[c-nsp] HSRP vs VRRP

[Andrew Fort]

Gert Doering wrote:

> HSRP works for us, for certain values of "work" - one of the problems
> that neither HSRP nor VRRP is ever going to solve is "split switches",
> like if the link between sw1 and sw2 breaks, both R1 and R2 assume they are
> "master", but for packets coming in from "the world", only one of the
> routers will be able to deliver, and that's not something you can control
> via HSRP/VRRP.
> 
> Furthermore, HSRP will necessarily lead to asymmetric traffic (packets
> entering the HSRP slave from "other" interfaces will always be sent to
> the link, even if it knows that the traffic is asymmetric) - which might
> be a problem, or might be not.  I find that unelegant, something like
> "if HSRP slave, make interface invisible for IP processing" (withdraw
> static and connected routes) would be much nicer in the face of stateful
> packet filtering, and so on.

hear, hear, and you'd think all simple enough things to fix (no protocol 
hacks required for the second bit, maybe an interaction with BFD 
required to trigger state for the first).

cisco (implicitly) encourage you to buy two of everything 'for 
redundancy', and then you can't build the architectures to match!

yes, i jest.  but only just.

-andrew