 1 priority 101

standby 1 preempt

 

in the above example, the virtual Ip on both standby and active does not match but still it takes works .. or am I missing something here?

 

topology as given in the thread https://learningnetwork.cisco.com/thread/42347

 

Message was edited by: Vijay Swaminathan

  • JeffA 20 posts since
    Feb 28, 2010
    Currently Being Moderated
    1. Apr 27, 2012 9:29 PM (in response to Vijay Swaminathan)
    Re: HSRP Weird Questions:

    Vijay-

    1.  I believe HSPR v1 is limited to 16 group numbers.  I understand you can use a group number multiple times (in different vlans) but the max # of different group numbers is 16.  In v2, I believe the limit is increased to 4096.

     

    2. not sure.

     

    3. interesting, I didn't know that.

     

    4. I can't think of a reason why one wouldn't want the active and standby to have the same VIP.  I think the whole idea behind a VIPs is to ensure a specific IP (e.g. a default gateway) would still be reachable if the active router went down and the standby took over.  In your example, if the active router went down, clients with a default gateway of 10.10.10.1 would no longer have a DGW.   HTH

  • BIGEVIL 347 posts since
    Jun 28, 2008
    Currently Being Moderated
    4. Apr 30, 2012 7:23 AM (in response to Vijay Swaminathan)
    Re: HSRP Weird Questions:

    Some interesting points that you have raised Vijay -

     

    In amswer to the first question (number of groups) that is platform dependant.

     

    (config-if)#standby ?

      <0-255>         group number

     

    This is taken from a 2900 (but i tested this on a few boxes) i did once see a 6513 hit a limit on groups but cannot think of what that limit was off hand.

    In your last post - i belive that once the timers expire it will go to standby. As you know for this to become the active and take over from the current active you would have to have preempt cmd on. I never get the chance you have three boxes using HSRP and mostly only see two.

  • Elvin Arias 1,855 posts since
    Mar 12, 2010
    Currently Being Moderated
    5. Apr 30, 2012 8:58 AM (in response to Vijay Swaminathan)
    Re: HSRP Weird Questions:

    Firstable the HSRP states are listed as follows:

     

    Disable

    Init

    Learning

    Listening

    Speak

    Standby

    Active

     

    If you need further help and explanations about ALL the states, i'll help, but now let's go to the other part. HSRP can have different problem situations that you should know for production enviroments, and one of the first situations is when the Virtual IPs (VIPs) are different. As you know HSRP uses a group number in order to identify the segment, but the messages are identified by the VIP address sended inside the HSRP packet by the active router (yes, the only router who sends the packet with the actual VIP identifying the HSRP packet is the active router). But what if we have this non-symetric VIPs? Well, the answer is easy, you should receive a log message with the folloing descriptions:

     

    %HSRP-4-DIFFVIP1: FastEthernet0/0 Grp 1 active routers virtual IP address 10.12.12.253 is different to the locally configured address 10.12.12.254

     

    In this case the local router (which is the standby) is complaining about the difference between the locally configured VIP address (10.12.12.254), and the VIP of the active router (which is 10.12.12.253). You will have communication problems, because if you try to ping the standby address (10.12.12.254) you will not be able to reach it. A way to reach it is to set the 10.12.12.254 router as the active for the segment, but in this case the 10.12.12.253 will not be reached by the client. This process will indefinetly go until you solve the problem.

     

    What about the client perspective? Imagine that the client is configured with the active 10.12.12.253 VIP address, and this router fail for some reason, in this case (as you might thinking) the clients will be configured with the 10.12.12.253 IP as the default gateway, but now the active address is the 10.12.12.254, and the client will have trouble to connect to the outside, since it's exit IP address is different from the the new active router's IP address due a misconfiguration problem.

     

    Elvin

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)