Function of spanning-tree: Provide redundancy between Switch A & B through redundant links.
Function of Etherchannel: Make use of those redundant links by bundling them into 1 high-bandwidth link.
Function of redundancy protocols - HSRP, VRRP, GLBP: These are the three protocols that make redundancy happen.
When a path to a router or a switch fails and there a multiple paths (redundant connections) to get to a VLAN, HSRP, VRRP or GLBP can be used. These protocols make the fail-over to the other link. (GLBP additionally can also load-balance).
HSRP: Explanation
-Created by Cisco for Cisco in 1994
-Uses a default hello timer of 3 seconds with a hold timer of 10 seconds.
-HSRP was the 1st of the three protocols and was originally designed for routers back in 94 as L3 switching wasn't rly there back then.
-The ip address 172.30.70.2 and 172.30.70.3 are ip's assigned to the 'interface vlan 70'.
-When I do that, I generate a standby 'virtual ip address' and a'virtual mac address' (VIP - 172.30.70.1 and VMAC - 0000.0c07.ACO1, in this case) that both switches respond to.
-Because HSRP does not load balance like GLBP, only one of the primary routers here will be responding to the virtual ip and mac addresses actively. The other layer 3 switch/es will be on standby and will only become active once the primary goes down.
-The best part is the easy configuration on the clients (server farm in this case) All you have to do there is set the default gateway to 172.30.70.1
-By default, Hello messages are sent every 3 seconds and dead timer is set to 10 seconds. (Not very quick as HSRP was designed for networks in 1994 but the timers are now tunable to VRRP si it can converge just as fast). The only weakness of HSRP is that it's Cisco proprietary.
-The virtual mac-address has a specific structure to it. When you create a standby group, it generates a virtual mac-address with the VIP you specified. This 1st section of this virtual mac-address 0000.0c is the 'Cisco vendor id'. By seeing 07.AC as the 2nd group of digits there, you're going to immediately know that this is HSRP. The last group of digits there - XX (01, in our case) will be the HSRP standby group number. For instance, group 05 would be 05, group 10 would be 0A (in hex).
HSRP: Configuration
Configuring Switch A as the primary and Switch C as the standby:
Step 1: Create Standby Group for the specific VLAN interface & Set Priority.
SA#conf t
SA(config)#int vlan 70
SA(config-vlan)#standby 1 ip 172.30.70.1 (The command 'standby' tells the router you are after HSRP. '1' represents the standby group number that could be anything between 0 to 255. 'ip' followed by the virtual ip-address or the phantom ip-address)
SA(config-vlan)#standby 1 priority 150 (By default each router or L3 switch has a default priority of 100. When it comes to priority, the higher the better. If both priorities are same then it chooses the one with the higher ip-address. Thus in this case since we want SA to be the primary L3 switch, we change it's priority to >100)
At this point we have HSRP configured on Switch A. Now to configure SC.
SC#conf t
SC(config)#int vlan 70
SC(config-vlan)#standby 1 ip 172.30.70.1
(We'll leave the default priority of 100 as we want SA to be the primary L3 switch)
Now if we telnet to 172.30.70.1 we'll log-in to the layer 3 switch - SA.
Step 2: Reassign ip address (default-gateway on clients)
At this point we set the default-gateway to '172.30.70.1' on all clients (server farm, in this case)
That's all there is to the base HSRP configuration - 2 commands.
HSRP: Tuning and Optimizing HSRP
(1) Priority (Done)
(2) Pre empt
(3) Tracking
(4) Timers
(2) Pre-empt: Explanation
Once the failover takes place from the active router (L3switch) to the standby router (L3 switch) when the active router goes down, the standby router remains the active router until the standby router goes down.....
...unless you configure pre-emption (preempt)
Preempt brings SA immediately back as active router once the link is back up, it does not wait for SB to go down.
(2) Pre-empt: Configuration (1 cmd)
SA(config)#int vlan 70
SA(config-vlan)#standby 1 preempt
(3) Tracking: Explanation
Interface tracking says that if an interface (e.g suppose s0/0 on SA is connecting to a router) goes down, it will take away a certain amount from its priority
e.g take away 60 from the priority if fa0/1 goes down, in which case it means 150-60 = 90 so SC will now become the active router/L3 switch because it now has a higher priority of 100)
For this feature to work, preempt needs to be enabled of-course.
(3) Tracking: Configuration
SA(config)#int vlan 70
SA(config-vlan)#standby 1 preempt
SA(config-vlan)#standby 1 track serial 0/0 60 (if s0/0 goes down then decrement by 60)
(4) Timers: Explanation
Timers can be tweaked for HSRP to recover quickly on a failover.
SA(config)#int vlan 70
SA(config-vlan)#standby 1 timers 1 4 (hello timer = 1 sec, dead timer = 4 secs)
We can also beat vrrp timers and put milliseconds for hello and hold timers:
SA(config)#int vlan 70
SA(config-vlan)#standby 1 timers msec 150 msec 700 (A less than a second delay is great as it usually means the delay and downtime is unnoticeable. The drawback to this is that the network bandwidth goes up and more importantly the processor cycle goes up)
Lastly...
Show Command for HSRP:
SA#show standby
No comments:
Post a Comment