[nsp] HSRP and VLANs

Robert Larsen robert.larsen at ntlworld.com
Tue Dec 16 11:08:28 EST 2003


There's nothing that says the VIP has to be in the same subnet as the
physical interface addresses, so yes, you can use RFC1918 addresses as the
two physical interface addresses, and the VIP is then simply taken from the
customer's public assigned subnet.  This way you don't use any extra IP
addresses from the customers public space.

The two routers see eachother on their private address space for the HSRP
(or VRRP) hello mechanism.

Regards,

Rob.

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of jlewis at lewis.org
Sent: 16 December 2003 14:18
To: Marco Matarazzo
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] HSRP and VLANs


On Tue, 16 Dec 2003, Marco Matarazzo wrote:

> > As I understand it, you need at least 3 IPs to do HSRP for one 
> > subnet or VLAN.  One IP for each physical interface on the router 
> > and one virtual IP which becomes the host's default gateway.  By the 
> > sounds of it, you may need to expand the subnets for each of those 
> > 50 VLANs (if you have promised each customer in the vlan 6 or 14 
> > usable IP addresses, depending) for each  .  I don't know if you can 
> > do unnumbered HSRP.

I haven't tried this, but what if you put the real IPs in a different 
subnet (maybe even RFC1918 IPs) and the standby IP in the customer's 
subnet?

> Good point Jason! But I wonder how one can deliver a point to point 
> connection (I also have a couple of BGP downstreams) with a  /30, and 
> have redundancy... there should been something we missed! At least I 
> hope so! :)

If you mean a PTP T1 or other similar connection, PTP implies there are 
only 2 devices connected.  If you mean a vlan where you used a /30 to give 
yourself (gateway) 1 IP, and the customer 1 IP, then maybe the above idea 
would work.

Is there a limit (other than the number of VLANs a router can support) on 
the number of standby IPs that can be configured?
 
----------------------------------------------------------------------
 Jon Lewis *jlewis at lewis.org*|  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |  
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list