[nsp] HSRP 6500/SUP2
Dale.Francis at barclayscapital.com
Dale.Francis at barclayscapital.com
Tue Sep 23 15:27:43 EDT 2003
Pavan,
Some corrections below:
This is true it will use group 0 if no group specified but its also a fact
that Cisco. IOS does not give you a warning if you do not specify a group
number and you pass the limit, we run approx 40 HSRP groups on our one
switch with no problem and configuring this did not raise any issues.
If you have 16 HSRP groups per interface then that is a limitation, the only
limitation is the you can have 16 UNIQUE groups systems wide or on a single
interface, so if you use group 0 then its not unique as they share the same
Virtual MAC, which if you look in the switch CAM table you will see this
same MAC for every instance of VLAN.
The only issue of using the same MAC/Group on all interfaces is with 3rd
party vendors that do not have a MAC table per VLAN, i.e. if it's a system
wide CAM table.
Below is an example config in a LAB of more than 16 HSRP's running on
12.1(8a)E5
Interface Grp Prio P State Active addr Standby addr Group addr
Vl10 0 100 P Standby 30.96.100.62 local 30.96.100.60
Vl20 0 110 P Active local 30.96.100.94 30.96.100.92
Vl30 0 110 P Active local 30.96.100.126
30.96.100.124
Vl40 0 100 P Standby 30.96.100.158 local
30.96.100.156
Vl90 0 110 Active local 10.0.0.10 10.0.0.14
Vl160 0 110 Active local 141.228.67.93
141.228.67.94
Vl200 0 100 Standby 200.1.1.254 local 200.1.1.1
Vl201 0 110 Active local 201.1.1.254 201.1.1.1
Vl202 0 100 Standby 202.1.1.254 local 202.1.1.1
Vl203 0 110 Active local 203.1.1.254 203.1.1.1
Vl204 0 100 Standby 204.1.1.254 local 204.1.1.1
Vl205 0 110 Active local 205.1.1.254 205.1.1.1
Vl206 0 100 Standby 206.1.1.254 local 206.1.1.1
Vl207 0 110 Active local 207.1.1.254 207.1.1.1
Vl208 0 100 Standby 208.1.1.254 local 208.1.1.1
Vl209 0 110 Active local 209.1.1.254 209.1.1.1
Vl210 0 100 Standby 210.1.1.254 local 210.1.1.1
Vl211 0 110 Active local 211.1.1.254 211.1.1.1
Also please look at this:
http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_qanda
_item09186a008011c6bb.shtml
Adios
-----Original Message-----
From: Pavan Reddy [mailto:pavan at mindspring.com]
Sent: 23 September 2003 13:50
To: Dale.Francis at barclayscapital.com
Cc: cisco-nsp at puck.nether.net
Subject: RE: [nsp] HSRP 6500/SUP2
Charles/Dale - just to clarify:
You might be able to run more than 16 distinct groups on a Sup2/MSFC2 but:
a) IOS will give you a warning
b) IOS might not let you configre the add'l groups depending on version of
code
c) if IOS does let you configure the add'l groups, packets forwarded to the
17th+ groups' HSRP mac addresses are not HW-switched.
Don't believe group names have anything to do with this limit. If you don't
specify a standby group, you are actually using group 0.
Pavan
> -----Original Message-----
> From: Dale.Francis at barclayscapital.com
> [mailto:Dale.Francis at barclayscapital.com]
> Sent: Tuesday, September 23, 2003 5:42 AM
> To: pavan at mindspring.com
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [nsp] HSRP 6500/SUP2
>
>
> You can run more than 16 groups, as long as you do not give them group
> names, as stated below the group number becomes part of the MAC HSRP
> group address for example group 1 would be 0000.0c07.ac01 and group 2
> would be 0000.0c07.ac02.
>
> So as long as you can handle the virtual MAC being the same across all
> vlans then you will be ok to configure multiple instances of HSRP with
> NO group numbers.
>
> From the switches point of view you will have this same VMAC per VLAN
> in the system CAM table as per the following example:
>
> sh cam sys 601
> * = Static Entry. + = Permanent Entry. # = System Entry. R = Router
> Entry. X = Port Security Entry $ = Dot1x Security Entry
>
> VLAN Dest MAC/Route Des [CoS] Destination Ports or VCs / [Protocol
> Type]
> ---- ------------------ -----
> -------------------------------------------
> 601 00-00-0c-07-ac-00 R# 15/1
> 601 00-05-5f-50-4b-fc R# 15/1
>
>
> Regards
>
>
> -----Original Message-----
> From: Pavan Reddy [mailto:pavan at mindspring.com]
> Sent: 23 September 2003 09:14
> To: Charles Von Dartmooth
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [nsp] HSRP 6500/SUP2
>
>
> You can use the same HSRP group on each vlan...
>
> Each vlan will only have 2 hsrp speakers (your 2 msfc's) right?
>
> Then no problem - HSRP group just specifies the HSRP mac.
>
> The HSRP mac (or any mac for that matter) doesn't need to be unique
> across vlans...
>
> Pavan
>
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net
> > [mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Charles Von
> > Dartmooth
> > Sent: Monday, September 22, 2003 4:33 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [nsp] HSRP 6500/SUP2
> >
> >
> > Greetings,
> >
> > I am interested in setting up HSRP with 2 6500
> > SUP2-MSFC2 which provider L3 connectivity for a lan enviornment to
> > the rest of the network. There are a few hundered VLANs setup. Given
> > the 16 group limitation on the SUP2, what is the best way to set it
> > up so that redudancy can be provided to each individual VLAN without
> > effecting the rest of them? (IE I wish to shutdown 1 vlan on 1
> > switch, without the other taking over for all the rest.) How are the
> > VLANs tied toghter if I use 1 group for all?
> >
> > TIA, Charles
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! SiteBuilder - Free, easy-to-use web site design software
> > http://sitebuilder.yahoo.com
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> ----------------------------------------------------------------------
> --
> For more information about Barclays Capital, please
> visit our web site at http://www.barcap.com.
>
>
> Internet communications are not secure and therefore the Barclays
> Group does not accept legal responsibility for the contents of this
> message. Although the Barclays Group operates anti-virus programmes,
> it does not accept responsibility for any damage whatsoever that is
> caused by viruses being passed. Any views or opinions presented are
> solely those of the author and do not necessarily represent those of
> the Barclays Group. Replies to this email may be monitored by the
> Barclays Group for operational or business reasons.
>
> ----------------------------------------------------------------------
> --
>
More information about the cisco-nsp
mailing list