[nsp] HSRP 6500/SUP2

Dale.Francis at barclayscapital.com Dale.Francis at barclayscapital.com
Tue Sep 23 15:27:43 EDT 2003 

Pavan,

Some corrections below:

This is true it will use group 0 if no group specified but its also a fact
that Cisco. IOS does not give you a warning if you do not specify a group
number and you pass the limit, we run approx 40 HSRP groups on our one
switch with no problem and configuring this did not raise any issues.

If you have 16 HSRP groups per interface then that is a limitation, the only
limitation is the you can have 16 UNIQUE groups systems wide or on a single
interface, so if you use group 0 then its not unique as they share the same
Virtual MAC, which if you look in the switch CAM table you will see this
same MAC for every instance of VLAN.

The only issue of using the same MAC/Group on all interfaces is with 3rd
party vendors that do not have a MAC table per VLAN, i.e. if it's a system
wide CAM table.

Below is an example config in a LAB of more than 16 HSRP's running on
12.1(8a)E5

Interface   Grp Prio P State    Active addr     Standby addr    Group addr
Vl10        0   100  P Standby  30.96.100.62    local           30.96.100.60
Vl20        0   110  P Active   local           30.96.100.94    30.96.100.92
Vl30        0   110  P Active   local           30.96.100.126
30.96.100.124
Vl40        0   100  P Standby  30.96.100.158   local
30.96.100.156
Vl90        0   110    Active   local           10.0.0.10       10.0.0.14
Vl160       0   110    Active   local           141.228.67.93
141.228.67.94
Vl200       0   100    Standby  200.1.1.254     local           200.1.1.1
Vl201       0   110    Active   local           201.1.1.254     201.1.1.1
Vl202       0   100    Standby  202.1.1.254     local           202.1.1.1
Vl203       0   110    Active   local           203.1.1.254     203.1.1.1
Vl204       0   100    Standby  204.1.1.254     local           204.1.1.1
Vl205       0   110    Active   local           205.1.1.254     205.1.1.1
Vl206       0   100    Standby  206.1.1.254     local           206.1.1.1
Vl207       0   110    Active   local           207.1.1.254     207.1.1.1
Vl208       0   100    Standby  208.1.1.254     local           208.1.1.1
Vl209       0   110    Active   local           209.1.1.254     209.1.1.1
Vl210       0   100    Standby  210.1.1.254     local           210.1.1.1
Vl211       0   110    Active   local           211.1.1.254     211.1.1.1

Also please look at this:

http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_qanda
_item09186a008011c6bb.shtml

Adios


-----Original Message-----
From: Pavan Reddy [mailto:pavan at mindspring.com] 
Sent: 23 September 2003 13:50
To: Dale.Francis at barclayscapital.com
Cc: cisco-nsp at puck.nether.net
Subject: RE: [nsp] HSRP 6500/SUP2


Charles/Dale - just to clarify:

You might be able to run more than 16 distinct groups on a Sup2/MSFC2 but:
a) IOS will give you a warning
b) IOS might not let you configre the add'l groups depending on version of
code
c) if IOS does let you configure the add'l groups, packets forwarded to the
17th+ groups' HSRP mac addresses are not HW-switched.

Don't believe group names have anything to do with this limit.  If you don't
specify a standby group, you are actually using group 0.

Pavan

> -----Original Message-----
> From: Dale.Francis at barclayscapital.com 
> [mailto:Dale.Francis at barclayscapital.com]
> Sent: Tuesday, September 23, 2003 5:42 AM
> To: pavan at mindspring.com
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [nsp] HSRP 6500/SUP2
>
>
> You can run more than 16 groups, as long as you do not give them group 
> names, as stated below the group number becomes part of the MAC HSRP 
> group address for example group 1 would be 0000.0c07.ac01 and group 2 
> would be 0000.0c07.ac02.
>
> So as long as you can handle the virtual MAC being the same across all 
> vlans then you will be ok to configure multiple instances of HSRP with 
> NO group numbers.
>
> From the switches point of view you will have this same VMAC per VLAN 
> in the system CAM table as per the following example:
>
>  sh cam sys 601
> * = Static Entry. + = Permanent Entry. # = System Entry. R = Router 
> Entry. X = Port Security Entry $ = Dot1x Security Entry
>
> VLAN  Dest MAC/Route Des    [CoS]  Destination Ports or VCs / [Protocol
> Type]
> ----  ------------------    -----
> -------------------------------------------
> 601   00-00-0c-07-ac-00 R#          15/1
> 601   00-05-5f-50-4b-fc R#          15/1
>
>
> Regards
>
>
> -----Original Message-----
> From: Pavan Reddy [mailto:pavan at mindspring.com]
> Sent: 23 September 2003 09:14
> To: Charles Von Dartmooth
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [nsp] HSRP 6500/SUP2
>
>
> You can use the same HSRP group on each vlan...
>
> Each vlan will only have 2 hsrp speakers (your 2 msfc's) right?
>
> Then no problem - HSRP group just specifies the HSRP mac.
>
> The HSRP mac (or any mac for that matter) doesn't need to be unique 
> across vlans...
>
> Pavan
>
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net 
> > [mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Charles Von 
> > Dartmooth
> > Sent: Monday, September 22, 2003 4:33 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [nsp] HSRP 6500/SUP2
> >
> >
> > Greetings,
> >
> >  I am interested in setting up HSRP with 2 6500
> > SUP2-MSFC2 which provider L3 connectivity for a lan enviornment to 
> > the rest of the network. There are a few hundered VLANs setup. Given 
> > the 16 group limitation on the SUP2, what is the best way to set it 
> > up so that redudancy can be provided to each individual VLAN without 
> > effecting the rest of them? (IE I wish to shutdown 1 vlan on 1 
> > switch, without the other taking over for all the rest.) How are the 
> > VLANs tied toghter if I use 1 group for all?
> >
> > TIA, Charles
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! SiteBuilder - Free, easy-to-use web site design software 
> > http://sitebuilder.yahoo.com 
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> ----------------------------------------------------------------------
> --
> For more information about Barclays Capital, please
> visit our web site at http://www.barcap.com.
>
>
> Internet communications are not secure and therefore the Barclays 
> Group does not accept legal responsibility for the contents of this 
> message.  Although the Barclays Group operates anti-virus programmes, 
> it does not accept responsibility for any damage whatsoever that is 
> caused by viruses being passed.  Any views or opinions presented are 
> solely those of the author and do not necessarily represent those of 
> the Barclays Group.  Replies to this email may be monitored by the 
> Barclays Group for operational or business reasons.
>
> ----------------------------------------------------------------------
> --
>

More information about the cisco-nsp mailing list