[c-nsp] standby use-bia?

Bruce Pinsky bep at whack.org
Wed Dec 1 19:13:39 EST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jon Lewis wrote:
| We ran into an issue recently where an HSRP switchover happened and a
| bunch of our L3 switches either didn't get or didn't act on the gratuitous
| arp the active router is supposed to send when it's configured with
| use-bia and goes active.  This got me thinking about ways around having
| the HSRP group members having different MAC addresses.
|
| The limitation we have is that the VIP2s in our 7500s only have a 32 addr
| AF.  What's the limit on VIP4?  I haven't been able to find that anywhere?
|
| While looking into this, I noticed that there is "standby [group #]
| mac-addr xxxx.xxxx.xxxx" command.  Assuming an FE or Portchannel has lots
| of subinterfaces, each of which is doing HSRP with one or more other
| routers, but there's only one HSRP group per VLAN, is there any reason I
| can't use "standby [group #] mac-addr" to make all the HSRP virtual MAC
| addresses the same?...using either a made up MAC address or perhaps an
| actual MAC address from one of the routers, and use that same MAC as the
| configured virtual MAC address on all the HSRP member routers?
|

Just for fun I tried what you suggested.  Here's the config I used:

interface FastEthernet2/1.1
~ encapsulation dot1Q 100
~ ip address 100.100.100.99 255.255.255.0
~ no ip redirects
~ standby ip 100.100.100.100
~ standby mac-address 0000.1111.2222
!
interface FastEthernet2/1.2
~ encapsulation dot1Q 200
~ ip address 200.200.200.99 255.255.255.0
~ no ip redirects
~ standby 1 ip 200.200.200.200
~ standby 1 mac-address 0000.1111.2222

The only gotcha was that each subinterface needed to have a unique standby
group when being configured:

RSP16(config-subif)#int fa 2/1.2
RSP16(config-subif)#standby ip 200.200.200.200
% FastEthernet2/1.2: Must use unique standby group number for each logical
% interface that is a member of the same physical interface.

RSP16(config-subif)#standby mac-address 0000.1111.2222
% FastEthernet2/1.2: Must use unique standby group number for each logical
% interface that is a member of the same physical interface.

But by adding a unique group number, I was able to get the following:

RSP16#sh ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  200.200.200.200         -   0000.1111.2222  ARPA   FastEthernet2/1.2
Internet  100.100.100.100         -   0000.1111.2222  ARPA   FastEthernet2/1.1
Internet  100.100.100.99          -   0002.7dd2.5841  ARPA   FastEthernet2/1.1
Internet  200.200.200.99          -   0002.7dd2.5841  ARPA   FastEthernet2/1.2


And I think that as long as your switches can support seeing the same MAC
address in different VLANs (some lower end switches can't), then it
shouldn't cause you any trouble that I can think of off the top of my head.

You will of course be limited to 256 subinterfaces per physical interface
since the standby group number range is only 0->255.

- --
=========
bep

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)

iD8DBQFBrl4yE1XcgMgrtyYRAmfGAKC2CfttzZ9ZDVJDApiivRdH75U9pQCglPJ7
GTPGJf+2OSCvcbcgM/RTUTM=
=Mj42
-----END PGP SIGNATURE-----

More information about the cisco-nsp mailing list